function AddGbook($add)
{
global $empire, $dbtbpre, $level_r, $public_r;
//验证IP
eCheckAccessDoIp('gbook');
CheckCanPostUrl();
//验证来源
$bid = (int) getcvar('gbookbid');
if (empty($bid)) {
$bid = intval($add[bid]);
}
$name = RepPostStr(trim($add[name]));
$email = RepPostStr($add[email]);
$call = RepPostStr($add[call]);
$lytext = RepPostStr($add[lytext]);
if (empty($bid) || empty($name) || empty($email) || !trim($lytext)) {
printerror("EmptyGbookname", "history.go(-1)", 1);
}
if (!chemail($email)) {
printerror("EmailFail", "history.go(-1)", 1);
}
//验证码
$keyvname = 'checkgbookkey';
if ($public_r['gbkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
$lasttime = getcvar('lastgbooktime');
if ($lasttime) {
if (time() - $lasttime < $public_r['regbooktime']) {
printerror("GbOutTime", "", 1);
}
}
//版面是否存在
$br = $empire->fetch1("select bid,checked,groupid from {$dbtbpre}enewsgbookclass where bid='{$bid}';");
if (empty($br[bid])) {
printerror("EmptyGbook", "history.go(-1)", 1);
}
//权限
if ($br['groupid']) {
$user = islogin();
if ($level_r[$br[groupid]][level] > $level_r[$user[groupid]][level]) {
printerror("HaveNotEnLevel", "history.go(-1)", 1);
}
}
$lytime = date("Y-m-d H:i:s");
$ip = egetip();
$userid = (int) getcvar('mluserid');
$username = RepPostVar(getcvar('mlusername'));
$sql = $empire->query("insert into {$dbtbpre}enewsgbook(name,email,`call`,lytime,lytext,retext,bid,ip,checked,userid,username) values('{$name}','{$email}','{$call}','{$lytime}','{$lytext}','','{$bid}','{$ip}','{$br['checked']}','{$userid}','{$username}');");
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
esetcookie("lastgbooktime", time(), time() + 3600 * 24);
//设置最后发表时间
$reurl = DoingReturnUrl("../tool/gbook/?bid={$bid}", $add['ecmsfrom']);
printerror("AddGbookSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function UpdateSpaceViewStats($userid)
{
global $empire, $dbtbpre;
if (!getcvar('dospacevstats' . $userid)) {
$sql = $empire->query("update {$dbtbpre}enewsmemberadd set viewstats=viewstats+1 where userid='" . $userid . "' limit 1");
esetcookie("dospacevstats" . $userid, 1, time() + 3600);
}
}
function ShowKey()
{
$key = strtolower(domake_password(4));
$set = esetcookie("checkkey", $key);
//是否支持gd库
if (function_exists("imagejpeg")) {
header("Content-type: image/jpeg");
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagejpeg($img);
imagedestroy($img);
} elseif (function_exists("imagegif")) {
header("Content-type: image/gif");
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagegif($img);
imagedestroy($img);
} elseif (function_exists("imagepng")) {
header("Content-type: image/png");
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagepng($img);
imagedestroy($img);
} elseif (function_exists("imagewbmp")) {
header("Content-type: image/vnd.wap.wbmp");
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagewbmp($img);
imagedestroy($img);
} else {
$set = esetcookie("checkkey", "ebak");
@(include "class/functions.php");
echo ReadFiletext("images/ebak.jpg");
}
}
function ShowKey()
{
$key = strtolower(domake_password(4));
$set = esetcookie('checkkey', $key);
if (function_exists('imagejpeg')) {
header('Content-type: image/jpeg');
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagejpeg($img);
imagedestroy($img);
} elseif (function_exists('imagegif')) {
header('Content-type: image/gif');
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagegif($img);
imagedestroy($img);
} elseif (function_exists('imagepng')) {
header('Content-type: image/png');
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagepng($img);
imagedestroy($img);
} elseif (function_exists('imagewbmp')) {
header('Content-type: image/vnd.wap.wbmp');
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagewbmp($img);
imagedestroy($img);
} else {
$set = esetcookie('checkkey', 'ebak');
@(include 'class/functions.php');
echo ReadFiletext('images/ebak.jpg');
}
}
$user = islogin();
//是否登陆
$pr = $empire->fetch1("select paymoneytofen,payminmoney from {$dbtbpre}enewspublic limit 1");
if ($money < $pr['payminmoney']) {
printerror('金额不能小于 ' . $pr['payminmoney'] . ' 元', '', 1, 0, 1);
}
} elseif ($phome == 'ShopPay') {
$ddid = (int) getcvar('paymoneyddid');
$ddr = PayApiShopDdMoney($ddid);
if ($money != $ddr['tmoney']) {
printerror('订单金额有误', '', 1, 0, 1);
}
$ddno = $ddr[ddno];
$productname = "支付订单:" . $ddno;
}
esetcookie("payphome", $phome, 0);
//返回地址前缀
$PayReturnUrlQz = $public_r['newsurl'];
if (!stristr($public_r['newsurl'], '://')) {
$PayReturnUrlQz = eReturnDomain() . $public_r['newsurl'];
}
//编码
if ($phome_ecms_charver != 'gb2312') {
@(include_once "../class/doiconv.php");
$iconv = new Chinese('');
$char = $phome_ecms_charver == 'big5' ? 'BIG5' : 'UTF8';
$targetchar = 'GB2312';
$productname = $iconv->Convert($char, $targetchar, $productname);
@header('Content-Type: text/html; charset=gb2312');
}
$file = $payr['paytype'] . '/to_pay.php';
$payr = $empire->fetch1("select * from {$dbtbpre}enewspayapi where paytype='{$paytype}' and isclose=0 limit 1");
if (!$payr[payid]) {
printerror('请选择支付平台', '', 1, 0, 1);
}
include 'payfun.php';
//订单信息
$ddid = (int) getcvar('paymoneyddid');
$ddr = PayApiShopDdMoney($ddid);
$money = $ddr['tmoney'];
if (!$money) {
printerror('订单金额有误', '', 1, 0, 1);
}
$ddno = $ddr[ddno];
$productname = "支付订单号:" . $ddno;
$productsay = "订单号:" . $ddno;
esetcookie("payphome", "ShopPay", 0);
//返回地址前缀
$PayReturnUrlQz = $public_r['newsurl'];
if (!stristr($public_r['newsurl'], '://')) {
$PayReturnUrlQz = eReturnDomain() . $public_r['newsurl'];
}
//char
if ($ecms_config['sets']['pagechar'] != 'gb2312') {
@(include_once "../class/doiconv.php");
$iconv = new Chinese('');
$char = $ecms_config['sets']['pagechar'] == 'big5' ? 'BIG5' : 'UTF8';
$targetchar = 'GB2312';
$productname = $iconv->Convert($char, $targetchar, $productname);
$productsay = $iconv->Convert($char, $targetchar, $productsay);
@header('Content-Type: text/html; charset=gb2312');
}
function CheckShowNewsLevel($infor)
{
global $check_path, $level_r, $empire, $user_userfen, $user_userid, $user_tablename, $user_userdate, $gotourl, $toreturnurl, $public_r, $dbtbpre, $class_r;
$groupid = $infor['groupid'];
$userfen = $infor['userfen'];
$id = $infor['id'];
$classid = $infor['classid'];
//是否登陆
$user_r = ViewCheckLogin($infor);
//验证权限
if ($class_r[$infor[classid]]['cgtoinfo']) {
$checkcr = $empire->fetch1("select cgroupid from {$dbtbpre}enewsclass where classid='{$infor['classid']}'");
if ($checkcr['cgroupid']) {
if (!strstr($checkcr[cgroupid], ',' . $user_r[groupid] . ',')) {
$infor['eclass_cgroupid'] = $checkcr[cgroupid];
if (!getcvar('returnurl')) {
esetcookie("returnurl", $toreturnurl, 0);
}
$msg = "您没有足够权限查看此信息! <a href='{$gotourl}'><u>点击这里</u></a>重新登陆;注册请<a href='" . $public_r['newsurl'] . "e/member/register/'><u>点击这里</u></a>。";
ShowViewInfoMsg($infor, $msg);
}
}
}
if ($groupid) {
if ($level_r[$groupid][level] > $level_r[$user_r[groupid]][level]) {
if (!getcvar('returnurl')) {
esetcookie("returnurl", $toreturnurl, 0);
}
$msg = "您的会员级别不足(您的当前级别:" . $level_r[$user_r[groupid]][groupname] . "),没有查看此信息的权限! <a href='{$gotourl}'><u>点击这里</u></a>重新登陆;注册请<a href='" . $public_r['newsurl'] . "e/member/register/'><u>点击这里</u></a>。";
ShowViewInfoMsg($infor, $msg);
}
}
//扣点
if (!empty($userfen)) {
//是否有历史记录
$bakr = $empire->fetch1("select id,truetime from {$dbtbpre}enewsdownrecord where id='{$id}' and classid='{$classid}' and userid='{$user_r['userid']}' and online=2 order by truetime desc limit 1");
if ($bakr['id'] && time() - $bakr['truetime'] <= $public_r['redoview'] * 3600) {
} else {
if ($user_r[userdate] - time() > 0) {
} else {
if ($user_r[userfen] < $userfen) {
if (!getcvar('returnurl')) {
esetcookie("returnurl", $toreturnurl, 0);
}
$msg = "您的点数不足(您当前拥有的点数 " . $user_r[userfen] . " 点),没有查看此信息的权限! <a href='{$gotourl}'><u>点击这里</u></a>重新登陆;注册请<a href='" . $public_r['newsurl'] . "e/member/register/'><u>点击这里</u></a>。";
ShowViewInfoMsg($infor, $msg);
}
//扣点
$usql = $empire->query("update " . $user_tablename . " set " . $user_userfen . "=" . $user_userfen . "-" . $userfen . " where " . $user_userid . "='{$user_r['userid']}'");
}
//备份下载记录
$utfusername = $user_r['username'];
BakDown($classid, $id, 0, $user_r['userid'], $utfusername, $infor[title], $userfen, 2);
}
}
}
<?php
require "../../class/connect.php";
require "../../class/db_sql.php";
require "../../class/q_functions.php";
require "../../member/class/user.php";
$link = db_connect();
$empire = new mysqlquery();
$editor = 1;
//订单号
if (!getcvar('checkpaysession')) {
printerror('非法操作', '../../../', 1, 0, 1);
} else {
esetcookie("checkpaysession", "", 0);
}
//操作事件
$phome = getcvar('payphome');
if ($phome == 'PayToFen') {
} elseif ($phome == 'PayToMoney') {
} elseif ($phome == 'ShopPay') {
} elseif ($phome == 'BuyGroupPay') {
} else {
printerror('您来自的链接不存在', '', 1, 0, 1);
}
$user = array();
if ($phome == 'PayToFen' || $phome == 'PayToMoney' || $phome == 'BuyGroupPay') {
$user = islogin();
//是否登陆
}
$paytype = 'chinabank';
$payr = $empire->fetch1("select * from {$dbtbpre}enewspayapi where paytype='{$paytype}' limit 1");
function Ebak_ChangeLanguage($add){
global $langcharr;
$l=(int)$add['l'];
if($langcharr[$l])
{
$lifetime=time()+365*24*3600;
esetcookie('loginlangid',$l,$lifetime);
}
if(!$add['from'])
{
$add['from']='index.php';
}
echo"<script>parent.location.href='$add[from]';</script>";
exit();
}
$add[startid] = RepPostVar($add[startid]);
$add[endid] = RepPostVar($add[endid]);
$tbname = $add['tbname'];
$count = count($tbname);
//刷新所有表
if (!$count) {
$j = 0;
$tsql = $empire->query("select tbname from {$dbtbpre}enewstable where intb=0 order by tid");
while ($tr = $empire->fetch($tsql)) {
$tbname[$j] = $tr[tbname];
$j++;
}
$count = count($tbname);
}
esetcookie("retablenum", $count, 0, 1);
esetcookie("rechecktablenum", 0, 0, 1);
$url = "../ecmschtml.php?enews=ReNewsHtml&classid={$add['classid']}&from=" . urlencode($add[from]) . "&retype={$add['retype']}&startday={$add['startday']}&endday={$add['endday']}&startid={$add['startid']}&endid={$add['endid']}&havehtml={$havehtml}&reallinfotime=" . time() . $ecms_hashur['href'];
echo "<link href='../adminstyle/" . $loginadminstyleid . "/adminstyle.css' rel='stylesheet' type='text/css'><center>要刷新的表的总个数为:<font color=red>{$count}</font>个</center><br>";
for ($i = 0; $i < $count; $i++) {
$tbname[$i] = RepPostVar($tbname[$i]);
$trueurl = $url . "&tbname=" . $tbname[$i];
echo "<table width='100%' border=0 align=center cellpadding=3 cellspacing=1 class=tableborder><tr class=header><td>刷新数据表:" . $tbname[$i] . "</td></tr><tr><td bgcolor='#ffffff'><iframe frameborder=0 height=35 id='" . $tbname[$i] . "' scrolling=no \n src=\"" . $trueurl . "\" \n width=\"100%\"></iframe></td></tr></table>";
}
db_close();
$empire = null;
?>
<iframe frameborder=0 height=35 id="checkrehtml" scrolling=no
src="CheckRehtml.php?first=1&from=<?php
echo urlencode($add[from]);
echo $ecms_hashur['href'];
?>
$loginin = $lur['username'];
$loginrnd = $lur['rnd'];
$loginlevel = $lur['groupid'];
$loginadminstyleid = $lur['adminstyleid'];
//ehash
$ecms_hashur = hReturnEcmsHashStrAll();
//验证权限
CheckLevel($logininid, $loginin, $classid, "cj");
$add = $_GET;
$classid = $add['classid'];
$count = count($classid);
if (!$count) {
printerror("NotChangeCjid", "history.go(-1)");
}
$add['from'] = ehtmlspecialchars($add['from']);
esetcookie("recjnum", $count, 0, 1);
$url = "ecmscj.php?enews=CjUrl" . $ecms_hashur['href'];
echo "<center>采集节点的总个数为:<font color=red>{$count}</font>个</center><br>";
for ($i = 0; $i < $count; $i++) {
$classid[$i] = (int) $classid[$i];
$trueurl = $url . "&from={$add['from']}&classid=" . $classid[$i];
echo "<iframe frameborder=0 height=35 name='class" . $classid[$i] . "' scrolling=no \n src=\"" . $trueurl . "\" \n width=\"100%\"></iframe><br>";
}
db_close();
$empire = null;
?>
<iframe frameborder=0 height=35 name="checkrecj" scrolling=no
src="CheckReCj.php?first=1&from=<?php
echo $add[from];
echo $ecms_hashur['href'];
?>
$newips = $ipr['ips'] ? $ipr['ips'] . $ip . ',' : ',' . $ip . ',';
$usql = $empire->query("update {$dbtbpre}enewsdiggips set ips='{$newips}' where id='{$id}' and classid='{$classid}' limit 1");
}
}
$dotop = (int) $_GET['dotop'];
$f = 'diggtop';
$n = '+1';
if ($dotop) {
$mess = 'DoDiggGSuccess';
} else {
if ($fnum == 2) {
$f = 'diggdown';
} else {
$n = '-1';
}
$mess = 'DoDiggBSuccess';
}
$sql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " set " . $f . "=" . $f . $n . " where id='{$id}'");
if ($sql) {
esetcookie('lastdiggid', $checkid, $checktime);
//最后发布
if ($doajax == 1) {
$nr = $empire->fetch1("select " . $f . " from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where id='{$id}'");
ajax_printerror($nr[$f], $_GET['ajaxarea'], $mess, 1);
} else {
printerror($mess, $_SERVER['HTTP_REFERER'], 1);
}
} else {
$doajax == 1 ? ajax_printerror('', '', 'DbError', 1) : printerror('DbError', '', 1);
}
}
function DoECookieRnd($userid, $username, $rnd, $dbdata, $groupid, $adminstyle, $truelogintime)
{
global $do_ecookiernd, $do_ckhloginip, $do_ckhloginfile;
$ip = $do_ckhloginip == 0 ? '127.0.0.1' : egetip();
$ecmsckpass = md5(md5($rnd . $do_ecookiernd) . '-' . $ip . '-' . $userid . '-' . $username . '-' . $dbdata . $rnd . $groupid . '-' . $adminstyle);
esetcookie("loginecmsckpass", $ecmsckpass, 0, 1);
if (empty($do_ckhloginfile)) {
DoECreatFileRnd($userid, $username, $rnd, $dbdata, $groupid, $adminstyle, $truelogintime, $ip);
}
}
function eCheckOnclickCookie($var, $val)
{
$doupdate = 1;
$onclickrecord = getcvar($var);
if (strstr($onclickrecord, ',' . $val . ',')) {
$doupdate = 0;
} else {
$newval = empty($onclickrecord) ? ',' . $val . ',' : $onclickrecord . $val . ',';
esetcookie($var, $newval);
}
if (empty($_COOKIE)) {
$doupdate = 0;
}
return $doupdate;
}
function loginout($userid, $username, $rnd)
{
global $empire, $dbtbpre, $do_ckhloginfile;
$userid = (int) $userid;
if (!$userid || !$username) {
printerror("NotLogin", "history.go(-1)");
}
$set1 = esetcookie("loginuserid", "", 0, 1);
$set2 = esetcookie("loginusername", "", 0, 1);
$set3 = esetcookie("loginrnd", "", 0, 1);
$set4 = esetcookie("loginlevel", "", 0, 1);
//FireWall
FWEmptyPassword();
//取得随机密码
$rnd = make_password(20);
$sql = $empire->query("update {$dbtbpre}enewsuser set rnd='{$rnd}' where userid='{$userid}'");
if (empty($do_ckhloginfile)) {
DoEDelFileRnd($userid);
}
//操作日志
insert_dolog("");
printerror("ExitSuccess", "index.php");
}
//------------------ 参数开始 ------------------
//商户号
$v_mid = $payr['payuser'];
//密钥
$key = $payr['paykey'];
//返回地址
$v_url = $PayReturnUrlQz . "e/payapi/chinabank/payend.php";
//币种
$v_moneytype = "CNY";
//------------------ 参数结束 ------------------
$v_amount = $money;
//产生定单号
$v_oid = date("Ymd") . "-" . $v_mid . "-" . date("His");
$ddno = $ddno ? $ddno : time();
//订单号
esetcookie("checkpaysession", $ddno, 0);
//设置定单号
//md5
$text = $v_amount . $v_moneytype . $v_oid . $v_mid . $v_url . $key;
$v_md5info = strtoupper(md5($text));
$remark1 = $ddno;
//备注字段1
$remark2 = $productname;
//备注字段2
?>
<html>
<title>在线支付</title>
<meta http-equiv="Cache-Control" content="no-cache"/>
<body>
<form method="post" name="dopaypost" id="dopaypost" action="https://pay3.chinabank.com.cn/PayGate">
<input type="hidden" name="v_mid" value="<?php
//检测时间
if ($public_r['qeditinfotime']) {
if (time() - $r['truetime'] > $public_r['qeditinfotime'] * 60) {
printerror("QEditInfoOutTime", "history.go(-1)", 1);
}
}
$newstime = $r['newstime'];
$r['newstime'] = date("Y-m-d H:i:s", $r['newstime']);
//图片
$imgwidth = 170;
$imgheight = 120;
//文件验证码
$filepass = $id;
}
$tbname = $cr['tbname'];
esetcookie("qeditinfo", "dgcms");
//标题分类
$cttidswhere = '';
$tts = '';
$caddr = $empire->fetch1("select ttids from {$dbtbpre}enewsclassadd where classid='{$classid}'");
if ($caddr['ttids'] != '-') {
if ($caddr['ttids'] && $caddr['ttids'] != ',') {
$cttidswhere = ' and typeid in (' . substr($caddr['ttids'], 1, -1) . ')';
}
$ttsql = $empire->query("select typeid,tname from {$dbtbpre}enewsinfotype where mid='{$cr['modid']}'" . $cttidswhere . " order by myorder");
while ($ttr = $empire->fetch($ttsql)) {
$select = '';
if ($ttr[typeid] == $r[ttid]) {
$select = ' selected';
}
$tts .= "<option value='{$ttr['typeid']}'" . $select . ">{$ttr['tname']}</option>";
function Ebak_ChangeLanguage($add)
{
$r = explode(',', RepPostVar($add['l']));
if ($r[0] && $r[1]) {
if (file_exists('lang/' . $r[0]) && !strstr($r[0], '..') && !strstr($r[0], '/') && !strstr($r[0], "\\")) {
$lifetime = time() + 365 * 24 * 3600;
esetcookie('loginlang', $r[0], $lifetime);
esetcookie('loginlangchar', $r[1], $lifetime);
}
}
if (!$add['from']) {
$add['from'] = 'index.php';
}
echo "<script>parent.location.href='{$add['from']}';</script>";
exit;
}
function register($add)
{
global $empire, $dbtbpre, $public_r, $ecms_config;
//关闭注册
if ($public_r['register_ok']) {
printerror('CloseRegister', '', 1);
}
//验证时间段允许操作
eCheckTimeCloseDo('reg');
//验证IP
eCheckAccessDoIp('register');
if (!empty($ecms_config['member']['registerurl'])) {
Header("Location:" . $ecms_config['member']['registerurl']);
exit;
}
//已经登陆不能注册
if (getcvar('mluserid')) {
printerror('LoginToRegister', '', 1);
}
CheckCanPostUrl();
//验证来源
$username = trim($add['username']);
$password = trim($add['password']);
$username = RepPostVar($username);
$password = RepPostVar($password);
$email = RepPostStr($add['email']);
if (!$username || !$password || !$email) {
printerror("EmptyMember", "history.go(-1)", 1);
}
$tobind = (int) $add['tobind'];
//验证码
$keyvname = 'checkregkey';
if ($public_r['regkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
$user_groupid = eReturnMemberDefGroupid();
$groupid = (int) $add['groupid'];
$groupid = empty($groupid) ? $user_groupid : $groupid;
CheckMemberGroupCanReg($groupid);
//IP
$regip = egetip();
$regipport = egetipport();
//用户字数
$pr = $empire->fetch1("select min_userlen,max_userlen,min_passlen,max_passlen,regretime,regclosewords,regemailonly from {$dbtbpre}enewspublic limit 1");
$userlen = strlen($username);
if ($userlen < $pr[min_userlen] || $userlen > $pr[max_userlen]) {
printerror('FaiUserlen', '', 1);
}
//密码字数
$passlen = strlen($password);
if ($passlen < $pr[min_passlen] || $passlen > $pr[max_passlen]) {
printerror('FailPasslen', '', 1);
}
if ($add['repassword'] !== $password) {
printerror('NotRepassword', '', 1);
}
if (!chemail($email)) {
printerror('EmailFail', '', 1);
}
if (strstr($username, '|') || strstr($username, '*')) {
printerror('NotSpeWord', '', 1);
}
//同一IP注册
eCheckIpRegTime($regip, $pr['regretime']);
//保留用户
toCheckCloseWord($username, $pr['regclosewords'], 'RegHaveCloseword');
$username = RepPostStr($username);
//重复用户
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if ($num) {
printerror('ReUsername', '', 1);
}
//重复邮箱
if ($pr['regemailonly']) {
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('email') . "='{$email}' limit 1");
if ($num) {
printerror('ReEmailFail', '', 1);
}
}
//注册时间
$lasttime = time();
$registertime = eReturnAddMemberRegtime();
$rnd = make_password(20);
//产生随机密码
$userkey = eReturnMemberUserKey();
//密码
$truepassword = $password;
$salt = eReturnMemberSalt();
$password = eDoMemberPw($password, $salt);
//审核
$checked = ReturnGroupChecked($groupid);
if ($checked && $public_r['regacttype'] == 1) {
$checked = 0;
}
//验证附加表必填项
$mr['add_filepass'] = ReturnTranFilepass();
$fid = GetMemberFormId($groupid);
$member_r = ReturnDoMemberF($fid, $add, $mr, 0, $username);
$sql = $empire->query("insert into " . eReturnMemberTable() . "(" . eReturnInsertMemberF('username,password,rnd,email,registertime,groupid,userfen,userdate,money,zgroupid,havemsg,checked,salt,userkey') . ") values('{$username}','{$password}','{$rnd}','{$email}','{$registertime}','{$groupid}','{$public_r['reggetfen']}','0','0','0','0','{$checked}','{$salt}','{$userkey}');");
//取得userid
$userid = $empire->lastid();
//附加表
$addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'");
if (!$addr[userid]) {
$spacestyleid = ReturnGroupSpaceStyleid($groupid);
$sql1 = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,spacestyleid,regip,lasttime,lastip,loginnum,regipport,lastipport" . $member_r[0] . ") values('{$userid}','{$spacestyleid}','{$regip}','{$lasttime}','{$regip}','1','{$regipport}','{$regipport}'" . $member_r[1] . ");");
}
//更新附件
UpdateTheFileOther(6, $userid, $mr['add_filepass'], 'member');
ecmsEmptyShowKey($keyvname);
//清空验证码
//绑定帐号
if ($tobind) {
MemberConnect_BindUser($userid);
}
if ($sql) {
//邮箱激活
if ($checked == 0 && $public_r['regacttype'] == 1) {
include 'class/member_actfun.php';
SendActUserEmail($userid, $username, $email);
}
//审核
if ($checked == 0) {
$location = DoingReturnUrl("../../", $_POST['ecmsfrom']);
printerror("RegisterSuccessCheck", $location, 1);
}
$logincookie = 0;
if ($ecms_config['member']['regcookietime']) {
$logincookie = time() + $ecms_config['member']['regcookietime'];
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $userid, $logincookie);
$set3 = esetcookie("mlgroupid", $groupid, $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//验证符
qGetLoginAuthstr($userid, $username, $rnd, $groupid, $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl && !strstr($returnurl, "e/member/iframe") && !strstr($returnurl, "e/member/register") && !strstr($returnurl, "enews=exit")) {
$location = $returnurl;
}
$set5 = esetcookie("returnurl", "");
//易通行系统
DoEpassport('reg', $userid, $username, $truepassword, $salt, $email, $groupid, $registertime);
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("RegisterSuccess", $location, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function qlogin($add)
{
global $empire, $dbtbpre, $public_r, $ecms_config;
if ($ecms_config['member']['loginurl']) {
Header("Location:" . $ecms_config['member']['loginurl']);
exit;
}
$dopr = 1;
if ($_POST['prtype']) {
$dopr = 9;
}
$username = trim($add['username']);
$password = trim($add['password']);
if (!$username || !$password) {
printerror("EmptyLogin", "history.go(-1)", $dopr);
}
$tobind = (int) $add['tobind'];
//验证码
$keyvname = 'checkloginkey';
if ($public_r['loginkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], $dopr);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
$num = 0;
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (!$r['userid']) {
printerror("FailPassword", "history.go(-1)", $dopr);
}
if (!eDoCkMemberPw($password, $r['password'], $r['salt'])) {
printerror("FailPassword", "history.go(-1)", $dopr);
}
if ($r['checked'] == 0) {
if ($public_r['regacttype'] == 1) {
printerror('NotCheckedUser', '../member/register/regsend.php', 1);
} else {
printerror('NotCheckedUser', '', 1);
}
}
//绑定帐号
if ($tobind) {
MemberConnect_BindUser($r['userid']);
}
$rnd = make_password(20);
//取得随机密码
//默认会员组
if (empty($r['groupid'])) {
$r['groupid'] = eReturnMemberDefGroupid();
}
$r['groupid'] = (int) $r['groupid'];
$lasttime = time();
//IP
$lastip = egetip();
$lastipport = egetipport();
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('rnd') . "='{$rnd}'," . egetmf('groupid') . "='{$r['groupid']}' where " . egetmf('userid') . "='{$r['userid']}'");
$empire->query("update {$dbtbpre}enewsmemberadd set lasttime='{$lasttime}',lastip='{$lastip}',loginnum=loginnum+1,lastipport='{$lastipport}' where userid='{$r['userid']}'");
//设置cookie
$lifetime = (int) $add['lifetime'];
$logincookie = 0;
if ($lifetime) {
$logincookie = time() + $lifetime;
}
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $r['userid'], $logincookie);
$set3 = esetcookie("mlgroupid", $r['groupid'], $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//验证符
qGetLoginAuthstr($r['userid'], $username, $rnd, $r['groupid'], $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl) {
$location = $returnurl;
}
if (strstr($_SERVER['HTTP_REFERER'], "e/member/iframe")) {
$location = "../member/iframe/";
}
if (strstr($location, "enews=exit") || strstr($location, "e/member/register") || strstr($_SERVER['HTTP_REFERER'], "e/member/register")) {
$location = "../member/cp/";
$_POST['ecmsfrom'] = '';
}
ecmsEmptyShowKey($keyvname);
//清空验证码
$set6 = esetcookie("returnurl", "");
if ($set1 && $set2) {
//易通行系统
DoEpassport('login', $r['userid'], $username, $password, $r['salt'], $r['email'], $r['groupid'], $r['registertime']);
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("LoginSuccess", $location, $dopr);
} else {
printerror("NotCookie", "history.go(-1)", $dopr);
}
}
$bank_type = "0";
//------------------ 参数结束 ------------------
//支付金额
$total_fee = $money * 100;
//提交的数据
$strCmdNo = "1";
//财付通支付为"1" (当前只支持 cmdno=1)
$strBillDate = date('Ymd');
//交易日期 (yyyymmdd)
$desc = $productname;
//商品名称
$strBuyerId = "";
//QQ号码
$strSpBillNo = $ddno ? $ddno : time();
//订单号
esetcookie("checkpaysession", $strSpBillNo, 0);
//设置定单号
$strTransactionId = $bargainor_id . $strBillDate . $strSpBillNo;
//交易订单号
$attach = $strSpBillNo;
$spbill_create_ip = egetip();
//md5
$strSignText = "cmdno=" . $strCmdNo . "&date=" . $strBillDate . "&bargainor_id=" . $bargainor_id . "&transaction_id=" . $strTransactionId . "&sp_billno=" . $strSpBillNo . "&total_fee=" . $total_fee . "&fee_type=" . $fee_type . "&return_url=" . $return_url . "&attach=" . $attach . "&spbill_create_ip=" . $spbill_create_ip . "&key=" . $key;
$strSign = strtoupper(md5($strSignText));
?>
<html>
<title>财付通支付</title>
<meta http-equiv="Cache-Control" content="no-cache"/>
<body>
<form action="https://www.tenpay.com/cgi-bin/v1.0/pay_gate.cgi" name="dopaypost" id="dopaypost">
<input type=hidden name="cmdno" value="<?php
<?php
require "../../class/connect.php";
$editor = 1;
//分类id
$bid = (int) $_GET['bid'];
if (empty($bid)) {
printerror("EmptyFeedback", "", 1);
}
require "../../class/db_sql.php";
$link = db_connect();
$empire = new mysqlquery();
$br = $empire->fetch1("select bid,bname,groupid from {$dbtbpre}enewsfeedbackclass where bid='{$bid}'");
if (empty($br['bid'])) {
printerror("EmptyFeedback", "", 1);
}
//权限
if ($br['groupid']) {
include "../../class/q_functions.php";
include "../../member/class/user.php";
$user = islogin();
include "../../data/dbcache/MemberLevel.php";
if ($level_r[$br[groupid]][level] > $level_r[$user[groupid]][level]) {
echo "<script>alert('您的会员级别不足(" . $level_r[$br[groupid]][groupname] . "),没有权限提交信息!');history.go(-1);</script>";
exit;
}
}
esetcookie("feedbackbid", $bid);
$bname = $br['bname'];
$url = "<a href=../../../>首页</a> > 信息反馈";
@(include "temp/feedback" . $bid . ".php");
printerror('请选择充值类型', '', 1, 0, 1);
}
//权限
if ($buyr[buygroupid] && $level_r[$buyr[buygroupid]][level] > $level_r[$user[groupid]][level]) {
printerror('此充值类型需要 ' . $level_r[$buyr[buygroupid]][groupname] . ' 会员级别以上', '', 1, 0, 1);
}
include 'payfun.php';
$money = $buyr['gmoney'];
if (!$money) {
printerror('此充值类型金额有误', '', 1, 0, 1);
}
$ddno = '';
$productname = "充值类型:" . $buyr['gname'] . ",UID:" . $user['userid'] . ",UName:" . $user['username'];
$productsay = "用户ID:" . $user['userid'] . ",用户名:" . $user['username'];
esetcookie("payphome", "BuyGroupPay", 0);
esetcookie("paymoneybgid", $id, 0);
//返回地址前缀
$PayReturnUrlQz = $public_r['newsurl'];
if (!stristr($public_r['newsurl'], '://')) {
$PayReturnUrlQz = eReturnDomain() . $public_r['newsurl'];
}
//编码
if ($ecms_config['sets']['pagechar'] != 'gb2312') {
@(include_once "../class/doiconv.php");
$iconv = new Chinese('');
$char = $ecms_config['sets']['pagechar'] == 'big5' ? 'BIG5' : 'UTF8';
$targetchar = 'GB2312';
$productname = $iconv->Convert($char, $targetchar, $productname);
$productsay = $iconv->Convert($char, $targetchar, $productsay);
@header('Content-Type: text/html; charset=gb2312');
}
function loginout($userid,$username,$rnd){
global $empire,$dbtbpre,$ecms_config;
$userid=(int)$userid;
if(!$userid||!$username)
{
printerror("NotLogin","history.go(-1)");
}
$set1=esetcookie("loginuserid","",0,1);
$set2=esetcookie("loginusername","",0,1);
$set3=esetcookie("loginrnd","",0,1);
$set4=esetcookie("loginlevel","",0,1);
//COOKIERND
DelECookieRnd();
DelESessionRnd();
DelECookieAdminLoginFileInfo();
//FireWall
FWEmptyPassword();
//取得随机密码
$rnd=make_password(20);
$sql=$empire->query("update {$dbtbpre}enewsuser set rnd='$rnd' where userid='$userid'");
DoEDelFileRnd($userid);
DoEDelAndAuthRnd($userid);
//操作日志
insert_dolog("");
printerror("ExitSuccess","index.php");
}
eCheckCloseMods('sch');
//关闭模块
$searchtime = time();
$totalnum = (int) $_GET['totalnum'];
$firstsearch = 0;
if ($totalnum < 1) {
$firstsearch = 1;
//搜索间隔
$lastsearchtime = (int) getcvar('lastschalltime');
if ($lastsearchtime) {
if ($searchtime - $lastsearchtime < $public_r[schalltime]) {
printerror('SchallOutTime', '', 1);
}
}
//设置最后搜索时间
esetcookie('lastschalltime', $searchtime, $searchtime + 3600 * 24);
}
$page = (int) $_GET['page'];
$page = RepPIntvar($page);
$start = 0;
$page_line = $public_r['schallpagenum'];
//每页显示链接数
$line = $public_r['schallnum'];
//每页显示记录数
$offset = $start + $page * $line;
//总偏移量
//编码
$iconv = '';
$char = '';
$targetchar = '';
if ($ecms_config['sets']['pagechar'] != 'gb2312') {
require "../class/q_functions.php";
require LoadLang("pub/fun.php");
$link = db_connect();
$empire = new mysqlquery();
//验证是否登陆
$user = islogin();
//取得模型id
$mid = (int) $_GET['mid'];
if (!$mid) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
$mr = $empire->fetch1("select tbname,qmname,listfile,sonclass from {$dbtbpre}enewsmod where mid='{$mid}'");
if (!$mr['tbname'] || InfoIsInTable($mr['tbname'])) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
esetcookie("qdelinfo", "dgcms");
$totalnum = (int) $_GET['totalnum'];
$start = 0;
$page = (int) $_GET['page'];
$page = RepPIntvar($page);
$line = 25;
//每行显示
$page_line = 10;
$offset = $page * $line;
$add = '';
$search = "&mid={$mid}";
//审核表
$ecmscheck = (int) $_GET['ecmscheck'];
$addecmscheck = '';
$indexchecked = 1;
if ($ecmscheck) {
function ShopDdToPay($ddid)
{
global $empire, $dbtbpre;
$ddid = (int) $ddid;
if (!$ddid) {
printerror("NotShopDdId", "history.go(-1)", 1);
}
//是否登陆
$user_r = islogin();
$r = $empire->fetch1("select ddid,payfsid,haveprice from {$dbtbpre}enewsshopdd where ddid='{$ddid}' and userid='{$user_r['userid']}' limit 1");
if (!$r['ddid']) {
printerror("NotShopDdId", "history.go(-1)", 1);
}
if ($r['haveprice']) {
printerror("ShopDdIdHavePrice", "history.go(-1)", 1);
}
if (empty($r['payfsid'])) {
printerror("NotPayfsid", "history.go(-1)", 1);
}
//支付方式
$payr = $empire->fetch1("select payid,payurl from {$dbtbpre}enewsshoppayfs where payid='{$r['payfsid']}'");
if (!$payr['payid'] || !$payr['payurl']) {
printerror("NotPayfsid", "history.go(-1)", 1);
}
$location = $payr['payurl'];
esetcookie("paymoneyddid", $ddid, 0);
Header("Refresh:0; URL={$location}");
}
//排序
$orderby = RepPostVar($_POST['orderby']);
$myorder = (int) $_POST['myorder'];
if ($orderby) {
$orderr = ReturnDoOrderF($tempr[modid], $orderby, $myorder);
$orderby = $orderr['returnf'];
} else {
$orderby = 'newstime';
}
//是否有历史记录
if ($searchid) {
$search_num = $empire->gettotal($query);
$sql = $empire->query("update {$dbtbpre}enewssearch set searchtime='{$searchtime}',result_num='{$search_num}',onclick=onclick+1,orderby='{$orderby}',myorder='{$myorder}',tempid='{$s_tempid}' where searchid='{$searchid}'");
if (empty($search_num)) {
$searchid = 0;
}
} else {
$search_num = $empire->gettotal($query);
if (empty($search_num)) {
$searchid = 0;
} else {
$iskey = $keyboardone == 1 ? 0 : 1;
$sql = $empire->query("insert into {$dbtbpre}enewssearch(searchtime,keyboard,searchclass,result_num,searchip,classid,onclick,orderby,myorder,checkpass,tbname,tempid,iskey,andsql,trueclassid) values('{$searchtime}','{$keyboard}','{$newsearchclass}','{$search_num}','{$ip}','{$classid}',1,'{$orderby}','{$myorder}','{$checkpass}','{$tbname}','{$s_tempid}','{$iskey}','{$andsql}','{$trueclassid}')");
$searchid = $empire->lastid();
}
}
//设置最后搜索时间
$set1 = esetcookie("lastsearchtime", $searchtime, $searchtime + 3600 * 24);
db_close();
$empire = null;
Header("Location:result/?searchid={$searchid}" . $dogetvar);
function login1($username, $password, $lifetime, $key, $location)
{
global $empire, $user_tablename, $user_userid, $user_username, $user_password, $user_dopass, $user_group, $user_groupid, $user_rnd, $public_r, $user_salt, $user_saltnum, $dbtbpre, $eloginurl, $user_checked;
if ($eloginurl) {
Header("Location:{$eloginurl}");
exit;
}
$dopr = 1;
if ($_POST['prtype']) {
$dopr = 9;
}
if (!trim($username) || !trim($password)) {
printerror("EmptyLogin", "history.go(-1)", $dopr);
}
//验证码
$keyvname = 'checkloginkey';
if ($public_r['loginkey_ok']) {
ecmsCheckShowKey($keyvname, $key, $dopr);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
//编码转换
$utfusername = doUtfAndGbk($username, 0);
$password = doUtfAndGbk($password, 0);
//密码
if (empty($user_dopass)) {
$password = md5($password);
}
if ($user_dopass == 3) {
$password = substr(md5($password), 8, 16);
}
//双重md5
$num = 0;
if ($user_dopass == 2) {
$ur = $empire->fetch1("select " . $user_userid . "," . $user_salt . "," . $user_password . " from " . $user_tablename . " where " . $user_username . "='{$utfusername}' limit 1");
$password = md5(md5($password) . $ur[$user_salt]);
$num = 0;
if ($password == $ur[$user_password]) {
$num = 1;
}
if (empty($ur[$user_userid])) {
$num = 0;
}
} else {
$num = $empire->gettotal("select count(*) as total from " . $user_tablename . " where " . $user_username . "='{$utfusername}' and " . $user_password . "='" . $password . "' limit 1");
}
if (!$num) {
printerror("FailPassword", "history.go(-1)", $dopr);
}
$r = $empire->fetch1("select * from " . $user_tablename . " where " . $user_username . "='{$utfusername}' limit 1");
if ($r[$user_checked] == 0) {
if ($public_r['regacttype'] == 1) {
printerror('NotCheckedUser', '../member/register/regsend.php', 1);
} else {
printerror('NotCheckedUser', '', 1);
}
}
$time = date("Y-m-d H:i:s");
$rnd = make_password(12);
//取得随机密码
//默认会员组
if (empty($r[$user_group])) {
$r[$user_group] = $user_groupid;
}
$r[$user_group] = (int) $r[$user_group];
$usql = $empire->query("update " . $user_tablename . " set " . $user_rnd . "='{$rnd}'," . $user_group . "=" . $r[$user_group] . " where " . $user_userid . "='{$r[$user_userid]}'");
//设置cookie
$logincookie = 0;
if ($lifetime) {
$logincookie = time() + $lifetime;
}
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $r[$user_userid], $logincookie);
$set3 = esetcookie("mlgroupid", $r[$user_group], $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl) {
$location = $returnurl;
}
if (strstr($_SERVER['HTTP_REFERER'], "e/member/iframe")) {
$location = "../member/iframe/";
}
if (strstr($location, "enews=exit") || strstr($location, "e/member/register") || strstr($_SERVER['HTTP_REFERER'], "e/member/register")) {
$location = "../member/cp/";
$_POST['ecmsfrom'] = '';
}
ecmsEmptyShowKey($keyvname);
//清空验证码
$set6 = esetcookie("returnurl", "");
if ($set1 && $set2) {
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("LoginSuccess", $location, $dopr);
} else {
printerror("NotCookie", "history.go(-1)", $dopr);
}
}
function AddInfoPfen($add)
{
global $empire, $dbtbpre, $class_r;
$id = (int) $add['id'];
$classid = (int) $add['classid'];
$fen = (int) $add['fen'];
$doajax = (int) $add['doajax'];
if (!$id || !$classid || !$class_r[$classid]['tbname']) {
$doajax == 1 ? ajax_printerror('', '', 'ErrorUrl', 1) : printerror('ErrorUrl', '', 1);
}
//连续发表
if (getcvar('lastforfenid') == $classid . 'n' . $id) {
$doajax == 1 ? ajax_printerror('', '', 'ReDoForPl', 1) : printerror('ReDoForPl', '', 1);
}
if ($fen < 1) {
$fen = 1;
}
if ($fen > 5) {
$fen = 5;
}
$sql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid]['tbname'] . " set infopfen=infopfen+{$fen},infopfennum=infopfennum+1 where id={$id} and classid={$classid}");
if ($sql) {
esetcookie('lastforfenid', $classid . 'n' . $id, time() + 30 * 24 * 3600);
//最后发布
if ($doajax == 1) {
$nr = $empire->fetch1("select infopfen,infopfennum from {$dbtbpre}ecms_" . $class_r[$classid]['tbname'] . " where id='{$id}' and classid='{$classid}'");
$infopfen = $nr[infopfennum] ? round($nr[infopfen] / $nr[infopfennum]) : 0;
ajax_printerror($infopfen, $add['ajaxarea'], 'AddInfoPfen', 1);
} else {
printerror('AddInfoPfen', $_SERVER['HTTP_REFERER'], 1);
}
} else {
$doajax == 1 ? ajax_printerror('', '', 'DbError', 1) : printerror('DbError', '', 1);
}
}
