function _init() { if ($this->action == "modify" && strtolower($this->pwService['REQUEST_METHOD']) == "post") { $this->_modify(); ObHeader($this->jump); } if ($this->action == "delete" && strtolower($this->pwService['REQUEST_METHOD']) == "get") { $this->_delete(); ObHeader($this->jump); } }
} $db->update("INSERT INTO pw_topiccate" . " SET " . pwSqlSingle(array('name' => $name, 'ifable' => $ifable, 'vieworder' => $vieworder))); $cateid = $db->insert_id(); $db->update("INSERT INTO pw_topicmodel" . " SET " . pwSqlSingle(array('name' => getLangInfo('other', 'pc_defaultmodel'), 'cateid' => $cateid, 'vieworder' => 0, 'ifable' => 1))); $modelid = $db->insert_id(); $charset = $db->charset; $createsql = "CREATE TABLE " . $PW . "topicvalue" . $modelid . " (tid mediumint(8) unsigned NOT NULL,fid SMALLINT(6) UNSIGNED NOT NULL ,ifrecycle TINYINT(1) NOT NULL default 0,PRIMARY KEY (tid))"; if ($db->server_info() >= '4.1') { $extra = " ENGINE=MyISAM" . ($charset ? " DEFAULT CHARSET={$charset}" : ''); } else { $extra = " TYPE=MyISAM"; } $createsql = $createsql . $extra; $db->query($createsql); updatecache_topic(); ObHeader("{$basename}&action=editmodel&cateid={$cateid}"); } } elseif ($action == 'edittopic') { if (empty($_POST['step'])) { $selectmodel = ''; extract($db->get_one("SELECT cateid,name,ifable,vieworder,ifdel FROM pw_topiccate WHERE cateid=" . pwEscape($cateid))); $query = $db->query("SELECT name,modelid,cateid,ifable FROM pw_topicmodel WHERE cateid=" . pwEscape($cateid)); while ($rt = $db->fetch_array($query)) { $checked = ''; if ($rt['ifable']) { $checked = 'checked'; } $selectmodel .= "<span class=\"mr15 w fl\"><input style=\"vertical-align:middle;\" type=\"checkbox\" class=\"input\" name=\"modelid[{$rt['modelid']}]\" value=\"{$rt['ifable']}\" {$checked}>{$rt['name']}</span>"; } ifcheck($ifable, 'ifable'); include PrintEot('topiccate');
Showmsg('undefined_action'); } //* include_once pwCache::getPath(D_P.'data/bbscache/ol_config.php'); pwCache::getData(D_P . 'data/bbscache/ol_config.php'); if (!$ol_onlinepay) { Showmsg($ol_whycolse); } $grouptitle = $rt['grouptitle']; $order_no = '1' . str_pad($winduid, 10, "0", STR_PAD_LEFT) . get_date($timestamp, 'YmdHis') . num_rand(5); $db->update("INSERT INTO pw_clientorder SET " . S::sqlSingle(array('order_no' => $order_no, 'type' => 3, 'uid' => $winduid, 'paycredit' => $gid, 'price' => $rt['sright']['rmbprice'], 'number' => $days, 'date' => $timestamp, 'state' => 0, 'extra_1' => $options))); if (!$ol_payto) { Showmsg('olpay_alipayerror'); } require_once R_P . 'require/onlinepay.php'; $olpay = new OnlinePay($ol_payto); ObHeader($olpay->alipayurl($order_no, round($rt['sright']['rmbprice'] * $days, 2), 3)); } if (md5($pwpwd) != $mb['password']) { Showmsg('password_error'); } if ($rt['sright']['sellprice'] <= 0) { Showmsg('undefined_action'); } $needcur = $days * $rt['sright']['sellprice']; $cur = $credit->get($winduid, $rt['sright']['selltype']); if ($cur === false) { Showmsg('numerics_checkfailed'); } if ($cur < $needcur) { Showmsg('noenough_currency'); }
require_once R_P . 'require/credit.php'; $o_photos_creditset = unserialize($o_photos_creditset); $creditset = getCreditset($o_photos_creditset['Deletephoto'], false); $creditset = array_diff($creditset, array(0)); foreach ($creditset as $key => $value) { $moneyName = $credit->cType[$key]; $unit = $credit->cUnit[$key]; $creditPops .= $value . $unit . $moneyName . ","; } $deletePhotoCredit = $creditset ? '删除照片会扣除积分:' . $creditPops . '继续吗?' : '是否确认删除?'; list($photo, $nearphoto, $prePid, $nextPid) = $result; $isown = $photo['ownerid'] == $winduid ? '1' : '0'; if (!$isown) { //转跳处理 $url = $db_bbsurl . "/apps.php?q=photos&a=view&pid=" . $pid . "&uid=" . $photo['ownerid']; ObHeader($url); } $u = $photo['ownerid']; $username = $photo['owner']; $aid = $photo['aid']; $page = (int) S::getGP('page'); $page < 1 && ($page = 1); $url = $basename . 'a=view&pid=' . $pid; $url .= $ifriend == 1 ? '&ifriend=' . $ifriend . '&' : '&'; require_once R_P . 'require/bbscode.php'; list($commentdb, $subcommentdb, $pages) = getCommentDbByTypeid('photo', $pid, $page, $url); $comment_type = 'photo'; $comment_typeid = $pid; $ouserdataService = L::loadClass('Ouserdata', 'sns'); /* @var $ouserdataService PW_Ouserdata */ $myOuserData = $ouserdataService->get($photo['ownerid']);
$memberdb['ifpay'] != 1 && Showmsg('act_refund_error'); //支付宝支付成功才能退款 if (!$memberdb['refundcost'] || !preg_match("/^(([1-9]\\d*)|0)(\\.\\d{0,2})?\$/", $memberdb['refundcost']) || $memberdb['refundcost'] > number_format($memberdb['totalcash'] - $tempcost, 2, '.', '')) { //费用错误、超出剩余费用 Showmsg('act_refund_cash_error'); } $refundcost = number_format($memberdb['refundcost'], 2, '.', ''); //退款金额 $defaultValueTableName = getActivityValueTableNameByActmid(); $defaultValue = $db->get_one("SELECT user_id,paymethod,endtime FROM {$defaultValueTableName} WHERE tid=" . S::sqlEscape($tid)); $defaultValue['endtime'] + 30 * 86400 < $timestamp && Showmsg('act_endtime_toolong'); //结束时间后一个月,>0 则可以操作,< 0无法操作 $defaultValue['paymethod'] != 1 && Showmsg('act_toalipay_paymethod'); //支付宝支付才能退款 $param = array('out_trade_no' => $memberdb['out_trade_no'], 'operator_id' => $defaultValue['user_id'], 'refund_fee' => $refundcost, 'notify_url' => "{$db_bbsurl}/act_alipay_receive.php", 'return_url' => "{$db_bbsurl}/read.php?tid={$tid}"); ObHeader($AlipayInterface->alipayurl($param)); } /** * 生成随机码 * @param int $len 位数 * @param string 随机串 */ function generatestr($len) { mt_srand((double) microtime() * 1000000); $keychars = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWYXZ"; $maxlen = strlen($keychars) - 1; $str = ''; for ($i = 0; $i < $len; $i++) { $str .= $keychars[mt_rand(0, $maxlen)]; }
/*删除静态*/ $htmurl = $db_htmdir . '/' . $dfid . '/' . get_date('ym', $threaddb['postdate']) . '/' . $dtid . '.html'; if (file_exists(R_P . $htmurl)) { P_unlink(R_P . $htmurl); } } //* P_unlink(D_P.'data/bbscache/c_cache.php'); pwCache::deleteData(D_P . 'data/bbscache/c_cache.php'); adminmsg('operate_success', "{$admin_file}?adminjob=superdel&admintype=article&action={$action}&fid={$_POST['fid']}&tid={$_POST['tid']}&pstart={$pstart}&pend={$pend}&author=" . rawurlencode($author) . "&keyword=" . rawurlencode($keyword) . "&userip={$userip}&tcounts={$tcounts}&counts={$counts}&nums={$nums}&ptable={$ptable}&page={$page}"); } } elseif ($action == 'view') { S::gp(array('tid', 'pid')); $pw_posts = GetPtable('N', $tid); $rt = $db->get_one("SELECT COUNT(*) AS sum FROM {$pw_posts} WHERE tid=" . S::sqlEscape($tid) . 'AND pid<' . S::sqlEscape($pid)); $page = ceil(($rt['sum'] + 1.5) / $db_readperpage); ObHeader("read.php?tid={$tid}&page={$page}#{$pid}"); } } elseif ($admintype == 'message') { $basename = "{$admin_file}?adminjob=superdel&admintype=message"; $messageServer = L::loadClass('message', 'message'); if (empty($action)) { include PrintEot('superdel'); exit; } elseif ($action == 'del') { S::gp(array('stime', 'etime', 'fromuser', 'keyword', 'lines', 'direct', 'page')); if (!empty($fromuser)) { $userService = L::loadClass('UserService', 'user'); /* @var $userService PW_UserService */ $userdb = $userService->getByUserName($fromuser); empty($userdb) && adminmsg('输入的用户不存在'); }
$attimages[$rt['attachurl']] = is_array($a_url) ? $a_url[0] : $a_url; } } $attimages = serialize($attimages); $share['topic']['abstract'] = $replydb['content']; $share['topic']['imgs'] = $attimages; } } PostCheck(1, $o_share_gdcheck, $o_share_qcheck); /** * 禁止受限制用户发言 */ banUser(); $ifhidden != 0 && $ifhidden != 1 && ($ifhidden = 0); if (!$link) { ObHeader('mode.php?m=$m&q=share'); } !preg_match("/^https?\\:\\/\\/.{4,255}\$/i", $link) && Showmsg('mode_share_link_error'); if (strlen($descrip) > 300) { Showmsg('mode_share_descrip_toolang'); } require_once R_P . 'require/postfunc.php'; require_once R_P . 'require/bbscode.php'; $wordsfb = L::loadClass('FilterUtil'); if (($banword = $wordsfb->comprise($descrip)) !== false) { Showmsg('post_wordsfb'); } $share['link'] = $link; $share['descrip'] = $descrip; $parselink = parse_url($link); if (!$type) {
} InitGP(array("stopic_title", "banner_url", "nav_set", "layout_set", "is_new_bg", "bg_id", "seo_keyword", "seo_desc")); $title = trim($stopic_title); if ("" == $title) { Showmsg("对不起,请填写标题", "javascript:history.back();"); } if ($is_new_bg) { $bg_id = 0; } if ($is_new_bg && count($_FILES) && $_FILES["background"]["name"] && $_FILES["background"]["size"]) { $new_bg_id = $stopic_service->uploadPicture($_FILES, $stopic_data['category_id'], $admin_name); !$new_bg_id && Showmsg("对不起,背景图片增加失败", $stopic_admin_url); $bg_id = $new_bg_id; } $stopic_service->updateSTopicById($stopic_id, array("title" => $title, "banner_url" => $banner_url, "nav_config" => stopic_filter_navconfig($nav_set), "layout_config" => $layout_set, "bg_id" => $bg_id, "seo_keyword" => $seo_keyword, "seo_desc" => $seo_desc)); ObHeader($basename . '&job=editstopic&stopic_id=' . $stopic_id); } else { Showmsg("对不起,参数错误"); } function stopic_filter_navconfig($nav_set) { $nav_config = array(); if (isset($nav_set['text']) && is_array($nav_set['text']) && count($nav_set['text'])) { foreach ($nav_set['text'] as $k => $v) { if ($v && $nav_set['url'][$k]) { $nav_config[] = array('text' => $v, 'url' => $nav_set['url'][$k]); } } } else { return ""; }
} else { !$attach['ctype'] && ($attach['ctype'] = 'rvrc'); $usercredit = $credit->get($winduid, $attach['ctype']); if ($usercredit < $attach['needrvrc']) { $needrvrc = $attach['needrvrc']; $creditName = $credit->cType[$attach['ctype']]; wap_msg($downloadmoney > 0 && $uploadcredit == $attach['ctype'] ? 'job_attach_rvrc_download' : 'job_attach_rvrc'); } } } if (isset($credit) && $credit->setUser) { $credit->runsql(); } $pw_attachs->increaseField($aid, 'hits'); if ($db_attachhide && $attach['size'] > $db_attachhide && $attach['type'] == 'zip' && !defined('FX')) { ObHeader($fgeturl[0]); } elseif ($fgeturl[1] == 'Local') { $filename = "{$attachdir}/" . $attach['attachurl']; $filesize = filesize($filename); } $ctype = ''; switch ($fileext) { case "pdf": $ctype = "application/pdf"; break; case "rar": case "zip": $ctype = "application/zip"; break; case "doc": $ctype = "application/msword";
<?php !function_exists('adminmsg') && exit('Forbidden'); $basename = "{$admin_file}?adminjob=adminrecord"; $bbscrecordfile = D_P . "data/bbscache/adminrecord.php"; $db_adminrecord == 0 && adminmsg('adminrecord_open'); if ($admintype == 'add') { InitGP(array('content', 'jumpurl')); if ($content) { !file_exists($bbscrecordfile) && writeover($bbscrecordfile, "<?php die;?>\n"); $new_crecord = '|' . str_replace('|', '|', Char_cv($admin_name)) . '|' . "|{$onlineip}|{$timestamp}|" . '|' . str_replace('|', '|', $content) . "\n"; writeover($bbscrecordfile, $new_crecord, "ab"); } ObHeader($jumpurl); } elseif ($admintype == 'del') { PostCheck($verify); if ($admin_gid == 3) { $recorddb = readlog($bbscrecordfile); $recorddb = array_reverse($recorddb); $count = count($recorddb); if ($count > 100) { $output = array_slice($recorddb, 0, 100); $output = array_reverse($output); $output = "<?php die;?>\r\n" . implode("", $output); writeover($bbscrecordfile, $output); adminmsg('adminrecord_del'); } else { adminmsg('adminrecord_min'); } } else { adminmsg('record_aminonly');
refreshto('profile.php?action=weibobind', '创建密码成功!', 2, true); } elseif ($t == 'bindsuccess') { extract(L::style('', $skinco)); $msg_info = '绑定帐号成功(窗口将自动关闭)'; require_once uTemplate::printEot('profile_privacy_bindsuccess'); pwOutPut(); } elseif ($t == 'callback') { $userBindService = L::loadClass('WeiboUserBindService', 'sns/weibotoplatform/service'); /* @var $userBindService PW_WeiboUserBindService */ $params = array_merge($_GET, $_POST); unset($params['action'], $params['t']); $isSuccess = $userBindService->callback($winduid, $params); if (true !== $isSuccess) { Showmsg($isSuccess ? $isSuccess : '绑定失败,请重试'); } ObHeader('profile.php?action=weibobind&t=bindsuccess'); } function ifchecked($out, $var) { $GLOBALS[$out] = $var ? ' checked' : ''; } function weiboResetUserPassword($userId, $password, $repeatPassword) { global $db_ckpath, $db_ckdomain; if ('' == $password || '' == $repeatPassword) { Showmsg('创建密码不能为空'); } $rg_config = L::reg(); list($rg_regminpwd, $rg_regmaxpwd) = explode("\t", $rg_config['rg_pwdlen']); $register = L::loadClass('Register', 'user'); $register->checkPwd($password, $repeatPassword);
} $joblists = $jobService->getQuitJobs($winduid); $jobs = $jobService->buildLists($joblists, $action, $winduid, $groupid); $current[3] = "current"; include PrintEot('jobcenter'); footer(); } elseif ($action == "start") { //获取任务开始链接 list($bool, $message, $link) = $jobService->jobStartController($winduid, $id); if (!$bool) { refreshto("jobcenter.php?action=applied", $message); } if ($link == "") { refreshto("jobcenter.php?action=applied", "任务开始"); } else { ObHeader($link); } } elseif ($action == "gain") { if ($step == 2) { $id = intval($id); list($bool, $message) = $jobService->jobGainController($winduid, $id); if ($bool) { $jobService->jobAutoController($winduid, $groupid); /*自动申请*/ $appliedHTML = $jobService->buildApplieds($winduid, $groupid); ajaxResponse($message, true, $appliedHTML); } else { ajaxResponse($message, false); } } } else {
<?php !function_exists('readover') && exit('Forbidden'); //* include_once pwCache::getPath(D_P.'data/bbscache/bg_config.php'); pwCache::getData(D_P . 'data/bbscache/bg_config.php'); $groupid == 'guest' && Showmsg('not_login'); !$bg_ifopen && Showmsg('blog_close'); if (!$action) { include PrintHack('index'); footer(); } elseif ($action == 'activation') { ObHeader("{$bg_blogurl}/login.php"); }
$db->update("UPDATE pw_trade SET salenum=salenum+" . $order['quantity'] . " WHERE tid=" . S::sqlEscape($order['tid'])); //$db->update("UPDATE pw_trade SET salenum=salenum+1 WHERE tid=".S::sqlEscape($order['tid'])); refreshto("apps.php?q=article&a=goods", 'operate_success'); } elseif ($action == 'pcalipay') { S::gp(array('tid', 'pcmid', 'pcid'), GP, 2); $pcvaluetable = GetPcatetable($pcid); $order = $db->get_one("SELECT pv.price,pv.deposit,pm.username,pm.nums,pm.phone,pm.mobile,pm.address,pm.ifpay,pm.totalcash,t.author,t.authorid,t.subject FROM pw_pcmember pm LEFT JOIN {$pcvaluetable} pv ON pm.tid=pv.tid LEFT JOIN pw_threads t ON pv.tid=t.tid WHERE pm.tid=" . S::sqlEscape($tid) . " AND pm.pcmid=" . S::sqlEscape($pcmid) . " AND pm.uid=" . S::sqlEscape($winduid)); $order['zip'] = '100000'; $order['tradeinfo'] = $db->get_value("SELECT tradeinfo FROM pw_memberinfo WHERE uid=" . S::sqlEscape($order['authorid'])); if (empty($order)) { Showmsg('data_error'); } if (!is_array($trade = unserialize($order['tradeinfo']))) { $trade = array(); } if ($order['ifpay'] > 0) { Showmsg('pcalipay_haspay'); } if (empty($trade['alipay'])) { Showmsg('onlinepay_alipay'); } //* include_once pwCache::getPath(D_P.'data/bbscache/ol_config.php'); pwCache::getData(D_P . 'data/bbscache/ol_config.php'); require_once R_P . 'require/onlinepay.php'; $olpay = new OnlinePay($trade['alipay']); $price = !ceil($order['deposit']) ? $order['price'] : $order['deposit']; $price = number_format($price, 2, '.', ''); $order_no = $pcmid . '_' . str_pad($winduid, 10, "0", STR_PAD_LEFT) . get_date($timestamp, 'YmdHis') . num_rand(5); $param = array('notify_url' => "{$db_bbsurl}/alipay.php?action=pcalipay", 'return_url' => "{$db_bbsurl}/alipay.php?action=pcalipay", 'subject' => $order['subject'], 'out_trade_no' => $order_no, 'price' => $price, 'quantity' => $order['nums'], 'payment_type' => 1, 'logistics_type' => 'EXPRESS', 'logistics_fee' => '0.00', 'logistics_payment' => 'SELLER_PAY', 'receive_name' => $order['username'], 'receive_address' => $order['address'], 'receive_zip' => $order['zip'], 'receive_phone' => $order['mobile']); ObHeader($olpay->alipay2url($param)); }
$userInfo = $weiboUserBindService->getBindInfo($winduid, $type); if (empty($userInfo)) { // 绑定引导 $userBindList = $weiboUserBindService->getBindList($winduid); $bindUrl = $userBindList[$type]['bindUrl']; $action = 'bind'; } else { $weiboName = $userInfo['info']['name']; if ($action == 'share' && !empty($shareContent)) { // 分享 $weiboSyncerService = L::loadClass('WeiboSyncer', 'sns/weibotoplatform'); $result = $weiboSyncerService->shareContent($winduid, $shareContent, $photo); // 跳到关注官方帐号 if ($result) { if (!$weiboUserBindService->isFollow($type, $winduid)) { ObHeader($db_bbsurl . "connexion/share.php?type={$type}&action=isfollow"); } $action = 'sharesuccess'; } else { $action = 'sharefail'; } } elseif ($action == 'isfollow') { // 有官方微博帐号则引导关注 没有则提示分享成功 $weiboSiteBindInfoService = L::loadClass('WeiboSiteBindInfoService', 'sns/weibotoplatform/service'); $weiboAccount = $weiboSiteBindInfoService->getOfficalAccount($type); if (!$weiboAccount) { $action = 'sharesuccess'; } } elseif ($action == 'follow') { // 关注 $weiboSiteBindInfoService = L::loadClass('WeiboSiteBindInfoService', 'sns/weibotoplatform/service');
$right[$key] = $value; } } } $rightdb = addslashes(serialize($right)); } else { adminmsg('rightset_empty', $basename . '&action=edit&gid=' . $gid); } $ckid = $db->get_value('SELECT gid FROM pw_adminset WHERE gid=' . pwEscape($gid)); if ($ckid) { $db->update('UPDATE pw_adminset SET value=' . pwEscape($rightdb) . ' WHERE gid=' . pwEscape($gid)); } else { $db->update('INSERT INTO pw_adminset SET ' . pwSqlSingle(array('gid' => $gid, 'value' => $rightdb))); } $db->update("REPLACE INTO pw_permission SET uid='0',fid='0',gid=" . pwEscape($gid) . ",rkey='allowadmincp',type='system',rvalue='1'"); updatecache_g($gid); adminmsg('operate_success'); } } elseif ($action == 'delete') { if ($_POST['step'] != 2) { $inputmsg = '<input name="step" type="hidden" value="2" /><input name="action" type="hidden" value="delete" /><input name="gid" type="hidden" value="' . $gid . '" />'; pwConfirm('rightset_delgroup', $inputmsg); } else { !$gid && adminmsg('rightset_setgroup'); $db->update("REPLACE INTO pw_permission SET uid='0',fid='0',gid=" . pwEscape($gid) . ",rkey='allowadmincp',type='system',rvalue='0'"); updatecache_g($gid); adminmsg('operate_success'); } } else { ObHeader($basename); }
<?php require_once R_P . 'lib/cloudwind/cloudwind.class.php'; $_service = CloudWind::getPlatformCheckServerService(); if ($_service->checkCloudWind() < 9) { ObHeader($admin_file . '?adminjob=yunbasic'); } CLOUDWIND_SECURITY_SERVICE::gp(array('action')); if (empty($action)) { if ($_POST['step'] == 2) { CLOUDWIND_SECURITY_SERVICE::gp(array('db_yundefend_shield', 'db_yundefend_shieldpost', 'db_yundefend_shielduser'), 'P', 2); setConfig('db_yundefend_shield', $db_yundefend_shield); setConfig('db_yundefend_shieldpost', $db_yundefend_shieldpost); setConfig('db_yundefend_shielduser', $db_yundefend_shielduser); updatecache_c(); Showmsg('云盾设置成功 '); } ifcheck($db_yundefend_shield, 'yundefend_shield'); ifcheck($db_yundefend_shieldpost, 'yundefend_shieldpost'); ${'yundefend_shielduser_' . intval($db_yundefend_shielduser)} = 'checked="checked"'; $dundescribe = $_service->getDunDescribe(); $current['config'] = 'current'; } elseif ($action == 'verify') { CLOUDWIND_SECURITY_SERVICE::gp(array('page')); $page = $page > 1 ? intval($page) : 1; $postVerifyService = CloudWind::getDefendPostVerifyService(); if ($_POST['step'] == 2) { CLOUDWIND_SECURITY_SERVICE::gp(array('ids')); foreach ($ids as $key => $operate) { list($tid, $pid) = explode("_", $key); $postVerifyService->verify($operate, $tid, $pid);
if ($m == 'bbs') { ObHeader($_mainUrl); } /*APP 应用跳转*/ if ($m == 'o' && $q) { if ($q == 'user') { S::gp(array('u')); ObHeader(USER_URL . "={$u}"); } elseif ($q == 'app') { S::gp(array('id'), 'G', 2); ObHeader("apps.php?id={$id}"); } elseif ($q == 'friend') { ObHeader("u.php?a=friend"); } elseif (!in_array($q, array('user', 'friend', 'browse', 'invite', 'board', 'myapp', 'home'))) { $QUERY_STRING = substr($pwServer['QUERY_STRING'], 4); ObHeader("apps.php?" . $QUERY_STRING); } } if ($m == 'o') { $pwModeImg = "{$imgpath}/apps"; $q = 'browse'; } if (strpos($q, '..') !== false) { Showmsg('undefined_action'); } if ($m && $pwServer['HTTP_HOST'] == $db_modedomain[$m]) { $baseUrl = "mode.php"; $basename = "mode.php?"; } else { $baseUrl = "mode.php?m={$m}"; $basename = "mode.php?m={$m}&";
<?php define('SCR', 'search'); require_once 'global.php'; ObHeader('searcher.php');
<?php require_once './include/config.inc.php'; require_once("./cache/list.php");$lists_db = unserialize(stripslashes($lists_db)); if($listename){ $attrd=$attrd?str_replace("\"",".",json_encode($attrd)):"";$shops=$shops?$shops:array(); $path="/list/".$listename."-1-".$attrd."-".implode(".",$shops).".html"; ObHeader($path); }else{ if($key){ $queryall = $db->query("SELECT * FROM odiy_product where goodsname like '%$key%' and level=1"); $count = $db->num_rows($queryall);$db->free_result($queryall); !$page && $page=1; $page_set=$view?$view:30;$start_limit =($page-1)*$page_set; $numofpage = $count%$page_set==0?$count/$page_set:floor($count/$page_set)+1; //$strat $end if($numofpage<11){$strat=1;$end=$numofpage+1;}else{ if($page<5){$strat=1;$end=$page+5;}elseif($page>4 && $page>$numofpage-4){$strat=$page-4;$end=$numofpage+1;}else{$strat=$page-4;$end=$page+4;}} for($i=$strat;$i<$end;$i++){if($i == $page){ $pages .=" <span class='red'>[".$i."]</span> ";}else{ $pages .=" <a href='./search?key=".$key."&page=".$i."'>[".$i."]</a> ";}} $list['pages'] = $pages; $list['count'] = $count; $list['page_set'] = $page_set; $list['page'] = $page; $list['numofpage'] = $numofpage; $query = $db->query("select id,goodsname,mprice,sprice,cprice,stime,etime,img,unit from odiy_product where goodsname like '%$key%' and level=1 order by id desc LIMIT $start_limit,$page_set"); while($read=$db->fetch_array($query)){ $read['img'] = $read['img'] ? $read['img'] : "noimg.gif"; $read['goodsname'] = substrs($read['goodsname'],60); $goods[] = $read; } unset($read);$db->free_result($query); //print_r($goods); } }
$fid = $db->insert_id(); if ($creditset || $forumset) { $db->update("INSERT INTO pw_forumsextra SET " . pwSqlSingle(array('fid' => $fid, 'creditset' => $creditset, 'forumset' => $forumset))); } } else { $f_type = $forum[$fup]['f_type'] == 'hidden' ? 'hidden' : 'forum'; $db->update("INSERT INTO pw_forums SET " . pwSqlSingle(array('fup' => $fup, 'type' => $forumtype, 'logo' => $logo[$key], 'name' => $value, 'descrip' => $descrip[$key], 'keywords' => $keywords[$key], 'vieworder' => $vieworder[$key], 'forumadmin' => $str_admin, 'style' => $style[$key], 'f_type' => $f_type, 'cms' => 0, 'ifhide' => 1, 'allowtype' => 3))); $fid = $db->insert_id(); } $db->update("INSERT INTO pw_forumdata SET fid=" . pwEscape($fid)); } P_unlink(D_P . 'data/bbscache/c_cache.php'); updatecache_f(); $forumtype != 'category' && updatetop(); if ($addtype == 1) { ObHeader("{$basename}&action=edit&fid={$fid}"); } else { adminmsg('operate_success'); } } } elseif ($_POST['action'] == 'editforum') { InitGP(array('forumadmin'), 'P', 0); InitGP(array('order'), 'P', 2); $errorname = array(); $forumdb = $db->query("SELECT fid,forumadmin,vieworder FROM pw_forums WHERE cms!='1'"); while ($foruminfo = $db->fetch_array($forumdb)) { $pwSQL = $admin_a = $admin_n = $admin_d = array(); if ($foruminfo['forumadmin'] != $forumadmin[$foruminfo['fid']] && $foruminfo['forumadmin'] != ',' . $forumadmin[$foruminfo['fid']] . ',') { $admin_a = explode(',', $forumadmin[$foruminfo['fid']]); if ($admin_a) { $query = $db->query("SELECT username FROM pw_members WHERE username IN (" . pwImplode($admin_a) . ")");
<?php !function_exists('readover') && exit('Forbidden'); $wind_in = 'toolcenter'; ObHeader("profile.php?action=toolcenter"); //跳转到个人中心道具
if (!$db_pptifopen || $db_ppttype != 'server') { Showmsg('passport_close'); } $jumpurl = str_replace('=', '=', $jumpurl); $userdb = array(); $userService = L::loadClass('UserService', 'user'); /* @var $userService PW_UserService */ $rt = $userService->get($winduid, true, true); $userdb['uid'] = $rt['uid']; $userdb['username'] = $rt['username']; $userdb['password'] = $rt['password']; $userdb['email'] = $rt['email']; $userdb['rvrc'] = $rt['rvrc']; $userdb['money'] = $rt['money']; $userdb['credit'] = $rt['credit']; $userdb['currency'] = $rt['currency']; $userdb['time'] = $timestamp; $userdb['cktime'] = $cktime ? $cktime : 'F'; $userdb_encode = ''; foreach ($userdb as $key => $val) { $userdb_encode .= $userdb_encode ? "&{$key}={$val}" : "{$key}={$val}"; } $db_hash = $db_pptkey; $userdb_encode = str_replace('=', '', StrCode($userdb_encode)); if ($action == 'login') { $verify = md5("login{$userdb_encode}{$forward}{$db_pptkey}"); ObHeader("{$jumpurl}/passport_client.php?action=login&userdb=" . rawurlencode($userdb_encode) . "&forward=" . rawurlencode($forward) . "&verify=" . rawurlencode($verify) . "&ajax={$ajax}"); } elseif ($action == 'quit') { $verify = md5("quit{$userdb_encode}{$forward}{$db_pptkey}"); ObHeader("{$jumpurl}/passport_client.php?action=quit&userdb=" . rawurlencode($userdb_encode) . "&forward=" . rawurlencode($forward) . "&verify=" . rawurlencode($verify)); }
Cookie('AdminUser', '', 0); include PrintEot('adminlogin'); afooter(true); } elseif ($_POST['admin_name']) { $uid = $db->get_value("SELECT uid FROM pw_members WHERE username="******"SELECT slog FROM pw_administrators WHERE uid=" . pwEscape($uid, false)); $slog = explode(";", $slog); !$slog && ($slog = array()); if (count($slog) >= 8) { unset($slog[0]); } array_push($slog, $timestamp . ',' . $onlineip); $slog = implode(";", $slog); $db->update("UPDATE pw_administrators SET slog=" . pwEscape($slog, false) . "WHERE uid=" . pwEscape($uid, false)); $REQUEST_URI = trim($REQUEST_URI, '?#'); ObHeader($REQUEST_URI); } $admin_gid = $rightset['gid']; if ($db_ifsafecv && strpos($db_safegroup, ",{$admin_gid},") !== false && !$CK[3]) { Cookie('AdminUser', '', 0); adminmsg('safecv_prompt'); } include_once D_P . 'data/bbscache/level.php'; !defined('If_manager') && define('If_manager', 0); if (!If_manager) { Iplimit(); $temp_a = array_merge($_POST, $_GET); foreach ($temp_a as $key => $value) { if ($key != 'module') { CheckVar($value); }
<?php !defined('P_W') && exit('Forbidden'); S::gp(array('jobact')); if ("delete" == $jobact) { S::gp(array('stopic_ids')); if (!is_array($stopic_ids) || !count($stopic_ids)) { Showmsg('没选择要删除的专题,请您重试', $stopic_admin_url . "&job={$job}"); } if (!$stopic_service->deleteSTopics($stopic_ids)) { Showmsg('所有信息均未修改,请您重试', $stopic_admin_url . "&job={$job}"); } ObHeader($stopic_admin_url . "&job={$job}"); } else { S::gp(array('page', 'search_title', 'search_cid')); $page = intval($page); $sum = $stopic_service->countSTopic($search_title, $search_cid); $total = ceil($sum / $db_perpage); if ($page <= 0) { $page = 1; } if ($page > $total) { $page = $total; } $pages = numofpage($sum, $page, $total, $stopic_admin_url . "&job={$job}&search_title={$search_title}&search_cid={$search_cid}&"); $stopic_list = $stopic_service->findSTopicInPage($page, $db_perpage, $search_title, $search_cid); $category_list = $stopic_service->getCategorys(); } include stopic_use_layout('admin');
Showmsg('该群组话题内容仅对成员开放!'); } //是否图酷、是否允许浏览 $isTucool = $forumset['iftucool'] && getstatus($read['tpcstatus'], 5); $ptable = $read['ptable']; $ifhide = $read['ifhide'] && !ifpost($tid) ? 1 : 0; $isAllowViewPic = $admincheck || $read['authorid'] == $winduid || !$ifhide && ($winduid || !$forumset['viewpic']); (!$isTucool || !$isAllowViewPic) && ObHeader("read.php?tid={$tid}&ds=1"); //禁言、屏蔽 $userService = L::loadClass('UserService', 'user'); $userInfo = $userService->get($read['authorid'], true, false, false); $ifshieldThread = ($read['ifshield'] || $userInfo['groupid'] == 6 && $db_shield) && !$isGM ? 0 : 1; !$ifshieldThread && ObHeader("read.php?tid={$tid}&ds=1"); $attachsService = L::loadClass('Attachs', 'forum'); $tucoolAttachs = $attachsService->getByTidAndUid($tid, $read['authorid']); !$tucoolAttachs && ObHeader("read.php?tid={$tid}&ds=1"); if ($read['aid']) { $attachShow = new attachShow($isGM || $pwSystem['delattach'] || $read['authorid'] == $winduid, $forumset['uploadset'], $forumset['viewpic']); $attachShow->setData($tucoolAttachs); $tucoolAttachs = buildTucoolAttachs($tucoolAttachs); $contentAids = $attachShow->findPicAids($read['content']); $read['content'] = convert($read['content'], $db_windpost); if (strrpos($read['content'], 'attachment') !== false) { $haveAids = $attachShow->findPicAids($read['content']); } } $tmpKeyArray = array_diff(array_keys($tucoolAttachs), (array) $contentAids); $tmpArray = array(); foreach ((array) $tmpKeyArray as $v) { $tmpArray[$v] = $tucoolAttachs[$v]; }
//* include_once pwCache::getPath(D_P.'data/bbscache/ol_config.php'); pwCache::getData(D_P . 'data/bbscache/ol_config.php'); if (!$ol_onlinepay) { procUnLock('tool_buy', $winduid); Showmsg($ol_whycolse); } $order_no = '1' . str_pad($winduid, 10, "0", STR_PAD_LEFT) . get_date($timestamp, 'YmdHis') . num_rand(5); $db->update("INSERT INTO pw_clientorder SET " . S::sqlSingle(array('order_no' => $order_no, 'type' => 1, 'uid' => $winduid, 'paycredit' => $id, 'price' => $toolinfo['rmb'], 'number' => $nums, 'date' => $timestamp, 'state' => 0))); if (!$ol_payto) { procUnLock('tool_buy', $winduid); Showmsg('olpay_alipayerror'); } require_once R_P . 'require/onlinepay.php'; $olpay = new OnlinePay($ol_payto); procUnLock('tool_buy', $winduid); ObHeader($olpay->alipayurl($order_no, $toolinfo['rmb'] * $nums, 1)); } if ($toolinfo['price'] < 0) { procUnLock('tool_buy', $winduid); Showmsg('undefined_action'); } $price = $toolinfo['price'] * $nums; !$toolinfo['creditype'] && ($toolinfo['creditype'] = 'currency'); if ($credit->get($winduid, $toolinfo['creditype']) < $price) { $creditname = $credit->cType[$toolinfo['creditype']]; if (array_key_exists($toolinfo['creditype'], $db_creditpay)) { procUnLock('tool_buy', $winduid); Showmsg('unenough_currency'); } else { procUnLock('tool_buy', $winduid); Showmsg('unenough_money');
function redirectULink($action, $uid, $username) { global $winduid, $windid; $addurl = $uid ? 'u=' . $uid : 'username='******'mode.php?m=o&' . $addurl; $uid != $winduid && $username != $windid && ($ifspace = '&space=1'); switch ($action) { case 'topic': $baseurl .= $ifspace . '&q=article'; break; case 'post': $baseurl .= $ifspace . '&q=article&see=post'; break; case 'favor': $baseurl .= $ifspace . '&q=share&a=my&see=postfavor'; break; case 'friend': $baseurl .= $ifspace . '&q=friend'; break; case 'trade': $baseurl .= $ifspace . '&q=article&see=trade'; break; default: $baseurl = 'mode.php?m=o&q=user&' . $addurl; break; } ObHeader($baseurl); }
if (getstatus($winddb['userstatus'], PW_USERSTATUS_NEWRP)) { $userService->setUserStatus($winduid, PW_USERSTATUS_NEWRP, false); } $rt['replyinfo'] = ''; } $userService->update($winduid, array(), array(), array('replyinfo' => $rt['replyinfo'])); //$db->update("UPDATE pw_threads SET ifmail='2' WHERE tid=".S::sqlEscape($tid)); pwQuery::update('pw_threads', 'tid=:tid', array($tid), array('ifmail' => '2')); } if ($page == 1) { $read['pid'] = 'tpc'; if ($foruminfo['allowhtm'] == 1) { #纯静态页面生成 $htmurl = $db_readdir . '/' . $fid . '/' . date('ym', $read['postdate']) . '/' . $read['tid'] . '.html'; if (!$foruminfo['cms'] && !$toread && file_exists(R_P . $htmurl)) { ObHeader("{$R_url}/{$htmurl}"); } } $readdb[] = $read; } $toread && ($urladd .= "&toread={$toread}"); $fpage > 1 && ($urladd .= "&fpage={$fpage}"); $pages = numofpage($count + $topped_count, $page, $numofpage, "read.php?tid={$tid}{$urladd}{$viewbbs}&"); $tpc_locked = $read['locked'] % 3 != 0 ? 1 : 0; //更新帖子点击 if ($db_hits_store == 0) { pwQuery::update('pw_threads', 'tid=:tid', array($tid), null, array(PW_EXPR => array('hits=hits+1'))); } elseif ($db_hits_store == 1) { $db->update('UPDATE pw_hits_threads SET hits=hits+1 WHERE tid=' . S::sqlEscape($tid)); } elseif ($db_hits_store == 2) { pwCache::writeover(D_P . 'data/bbscache/hits.txt', $tid . "\t", 'ab');
<?php define('COL', 1); require_once 'global.php'; $url = $pwServer['HTTP_REFERER'] && strpos($pwServer['HTTP_REFERER'], $db_adminfile) === false && strpos($pwServer['HTTP_REFERER'], $db_bbsurl) !== false ? $pwServer['HTTP_REFERER'] : $db_bfn; if ($_GET['m'] == 'bbs') { $url = $db_bbsurl . '/index.php?m=bbs'; } bbsSeoSettings('index'); if ($db_columns) { if ($_GET['action'] == 'columns') { extract(L::style()); Cookie('columns', 2); require_once PrintEot('columns'); exit; } else { Cookie('columns', '1'); echo "<script type=\"text/javascript\">top.location.href=\"" . $url . "\"</script>"; exit; } } else { ObHeader('index.php'); }