/** 验证 app
* app_chk function.
*
* @access public
* @param mixed $arr_appRequest
* @param mixed $arr_appRow
* @return void
*/
function app_chk($arr_appRequest, $arr_appRow)
{
if ($arr_appRequest["alert"] != "ok") {
return $arr_appRow;
}
if ($arr_appRow["app_status"] != "enable") {
return array("alert" => "x050402");
}
$_str_ip = fn_getIp();
if (!fn_isEmpty($arr_appRow["app_ip_allow"])) {
$_str_ipAllow = str_ireplace(PHP_EOL, "|", $arr_appRow["app_ip_allow"]);
if (!fn_regChk($_str_ip, $_str_ipAllow, true)) {
return array("alert" => "x050212");
}
} else {
if (!fn_isEmpty($arr_appRow["app_ip_bad"])) {
$_str_ipBad = str_ireplace(PHP_EOL, "|", $arr_appRow["app_ip_bad"]);
if (fn_regChk($_str_ip, $_str_ipBad)) {
return array("alert" => "x050213");
}
}
}
if ($arr_appRow["app_key"] != $arr_appRequest["app_key"]) {
return array("alert" => "x050217");
}
return array("alert" => "ok");
}
/**
* ajax_submit function.
*
* @access public
* @return void
*/
function ajax_submit()
{
$_arr_adminSubmit = $this->mdl_admin->input_submit();
if ($_arr_adminSubmit["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]);
}
$_str_adminPassDo = "";
$_str_adminRand = "";
if ($_arr_adminSubmit["admin_id"] > 0) {
if (!isset($this->adminLogged["admin_allow"]["admin"]["edit"]) && !$this->is_super) {
$this->obj_ajax->halt_alert("x020303");
}
if ($_arr_adminSubmit["admin_id"] == $this->adminLogged["admin_id"] && !$this->is_super) {
$this->obj_ajax->halt_alert("x020306");
}
$_str_adminPass = fn_post("admin_pass");
if (!fn_isEmpty($_str_adminPass)) {
$_str_adminRand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
}
} else {
if (!isset($this->adminLogged["admin_allow"]["admin"]["add"]) && !$this->is_super) {
$this->obj_ajax->halt_alert("x020302");
}
$_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPass["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x020205");
break;
case "ok":
$_str_adminPass = $_arr_adminPass["str"];
break;
}
$_str_adminRand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
}
$_arr_adminRow = $this->mdl_admin->mdl_submit($_str_adminPassDo, $_str_adminRand);
if ($_arr_adminRow["alert"] == "y020101" || $_arr_adminRow["alert"] == "y020103") {
$_arr_targets[] = array("admin_id" => $_arr_adminRow["admin_id"]);
$_str_targets = json_encode($_arr_targets);
if ($_arr_adminRow["alert"] == "y020101") {
$_type = "add";
} else {
$_type = "edit";
}
$_str_adminRow = json_encode($_arr_adminRow);
$_arr_logData = array("log_targets" => $_str_targets, "log_target_type" => "admin", "log_title" => $this->log["admin"][$_type], "log_result" => $_str_adminRow, "log_type" => "admin");
$this->mdl_log->mdl_submit($_arr_logData, $this->adminLogged["admin_id"]);
}
$this->obj_ajax->halt_alert($_arr_adminRow["alert"]);
}
/** 签名
* sso_signature function.
*
* @access public
* @param mixed $tm_time
* @param mixed $str_rand
* @return void
*/
function sso_signature($arr_params)
{
$_arr_sso = array("act_post" => "signature", "params" => $arr_params);
$_str_return = "";
$_arr_ssoData = array_merge($this->arr_data, $_arr_sso);
//合并数组
$_arr_get = fn_http(BG_SSO_URL . "?mod=signature", $_arr_ssoData, "post");
//提交
$_arr_return = fn_jsonDecode($_arr_get["ret"], "no");
if (!fn_isEmpty($_arr_return["signature"])) {
$_str_return = $_arr_return["signature"];
}
return $_str_return;
}
/**
* api_signature function.
*
* @access public
* @return void
*/
function api_signature()
{
$this->app_check("post");
$_arr_params = fn_post("params");
if ($_arr_params) {
foreach ($_arr_params as $_key => $_value) {
if (!fn_isEmpty($_value)) {
$_arr_paramsSrc[$_key] = fn_getSafe($_value, "txt", "");
}
}
}
$_str_sign = $this->obj_sign->sign_make($_arr_paramsSrc);
$_arr_return = array("signature" => $_str_sign, "alert" => "y050404");
$this->obj_api->halt_re($_arr_return);
}
/** 获取 IP
* fn_getIp function.
*
* @access public
* @return void
*/
function fn_getIp()
{
if (isset($_SERVER)) {
if (fn_isEmpty(fn_server("REMOTE_ADDR"))) {
$_str_ip = "0.0.0.0";
} else {
$_str_ip = fn_server("REMOTE_ADDR");
}
} else {
if (fn_isEmpty(getenv("REMOTE_ADDR"))) {
$_str_ip = "0.0.0.0";
} else {
$_str_ip = getenv("REMOTE_ADDR");
}
}
return $_str_ip;
}
function sign_make($arr_params)
{
unset($arr_params["signature"], $arr_params["alert"]);
$_arr_params = array();
foreach ($arr_params as $_key => $_value) {
if (!fn_isEmpty($_value)) {
$_arr_params[$_key] = $_value;
}
}
ksort($_arr_params);
reset($_arr_params);
$_str_signSrc = http_build_query($_arr_params);
//如果存在转义字符,那么去掉转义
if (get_magic_quotes_gpc()) {
$_str_signSrc = stripslashes($_str_signSrc);
}
return md5($_str_signSrc);
}
function getUi()
{
if (BG_SWITCH_UI == 1) {
//界面开关为开
$str_ui = fn_getSafe(fn_get("ui"), "txt", "");
if (!fn_isEmpty($str_ui)) {
//查询串指定
$_str_return = $str_ui;
} else {
/*if (fn_cookie("cookie_ui")) { //cookie 指定
$_str_return = fn_cookie("cookie_ui");
} else { //系统识别*/
$_str_return = BG_DEFAULT_UI;
//客户端是 pc
//}
}
} else {
//界面开关为关
$_str_return = BG_DEFAULT_UI;
//默认界面
}
$this->config["ui"] = $_str_return;
}
function fn_ssin_begin()
{
$_mdl_admin = new MODEL_ADMIN();
//设置管理员模型
$_num_adminTimeDiff = fn_session("admin_ssin_time") + BG_DEFAULT_SESSION;
//session有效期
if (fn_isEmpty(fn_session("admin_id")) || fn_isEmpty(fn_session("admin_ssin_time")) || fn_isEmpty(fn_session("admin_hash")) || $_num_adminTimeDiff < time()) {
fn_ssin_end();
$_arr_adminRow["alert"] = "x020401";
return $_arr_adminRow;
exit;
}
$_arr_adminRow = $_mdl_admin->mdl_read(fn_session("admin_id"));
//print_r($_arr_adminRow);
if (fn_baigoEncrypt($_arr_adminRow["admin_time"], $_arr_adminRow["admin_rand"]) != fn_session("admin_hash")) {
fn_ssin_end();
$_arr_adminRow["alert"] = "x020403";
return $_arr_adminRow;
exit;
}
fn_session("admin_ssin_time", "mk", time());
return $_arr_adminRow;
}
private function check_db()
{
if (!fn_token("chk")) {
//令牌
$this->obj_ajax->halt_alert("x030206");
}
if (fn_isEmpty(BG_DB_HOST) || fn_isEmpty(BG_DB_NAME) || fn_isEmpty(BG_DB_USER) || fn_isEmpty(BG_DB_PASS) || fn_isEmpty(BG_DB_CHARSET)) {
$this->obj_ajax->halt_alert("x030412");
} else {
if (!defined("BG_DB_PORT")) {
define("BG_DB_PORT", "3306");
}
$_cfg_host = array("host" => BG_DB_HOST, "name" => BG_DB_NAME, "user" => BG_DB_USER, "pass" => BG_DB_PASS, "charset" => BG_DB_CHARSET, "debug" => BG_DEBUG_DB, "port" => BG_DB_PORT);
$GLOBALS["obj_db"] = new CLASS_MYSQLI($_cfg_host);
//设置数据库对象
$this->obj_db = $GLOBALS["obj_db"];
if (!$this->obj_db->connect()) {
$this->obj_ajax->halt_alert("x030111");
}
if (!$this->obj_db->select_db()) {
$this->obj_ajax->halt_alert("x030112");
}
}
}
function v_reg($str, $format)
{
switch ($format) {
case "date":
$_reg = "/^[0-9]{4}-(((0?[13578]|(10|12))-(0?[1-9]|[1-2][0-9]|3[0-1]))|(0?2-(0[1-9]|[1-2][0-9]))|((0?[469]|11)-(0[1-9]|[1-2][0-9]|30)))\$/";
//日期
break;
case "time":
$_reg = "/^(([1-9]{1})|([0-1][0-9])|([1-2][0-3])):([0-5][0-9])(:([0-5][0-9]))?\$/";
break;
case "datetime":
//日期时间
$_reg = "/^[0-9]{4}-(((0?[13578]|(10|12))-(0?[1-9]|[1-2][0-9]|3[0-1]))|(0?2-(0[1-9]|[1-2][0-9]))|((0?[469]|11)-(0[1-9]|[1-2][0-9]|30)))\\s(([1-9]{1})|([0-1][0-9])|([1-2][0-3])):([0-5][0-9])(:([0-5][0-9]))?\$/";
break;
case "int":
$_reg = "/^(\\+|-)?\\d*\$/";
//整数
break;
case "digit":
$_reg = "/^(\\+|-)?\\d*(\\.\\d+)*\$/";
//数值,可以包含小数点
break;
case "email":
$_reg = "/^\\w+(-\\w+)*(\\.\\w+(-\\w+)*)*@\\w+(\\.\\w+)+\$/";
//Email
break;
case "url":
$_reg = "/^(http|ftp)s?:\\/\\/\\w+(-\\w+)*(\\.\\w+(-\\w+)*)+(/\\w+(-\\w+)*)*(\\.\\w+)*\\??(&?\\w+=\\w+)*(/\\w+(-\\w+)*)*\$/";
//URL地址
break;
case "alphabetDigit":
$_reg = "/^[a-zA-Z\\d]*\$/";
//数字英文字母
break;
case "strDigit":
$_reg = "/^[\\x{4e00}-\\x{9fa5}a-zA-Z\\d-_]*\$/u";
// "/^[\\\u4e00-\\\u9fa5|\\\uf900-\\\ufa2d|\w]*$/" 中文字母数字下划线连字符
break;
case "alias":
$_reg = "/^[a-zA-Z\\d-_]*\$/";
// "/^[\\\u4e00-\\\u9fa5|\\\uf900-\\\ufa2d|\w]*$/" 字母数字下划线连字符
break;
default:
$_reg = "";
//默认
break;
}
if (!fn_isEmpty($str) && $format != "text") {
//如果值不为空,且格式不为text则验证
if (preg_match($_reg, $str)) {
return true;
//验证通过,返回正确
} else {
return false;
//验证失败,返回错误
}
} else {
return true;
//如果为text,直接返回正确
}
}
function ctl_mailbox()
{
$_num_verifyId = fn_getSafe(fn_get("verify_id"), "int", 0);
$_str_verifyToken = fn_getSafe(fn_get("verify_token"), "txt", "");
if ($_num_verifyId < 1) {
return array("alert" => "x120201");
}
if (fn_isEmpty($_str_verifyToken)) {
return array("alert" => "x120202");
}
$_arr_verifyRow = $this->mdl_verify->mdl_read($_num_verifyId);
if ($_arr_verifyRow["alert"] != "y120102") {
return $_arr_verifyRow;
}
if ($_arr_verifyRow["verify_status"] != "enable") {
return array("alert" => "x120203");
}
if ($_arr_verifyRow["verify_token_expire"] < time()) {
return array("alert" => "x120204");
}
if (fn_baigoEncrypt($_arr_verifyRow["verify_token"], $_arr_verifyRow["verify_rand"]) != $_str_verifyToken) {
return array("alert" => "x120205");
}
$_arr_userRow = $this->mdl_user->mdl_read($_arr_verifyRow["verify_user_id"]);
if ($_arr_userRow["alert"] != "y010102") {
return $_arr_userRow;
}
$_arr_verifyRow["verify_token"] = $_str_verifyToken;
$_arr_tplData = array("userRow" => $_arr_userRow, "verifyRow" => $_arr_verifyRow);
$this->obj_tpl->tplDisplay("reg_mailbox.tpl", $_arr_tplData);
return array("alert" => "y010102");
}
private function check_db()
{
if (fn_isEmpty(BG_DB_HOST) || fn_isEmpty(BG_DB_NAME) || fn_isEmpty(BG_DB_USER) || fn_isEmpty(BG_DB_PASS) || fn_isEmpty(BG_DB_CHARSET)) {
return false;
} else {
if (!defined("BG_DB_PORT")) {
define("BG_DB_PORT", "3306");
}
$_cfg_host = array("host" => BG_DB_HOST, "name" => BG_DB_NAME, "user" => BG_DB_USER, "pass" => BG_DB_PASS, "charset" => BG_DB_CHARSET, "debug" => BG_DEBUG_DB, "port" => BG_DB_PORT);
$GLOBALS["obj_db"] = new CLASS_MYSQLI($_cfg_host);
//设置数据库对象
$this->obj_db = $GLOBALS["obj_db"];
if (!$this->obj_db->connect()) {
return false;
}
if (!$this->obj_db->select_db()) {
return false;
}
return true;
}
}
/**
* ajax_chkmail function.
*
* @access public
* @return void
*/
function ajax_chkmail()
{
$_arr_userMail = $this->mdl_user->input_chk_mail();
if ($_arr_userMail["alert"] != "ok") {
$this->obj_ajax->halt_re($_arr_userMail["alert"]);
}
if (!fn_isEmpty($_arr_userMail["user_mail"])) {
$_arr_userRow = $this->mdl_user->mdl_read($_arr_userMail["user_mail"], "user_mail", $_arr_userMail["not_id"]);
if ($_arr_userRow["alert"] == "y010102") {
$this->obj_ajax->halt_re("x010211");
}
}
$arr_re = array("re" => "ok");
exit(json_encode($arr_re));
}
/**
* api_chkname function.
*
* @access public
* @return void
*/
function api_list()
{
$this->app_check("get");
if (!isset($this->appAllow["pm"]["list"])) {
$_arr_return = array("alert" => "x050319");
$_arr_logTarget[] = array("app_id" => $this->appRequest["app_id"]);
$_arr_logType = array("pm", "list");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userRow = $this->user_check("get");
$_num_perPage = fn_getSafe(fn_get("per_page"), "int", BG_SITE_PERPAGE);
$_str_pmIds = fn_getSafe(fn_get("pm_ids"), "txt", "");
$_str_type = fn_getSafe(fn_get("pm_type"), "txt", "");
$_str_status = fn_getSafe(fn_get("pm_status"), "txt", "");
$_str_key = fn_getSafe(fn_get("key"), "txt", "");
$_arr_sign = array("act_get" => $GLOBALS["act_get"], $this->userRequest["user_by"] => $this->userRequest["user_str"], "user_access_token" => $this->userRequest["user_access_token"], "pm_ids" => $_str_pmIds, "pm_type" => $_str_type, "pm_status" => $_str_status, "key" => $_str_key);
if (!fn_isEmpty(fn_get("per_page"))) {
$_arr_sign["per_page"] = $_num_perPage;
}
//file_put_contents(BG_PATH_ROOT . "debug.txt", json_encode($_arr_sign), FILE_APPEND);
if (!$this->obj_sign->sign_check(array_merge($this->appRequest, $_arr_sign), $this->appRequest["signature"])) {
$_arr_return = array("alert" => "x050403");
$this->obj_api->halt_re($_arr_return);
}
$_arr_pmIds = array();
if (!fn_isEmpty($_str_pmIds)) {
if (stristr($_str_pmIds, "|")) {
$_arr_pmIds = explode("|", $_str_pmIds);
} else {
$_arr_pmIds = array($_str_pmIds);
}
}
if (fn_isEmpty($_str_type)) {
$_arr_return = array("alert" => "x110218");
$this->obj_api->halt_re($_arr_return);
}
$_arr_search = array("type" => $_str_type, "status" => $_str_status, "key" => $_str_key, "pm_ids" => $_arr_pmIds);
switch ($_str_type) {
case "in":
$_arr_search["pm_to"] = $_arr_userRow["user_id"];
break;
case "out":
$_arr_search["pm_from"] = $_arr_userRow["user_id"];
break;
}
$_num_pmCount = $this->mdl_pm->mdl_count($_arr_search);
$_arr_page = fn_page($_num_pmCount);
$_arr_pmRows = $this->mdl_pm->mdl_list($_num_perPage, $_arr_page["except"], $_arr_search);
foreach ($_arr_pmRows as $_key => $_value) {
$_arr_pmRows[$_key]["fromUser"] = $this->mdl_user->mdl_read_api($_value["pm_from"]);
$_arr_pmRows[$_key]["toUser"] = $this->mdl_user->mdl_read_api($_value["pm_to"]);
if ($_str_type == "out") {
$_arr_sendRow = $this->mdl_pm->mdl_read($_value["pm_send_id"]);
if ($_arr_sendRow["alert"] != "y110102") {
$_arr_pmRows[$_key]["pm_send_status"] = "revoke";
} else {
$_arr_pmRows[$_key]["pm_send_status"] = $_arr_sendRow["pm_status"];
}
}
}
//print_r($_arr_pmRows);
$_arr_return = array("pmRows" => $_arr_pmRows, "pageRow" => $_arr_page);
$_str_src = fn_jsonEncode($_arr_return, "encode");
$_str_code = $this->obj_crypt->encrypt($_str_src, $this->appRow["app_key"]);
$_arr_return = array("code" => $_str_code, "alert" => "y110402");
$this->obj_api->halt_re($_arr_return);
}
/** 列出及统计 SQL 处理
* sql_process function.
*
* @access private
* @param array $arr_search (default: array())
* @return void
*/
private function sql_process($arr_search = array())
{
$_str_sqlWhere = "1=1";
if (isset($arr_search["key"]) && !fn_isEmpty($arr_search["key"])) {
$_str_sqlWhere .= " AND (log_target_type LIKE '%" . $arr_search["key"] . "%' OR log_result LIKE '%" . $arr_search["key"] . "%')";
}
if (isset($arr_search["type"]) && !fn_isEmpty($arr_search["type"])) {
$_str_sqlWhere .= " AND log_type='" . $arr_search["type"] . "'";
}
if (isset($arr_search["status"]) && !fn_isEmpty($arr_search["status"])) {
$_str_sqlWhere .= " AND log_status='" . $arr_search["status"] . "'";
}
if (isset($arr_search["level"]) && !fn_isEmpty($arr_search["level"])) {
$_str_sqlWhere .= " AND log_level='" . $arr_search["level"] . "'";
}
if (isset($arr_search["operator_id"]) && $arr_search["operator_id"] > 0) {
$_str_sqlWhere .= " AND log_operator_id=" . $arr_search["operator_id"];
}
return $_str_sqlWhere;
}
/** JSON 解码 (内容可解码自 base64)
* fn_jsonDecode function.
*
* @access public
* @param string $str_json (default: "")
* @param string $method (default: "")
* @return void
*/
function fn_jsonDecode($str_json = "", $method = "")
{
if (fn_isEmpty($str_json)) {
$arr_json = array();
} else {
$arr_json = json_decode($str_json, true);
//json解码
$arr_json = fn_eachArray($arr_json, $method);
}
return $arr_json;
}
/** 列出及统计 SQL 处理
* sql_process function.
*
* @access private
* @param array $arr_search (default: array())
* @return void
*/
private function sql_process($arr_search = array())
{
$_str_sqlWhere = "1=1";
if (isset($arr_search["key"]) && !fn_isEmpty($arr_search["key"])) {
$_str_sqlWhere .= " AND (pm_title LIKE '%" . $arr_search["key"] . "%' OR pm_content LIKE '%" . $arr_search["key"] . "%')";
}
if (isset($arr_search["status"]) && !fn_isEmpty($arr_search["status"])) {
$_str_sqlWhere .= " AND pm_status='" . $arr_search["status"] . "'";
}
if (isset($arr_search["type"]) && !fn_isEmpty($arr_search["type"])) {
$_str_sqlWhere .= " AND pm_type='" . $arr_search["type"] . "'";
}
if (isset($arr_search["pm_from"]) && $arr_search["pm_from"] > 0) {
$_str_sqlWhere .= " AND pm_from=" . $arr_search["pm_from"];
}
if (isset($arr_search["pm_to"]) && $arr_search["pm_to"] > 0) {
$_str_sqlWhere .= " AND pm_to=" . $arr_search["pm_to"];
}
if (isset($arr_search["pm_ids"]) && $arr_search["pm_ids"]) {
$_str_pmIds = implode(",", $arr_search["pm_ids"]);
$_str_sqlWhere .= " AND pm_in (" . $_str_pmIds . ")";
}
return $_str_sqlWhere;
}
/** 列出及统计 SQL 处理
* sql_process function.
*
* @access private
* @param array $arr_search (default: array())
* @return void
*/
private function sql_process($arr_search = array())
{
$_str_sqlWhere = "1=1";
if (isset($arr_search["key"]) && !fn_isEmpty($arr_search["key"])) {
$_str_sqlWhere .= " AND (user_name LIKE '%" . $arr_search["key"] . "%' OR user_name LIKE '%" . $arr_search["key"] . "%' OR user_mail LIKE '%" . $arr_search["key"] . "%' OR user_note LIKE '%" . $arr_search["key"] . "%')";
}
if (isset($arr_search["key_name"]) && !fn_isEmpty($arr_search["key_name"])) {
$_str_sqlWhere .= " AND user_name LIKE '%" . $arr_search["key_name"] . "%'";
}
if (isset($arr_search["key_mail"]) && !fn_isEmpty($arr_search["key_mail"])) {
$_str_sqlWhere .= " AND user_mail LIKE '%" . $arr_search["key_mail"] . "%'";
}
if (isset($arr_search["min_id"]) && $arr_search["min_id"] > 0) {
$_str_sqlWhere .= " AND user_id>=" . $arr_search["min_id"];
}
if (isset($arr_search["max_id"]) && $arr_search["max_id"] > 0) {
$_str_sqlWhere .= " AND user_id<=" . $arr_search["max_id"];
}
if (isset($arr_search["begin_time"]) && $arr_search["begin_time"] > 0) {
$_str_sqlWhere .= " AND user_time>=" . $arr_search["begin_time"];
}
if (isset($arr_search["end_time"]) && $arr_search["end_time"] > 0) {
$_str_sqlWhere .= " AND user_time<=" . $arr_search["end_time"];
}
if (isset($arr_search["begin_login"]) && $arr_search["begin_login"] > 0) {
$_str_sqlWhere .= " AND user_time_login>=" . $arr_search["begin_login"];
}
if (isset($arr_search["end_login"]) && $arr_search["end_login"] > 0) {
$_str_sqlWhere .= " AND user_time_login<=" . $arr_search["end_login"];
}
if (isset($arr_search["status"]) && !fn_isEmpty($arr_search["status"])) {
$_str_sqlWhere .= " AND user_status='" . $arr_search["status"] . "'";
}
if (isset($arr_search["user_names"]) && $arr_search["user_names"]) {
$_str_userNames = implode("','", $arr_search["user_names"]);
$_str_sqlWhere .= " AND user_name IN ('" . $_str_userNames . "')";
}
return $_str_sqlWhere;
}
/**
* api_chkmail function.
*
* @access public
* @return void
*/
function api_chkmail()
{
$this->app_check("get");
$_arr_userMail = $this->mdl_user->input_chk_mail();
if (BG_REG_ONEMAIL == "false" || BG_LOGIN_MAIL == "on") {
//不允许重复
if ($_arr_userMail["alert"] != "ok") {
$this->obj_api->halt_re($_arr_userMail);
}
if (!fn_isEmpty($_arr_userMail["user_mail"])) {
$_arr_userRow = $this->mdl_user->mdl_read_api($_arr_userMail["user_mail"], "user_mail", $_arr_userMail["not_id"]);
if ($_arr_userRow["alert"] == "y010102") {
$_str_alert = "x010211";
} else {
$_str_alert = "y010211";
}
} else {
$_str_alert = "y010211";
}
} else {
$_str_alert = "y010211";
}
$_arr_sign = array("act_get" => $GLOBALS["act_get"], "user_mail" => $_arr_userMail["user_mail"], "not_id" => $_arr_userMail["not_id"]);
if (!$this->obj_sign->sign_check(array_merge($this->appRequest, $_arr_sign), $this->appRequest["signature"])) {
$_str_alert = "x050403";
}
$_arr_return = array("alert" => $_str_alert);
$this->obj_api->halt_re($_arr_return);
}
/** 列出及统计 SQL 处理
* sql_process function.
*
* @access private
* @param array $arr_search (default: array())
* @return void
*/
private function sql_process($arr_search = array())
{
$_str_sqlWhere = "1=1";
if (isset($arr_search["key"]) && !fn_isEmpty($arr_search["key"])) {
$_str_sqlWhere .= " AND (app_name LIKE '%" . $arr_search["key"] . "%' OR app_note LIKE '%" . $arr_search["key"] . "%')";
}
if (isset($arr_search["status"]) && !fn_isEmpty($arr_search["status"])) {
$_str_sqlWhere .= " AND app_status='" . $arr_search["status"] . "'";
}
if (isset($arr_search["sync"]) && !fn_isEmpty($arr_search["sync"])) {
$_str_sqlWhere .= " AND app_sync='" . $arr_search["sync"] . "'";
}
if (isset($arr_search["has_notify"])) {
$_str_sqlWhere .= " AND LENGTH(app_url_notify)>0";
}
if (isset($arr_search["has_sync"])) {
$_str_sqlWhere .= " AND LENGTH(app_url_sync)>0";
}
if (isset($arr_search["not_ids"]) && $arr_search["not_ids"]) {
$_str_appIds = implode(",", $arr_search["not_ids"]);
$_str_sqlWhere .= " AND app_id NOT IN (" . $_str_appIds . ")";
}
return $_str_sqlWhere;
}
function select($table, $data = "", $where = "", $group = "", $order = "", $length = 0, $start = 0, $distinct = "", $field = false)
{
$sql = "SELECT";
if ($data) {
if ($field) {
$sql .= " " . implode(",", $data);
} else {
$sql .= " `" . implode("`,`", $data) . "`";
}
} else {
$sql .= " *";
}
if ($distinct) {
$sql .= ", COUNT(DISTINCT `" . implode(",", $distinct) . "`)";
}
$sql .= " FROM `" . $table . "`";
if (!fn_isEmpty($where)) {
$sql .= " WHERE " . $where;
}
if (!fn_isEmpty($group)) {
$sql .= " GROUP BY " . $group;
}
if (!fn_isEmpty($order)) {
$sql .= " ORDER BY " . $order;
}
if ($length > 0) {
$sql .= " LIMIT " . $start . ", " . $length;
}
//print_r($sql);
/*if ($field) {
print_r($sql . "\n");
}*/
$this->db_rs = $this->query($sql);
if (!$this->db_rs) {
return false;
}
$obj = array();
while ($obj_temp = $this->fetch_assoc($this->db_rs)) {
$obj[] = $obj_temp;
unset($obj_temp);
}
return $obj;
}
/** 列出及统计 SQL 处理
* sql_process function.
*
* @access private
* @param array $arr_search (default: array())
* @return void
*/
private function sql_process($arr_search = array())
{
$_str_sqlWhere = "1=1";
if (isset($arr_search["key"]) && !fn_isEmpty($arr_search["key"])) {
$_str_sqlWhere .= " AND (admin_name LIKE '%" . $arr_search["key"] . "%' OR admin_note LIKE '%" . $arr_search["key"] . "%' OR admin_nick LIKE '%" . $arr_search["key"] . "%')";
}
if (isset($arr_search["status"]) && !fn_isEmpty($arr_search["status"])) {
$_str_sqlWhere .= " AND admin_status='" . $arr_search["status"] . "'";
}
if (isset($arr_search["type"]) && !fn_isEmpty($arr_search["type"])) {
$_str_sqlWhere .= " AND admin_type='" . $arr_search["type"] . "'";
}
return $_str_sqlWhere;
}
<?php
/*-----------------------------------------------------------------
!!!!警告!!!!
以下为系统文件,请勿修改
-----------------------------------------------------------------*/
//不能非法包含或直接执行
if (!defined("IN_BAIGO")) {
exit("Access Denied");
}
if ($GLOBALS["adminLogged"]["alert"] != "y020102") {
if ($GLOBALS["view"] == "iframe") {
$_str_location = "Location: " . BG_URL_ADMIN . "ctl.php?mod=alert&act_get=show&alert=" . $GLOBALS["adminLogged"]["alert"] . "&view=" . $GLOBALS["view"];
} else {
if (!fn_isEmpty(fn_server("REQUEST_URI"))) {
$_str_attach = fn_forward(fn_server("REQUEST_URI"));
}
$_str_location = "Location: " . BG_URL_ADMIN . "ctl.php?mod=logon&forward=" . $_str_attach;
}
header($_str_location);
//未登录就跳转至登录界面
exit;
}
} else {
error_reporting(E_ALL & ~E_DEPRECATED & ~E_STRICT);
}
include_once BG_PATH_FUNC . "common.func.php";
//载入通用函数
include_once BG_PATH_FUNC . "validate.func.php";
//载入表单验证函数
include_once BG_PATH_CLASS . "dir.class.php";
//载入模板类
$GLOBALS["act_post"] = fn_getSafe(fn_post("act_post"), "txt", "");
//表单动作
$GLOBALS["act_get"] = fn_getSafe(fn_get("act_get"), "txt", "");
//查询串动作
$GLOBALS["view"] = fn_getSafe(fn_request("view"), "txt", "");
//界面 (是否 iframe)
if (!fn_isEmpty($GLOBALS["view"])) {
$_url_attach = "&view=" . $GLOBALS["view"];
}
function fn_init($arr_set = array())
{
//$base = false, $ssin = false, $header = "Content-Type: text/html; charset=utf-8", $db = false, $ajax = "", $admin = false, $is_ssin_db = true
if (isset($arr_set["db"])) {
//连接数据库
include_once BG_PATH_CLASS . "mysqli.class.php";
//载入数据库类
if (!defined("BG_DB_PORT")) {
define("BG_DB_PORT", "3306");
}
$_cfg_host = array("host" => BG_DB_HOST, "name" => BG_DB_NAME, "user" => BG_DB_USER, "pass" => BG_DB_PASS, "charset" => BG_DB_CHARSET, "debug" => BG_DEBUG_DB);
$GLOBALS["obj_db"] = new CLASS_MYSQLI($_cfg_host);
//设置数据库对象
