Пример #1
0
function get_url_path()
{
    $port = gpc('SERVER_PORT', 'S');
    $portadd = $port == 80 ? '' : ':80';
    $host = gpc('HTTP_HOST', 'S');
    //$schme = self::gpc('SERVER_PROTOCOL', 'S');
    $path = substr(gpc('PHP_SELF', 'S'), 0, strrpos(gpc('PHP_SELF', 'S'), '/'));
    return "http://{$host}{$portadd}{$path}/";
}
Пример #2
0
 public static function init_lang_tpl()
 {
     global $C, $settings, $auth;
     $dir = PHPDISK_ROOT . 'system/global/';
     make_dir($dir);
     $file = $dir . 'lang_settings.inc.php';
     file_exists($file) ? require_once $file : lang_cache();
     $file = $dir . 'tpl_settings.inc.php';
     file_exists($file) ? require_once $file : tpl_cache();
     if (count($tpl_settings)) {
         foreach ($tpl_settings as $v) {
             if ($v[actived] && $v[tpl_type] == 'user') {
                 $user_tpl_dir = $v[tpl_name];
             }
             if ($v[actived] && $v[tpl_type] == 'admin') {
                 $admin_tpl_dir = $v[tpl_name];
             }
         }
     }
     if (count($lang_settings)) {
         foreach ($lang_settings as $v) {
             if ($v[actived]) {
                 $lang_name = $v[lang_name];
             }
         }
     }
     if ($settings[open_switch_tpls]) {
         $ptpl = gpc('ptpl', 'C', '');
         $user_tpl_dir = $C[tpl_name] = $ptpl ? check_template($ptpl) ? $ptpl : $user_tpl_dir : $user_tpl_dir;
         //$C[tpl_name] = $user_tpl_dir;
     }
     $arr = get_template_info($user_tpl_dir);
     $is_fms = $arr['template_core'] == 'fms' && $auth[open_fms] ? 1 : 0;
     $user_tpl_dir = $user_tpl_dir ? "templates/{$user_tpl_dir}/" : 'templates/default/';
     $admin_tpl_dir = $admin_tpl_dir ? "templates/{$admin_tpl_dir}/" : 'templates/admin/';
     $lang_name = $lang_name ? $lang_name : 'zh_cn';
     return array('user_tpl_dir' => $user_tpl_dir, 'admin_tpl_dir' => $admin_tpl_dir, 'lang_name' => $lang_name, 'fms' => $is_fms);
 }
Пример #3
0
    $post = fetch_all('house_post', " WHERE post_id='{$post_id}'", "*", 0);
}
$post['post_map'] = !empty($post['post_map']) ? $post['post_map'] : $house_config['google_map'];
if (submitcheck('button_post_submit') || submitcheck('button_edit_submit')) {
    if (empty($_GET['post_text']) || empty($_GET['post_title']) || empty($_GET['post_begin_time']) || empty($_GET['post_end_time'])) {
        showmessage($house_lang['must_post']);
    }
    if ($ac == 'post' && $house_config['postcredit'] > 0) {
        $new_credit = $my_credit - $house_config['postcredit'];
        if ($new_credit < 0) {
            showmessage($house_lang['post'] . $house_config['credit_unit'] . $house_lang['not_credit']);
        } else {
            updatemembercount($_G['uid'], array($house_config['extcredits'] => -$house_config['postcredit']), 1, '', '', '', $house_lang['fabu_koufei'], $house_config['name'] . ": <a href='{$house_config['root']}?mod=member' target='_blank'>{$house_lang['about_info']}</a>");
        }
    }
    $post_array = gpc('post_');
    if (!empty($_GET['province'])) {
        $post_array['province'] = addslashes($_GET['province']);
        $post_array['city'] = addslashes($_GET['city']);
        $post_array['dist'] = addslashes($_GET['dist']);
        $post_array['community'] = addslashes($_GET['community']);
    }
    if (!empty($_GET['loupan'])) {
        $loupan = addslashes($_GET['loupan']);
        if (strstr($loupan, "@@")) {
            list($post_array['loupan_id'], $post_array['loupan_title']) = explode("@@", $loupan);
        } elseif (!empty($_GET['loupan_id']) && !empty($_GET['loupan_title'])) {
            list($post_array['loupan_id'], $post_array['loupan_title']) = array(intval($_GET['loupan_id']), addslashes($_GET['loupan_title']));
        } else {
            $post_array['loupan_id'] = '';
            $post_array['loupan_title'] = $loupan;
Пример #4
0
     $file_id = (int) gpc('file_id', 'GP', 0);
     $rs = $db->fetch_one_array("select * from {$tpf}files where file_id='{$file_id}' and userid='{$uid}'");
     $tmp_ext = $rs[file_extension] ? '.' . $rs[file_extension] : '';
     if ($rs[server_oid]) {
         $host = @$db->result_first("select server_host from {$tpf}servers where server_oid='{$rs[server_oid]}'");
     } else {
         $host = $settings[phpdisk_url];
     }
     //$filter_arr = explode(',',$settings['filter_extension']);
     //$tmp_ext = in_array($rs[file_extension],$filter_arr) ? '.txt'.$tmp_ext : $tmp_ext;
     header("Location: " . $host . $settings[file_path] . '/' . $rs[file_store_path] . $rs[file_real_name] . get_real_ext($rs[file_extension]));
     //echo "select * from {$tpf}files where file_id='$file_id' and userid='$uid'";
     exit;
     break;
 case 'search':
     $word = convert_str('gbk', 'utf-8', trim(gpc('word', 'P', '')));
     if ($word) {
         $q = $db->query("select * from {$tpf}files where userid='{$uid}' and is_del=0 and (file_name like '%{$word}%' or file_extension like '%{$word}%') order by file_id desc");
         $num = $db->num_rows($q);
         if ($num) {
             echo 't' . LF;
             while ($rs = $db->fetch_array($q)) {
                 $tmp_ext = $rs[file_extension] ? '.' . $rs[file_extension] : '';
                 $tmp_ext2 = $rs[file_extension] ? $rs[file_extension] : ' ';
                 $str = $rs[file_name] . $tmp_ext . '|' . $rs[file_size] . '|' . $tmp_ext2 . '|0|' . $rs[file_id] . '|' . date('Y-m-d', $rs[file_time]) . '|' . $rs[file_views] . '|' . $rs[file_downs];
                 $str = is_utf8() ? convert_str('utf-8', 'gbk', $str) : $str;
                 echo $str ? $str . LF : '';
             }
             $db->free($q);
             unset($rs);
         } else {
Пример #5
0
    $post = array();
    $post = gpc('cat_');
    DB::insert('house_cat', $post);
}
if (isset($_GET['del'])) {
    $del['cat_id'] = intval($_GET['del']);
    DB::delete('house_cat', $del);
}
if (isset($_GET['edit'])) {
    $edit = intval($_GET['edit']);
    $edit_array = array();
    $edit_array = fetch_all('house_cat', ' WHERE cat_id=' . $edit . ' ORDER BY cat_pid DESC,cat_sort ASC', '*', 0);
}
if (isset($_GET['edit_submit'])) {
    $edit_array = array();
    $edit_array = gpc('cat_');
    DB::update('house_cat', $edit_array, array('cat_id' => $edit_array['cat_id']));
}
$cat_array = array();
$cat_array = fetch_all('house_cat', ' ORDER BY cat_pid ASC,cat_sort ASC');
foreach ($cat_array as $k => $v) {
    if ($v['cat_pid'] == '0') {
        $sum = fetch_all('house_cat', " WHERE cat_pid='{$v['cat_id']}' ", ' count(cat_id) as sum ', 0);
        $cat_array[$k] = array_merge($cat_array[$k], $sum);
    }
}
$cat_array_field .= "\$cat_array = " . arrayeval($cat_array) . ";\n";
writetocache('house_cat_array', $cat_array_field);
if (!cloudaddons_getmd5("house.plugin")) {
    cpmsg(lang('admincp_msg', 'cloudaddons_genuine_message'), '', 'error', array('addonid' => "house.plugin"));
}
Пример #6
0
                 write_file($tmp_file, read_file($tmp_dir . $file[name]));
             }
         }
         @unlink($tmp_dir . $file[name]);
     } else {
         $str = '文件 ' . $file_name . ' 上传失败,服务器权限不足';
         $str = is_utf8() ? convert_str('utf-8', 'gbk', $str) : $str;
         echo $str;
     }
     @unlink($file['tmp_name']);
     break;
 case 'upload_ok':
     //write_file(PHPDISK_ROOT.'system/1.txt',var_export($_POST,true));
     $file_name = trim(gpc('file_name', 'P', ''));
     $file_do_name = trim(gpc('file_do_name', 'P', ''));
     $file_size = (int) gpc('file_size', 'P', 0);
     $file_name = is_utf8() ? convert_str('gbk', 'utf-8', $file_name) : $file_name;
     $file_do_name = is_utf8() ? convert_str('gbk', 'utf-8', $file_do_name) : $file_do_name;
     $file_extension = get_extension($file_do_name);
     $esp = strlen($file_extension) + 1;
     $file_real_name = $file_extension ? substr($file_do_name, 0, strlen($file_do_name) - $esp) : $file_do_name;
     $file_name = $file_extension ? substr($file_name, 0, strlen($file_name) - $esp) : $file_name;
     $rs = $db->fetch_one_array("select * from {$tpf}uploadx_files where userid='{$uid}' and file_real_name='{$file_real_name}' and file_name='{$file_name}' limit 1");
     if ($rs) {
         $tmp_ext = $rs[file_extension] ? '.' . $rs[file_extension] : '';
         $dir1 = PHPDISK_ROOT . 'system/cache/';
         $dir2 = PHPDISK_ROOT . $settings[file_path] . '/' . $rs[file_store_path];
         make_dir($dir2);
         $file = $dir1 . $rs[file_real_name] . $tmp_ext . '.phpdisk';
         $file_real_name = md5(uniqid(mt_rand(), true) . microtime() . $uid);
         $file_dest = $dir2 . $file_real_name . get_real_ext($rs[file_extension]);
Пример #7
0
     if ($ids_arr[0]) {
         $error = true;
         $sysmsg[] = $ids_arr[1];
     } else {
         $plugin_ids = $ids_arr[1];
     }
     if (!$error) {
         $db->query_unbuffered("update {$tpf}plugins set actived=1 where plugin_name in({$plugin_ids})");
         $sysmsg[] = __('plugins_actived_success');
         redirect($_SERVER['HTTP_REFERER'], $sysmsg);
     } else {
         redirect('back', $sysmsg);
     }
 } elseif ($task == 'inactive') {
     form_auth(gpc('formhash', 'P', ''), formhash());
     $plugin_ids = gpc('plugin_ids', 'P', array());
     $ids_arr = get_ids_arr($plugin_ids, __('please_select_plugins'));
     if ($ids_arr[0]) {
         $error = true;
         $sysmsg[] = $ids_arr[1];
     } else {
         $plugin_ids = $ids_arr[1];
     }
     if (!$error) {
         $db->query_unbuffered("update {$tpf}plugins set actived=0 where plugin_name in({$plugin_ids})");
         $sysmsg[] = __('plugins_inactived_success');
         redirect($_SERVER['HTTP_REFERER'], $sysmsg);
     } else {
         redirect('back', $sysmsg);
     }
 } else {
Пример #8
0
        break;
    case 'course_view':
        if ($task) {
            switch ($task) {
                case 'course_view':
                    $file_id = gpc('file_ids', 'GP', 0);
                    $review_status = gpc('review_status', 'GP', 0);
                    $cs_id = gpc('cs_id', 'GP', 0);
                    $course_id = gpc('course_id', 'GP', 0);
                    foreach ($file_id as $k => $v) {
                        $sql = "UPDATE {$tpf}file_cs_relation\n\t\t\t\t\t\t\t\tSET (cs_id, course_id, status)\n\t\t\t\t\t\t\t\tVALUE ({$cs_id}, {$course_id}, {$review_status})\n\t\t\t\t\t\t\t\tWHERE cs_id = {$cs_id} AND course_id={$course_id}";
                        $db->query_unbuffered($sql);
                    }
                    break;
            }
        } else {
            $course_id = gpc('course_id', 'GP', '');
            $chapter_section_array = get_chapter_section_list($course_id);
            require_once template_echo($item, $admin_tpl_dir, '', 1);
        }
        break;
    case 'search':
        $status = (int) gpc('status', 'GP', 0);
        $status = 3;
        $course_array = !empty($status) ? get_course_form_status($status) : array();
        $course_array = $course_array['data'];
        $page_nav = multi($total_num, $perpage, $pg, urr(ADMINCP, "item={$item}&menu=file&action={$action}&view={$view}&uid={$uid}"));
        $dd = date('Y-m-d');
        require_once template_echo($item, $admin_tpl_dir, '', 1);
        break;
}
Пример #9
0
/**
#	Project: PHPDISK File Storage Solution
#	This is NOT a freeware, use is subject to license terms.
#
#	Site: http://www.phpdisk.com
#
#	$Id: index.php 14 2013-03-18 03:02:57Z along $
#
#	Copyright (C) 2008-2013 PHPDisk Team. All Rights Reserved.
#
*/
include "includes/commons.inc.php";
$in_front = true;
$code = trim(gpc('code', 'G', ''));
$action = gpc('action', 'G', '');
/*if(!$code){
exit('[PHPDisk] Access Deny!');
}else{
if(pd_encode($code,'DECODE') != $configs['server_key']){
exit('[PHPDisk] Access Deny!');
}
}
*/
$str = $_SERVER['QUERY_STRING'];
if (!$str) {
    exit('[PHPDisk] Access Denied');
}
$title = $settings['site_title'];
//include PHPDISK_ROOT."./includes/header.inc.php";
if ($action == 'upload') {
Пример #10
0
 $v_ob = in_array($v_ob, array('asc', 'desc')) ? $v_ob : '';
 $d_ob = in_array($d_ob, array('asc', 'desc')) ? $d_ob : '';
 $v_order_by = $v_ob ? " views {$v_ob}" : '';
 $d_order_by = $d_ob ? " downs {$d_ob}" : '';
 $perpage = $pp ? (int) $pp : 50;
 if ($v_order_by) {
     $order_by = ' order by ' . $v_order_by;
 } elseif ($d_order_by) {
     $order_by = ' order by ' . $d_order_by;
 } else {
     $order_by = 'order by id desc';
 }
 if ($task == 'search') {
     $user = gpc('user', 'G', '');
     $s_time = gpc('s_time', 'G', '');
     $e_time = gpc('e_time', 'G', '');
     if (!$s_time || !$e_time) {
         exit('<script>alert("起始时间、结束时间不能为空");window.history.back();</script>');
     }
     $u_sql = '';
     if ($action == 'stat_user') {
         if ($user) {
             $userid = @$db->result_first("select userid from {$tpf}users where username='******' ");
             if (!$userid) {
                 exit('<script>alert("用户名不存在");window.history.back();</script>');
             }
             $u_sql = $userid ? " and s.userid='{$userid}'" : '';
         }
         $sql_do = " {$tpf}{$action} s,{$tpf}users u where u.userid=s.userid {$u_sql} and (dd>='{$s_time}' and  dd<='{$e_time}')";
     } elseif ($action == 'stat_hour') {
         $sql_do = " {$tpf}{$action} where (dh>='{$s_time}' and  dh<='{$e_time}')";
Пример #11
0
<?php

##
#	Project: PHPDisk
#	This is NOT a freeware, use is subject to license terms.
#
#	Site: http://www.google.com
#
#	$Id: passport.php 123 2014-03-04 12:40:37Z along $
#
#	Copyright (C) 2008-2009 PHPDisk Team. All Rights Reserved.
#
##
include '../../includes/commons.inc.php';
//print_r($_POST);
$param = trim(gpc('param', 'G', ''));
if ($param) {
    parse_str(pd_encode(base64_decode($param), 'DECODE'));
} else {
    exit('Error Param');
}
$username = is_utf8() ? $username : convert_str('utf-8', 'gbk', $username);
$password = is_utf8() ? $password : convert_str('utf-8', 'gbk', $password);
$username = $db->escape($username);
$password = $db->escape($password);
if ($action == 'passportlogin') {
    $rs = $db->fetch_one_array("select userid,gid,username,password,email from {$tpf}users where username='******' and password='******' limit 1");
    if ($rs) {
        pd_setcookie('phpdisk_info', pd_encode("{$rs[userid]}\t{$rs[gid]}\t{$rs[username]}\t{$rs[password]}\t{$rs[email]}"));
        header("Location: " . $settings[phpdisk_url] . urr("mydisk", ""));
    } else {
Пример #12
0
$max_user_file_size = get_size($max_file_size_byte, 'B', 0);
$uid = (int) gpc('uid', 'G', 0);
$folder_id = (int) gpc('folder_id', 'G', 0);
$plugin_type = trim(gpc('plugin_type', 'G', ''));
$hash = trim(gpc('hash', 'G', ''));
$md5_sign = md5($uid . $folder_id . $plugin_type . $settings[phpdisk_url]);
if ($md5_sign != $hash) {
    exit('[PHPDisk] Error Params!');
}
$action = $action ? $action : 'doupload';
switch ($action) {
    default:
        $upload_url = urr("plugin_upload", "uid={$uid}&folder_id={$folder_id}&plugin_type={$plugin_type}&hash={$hash}");
        if ($task == 'doupload') {
            $file = $_FILES['upload_file'];
            $sign = gpc('sign', 'P', '');
            if (!is_utf8()) {
                $file['name'] = convert_str('utf-8', 'gbk', $file['name']);
            }
            $file['name'] = filter_name($file['name']);
            $file_extension = $db->escape(get_extension($file['name']));
            $esp = strlen($file_extension) + 1;
            if ($file_extension) {
                $file_name = $db->escape(substr($file['name'], 0, strlen($file['name']) - $esp));
            } else {
                $file_name = $db->escape($file['name']);
            }
            /*$file_name = str_replace(' ','_',$file_name);
            			$username = $db->result_first("select username from {$tpf}users where userid='$uid'");
            
            			$tmp_username = is_utf8() ? convert_str('utf-8','gbk',$username) : $username;*/
Пример #13
0
     }
     if ($ac == 'del') {
         $loupan_id = intval($_GET['lid']);
         DB::delete("house_loupan", "loupan_id='{$loupan_id}'");
         showmessage($house_lang['delete_ok'], $house_config['root'] . "?mod=loupan", 'sussce');
     }
 } else {
     showmessage($house_lang['no_quanxian']);
 }
 if (submitcheck('submit_loupan_post')) {
     if (empty($_GET['province']) && $ac == 'post') {
         showmessage($house_lang['admin_1']);
     } elseif ($ac == 'edit') {
         $loupan_id = intval($_GET['loupan_id']);
     }
     $post_array = gpc('loupan_');
     if (!empty($_GET['province'])) {
         $post_array['province'] = addslashes($_GET['province']);
         $post_array['city'] = addslashes($_GET['city']);
         $post_array['dist'] = addslashes($_GET['dist']);
         $post_array['community'] = addslashes($_GET['community']);
     }
     require_once DISCUZ_ROOT . './source/plugin/house/include/update_class.func.php';
     $post_upload_file_array = array('loupan_img');
     foreach ($post_upload_file_array as $file_name) {
         if ($_FILES[$file_name]['size']) {
             @($post_array[$file_name] = upload_file($file_name, 'house', '320', '240'));
         }
     }
     if ($ac == 'post') {
         $loupan_id = DB::insert('house_loupan', $post_array, $loupan_id = true);
Пример #14
0
    $post = array();
    $post = gpc('area_', 1);
    DB::insert('info_area', $post);
}
if (isset($_GET['del'])) {
    $del['area_id'] = intval($_GET['del']);
    DB::delete('info_area', $del);
}
if (isset($_GET['edit'])) {
    $edit = intval($_GET['edit']);
    $edit_array = array();
    $edit_array = fetch_all('info_area', ' WHERE area_id=' . $edit . ' ORDER BY area_pid DESC,area_sort ASC', '*', 0);
}
if (isset($_GET['edit_submit'])) {
    $edit_array = array();
    $edit_array = gpc('area_');
    DB::update('info_area', $edit_array, array('area_id' => $edit_array['area_id']));
}
$area_array = array();
$area_array = fetch_all('info_area', ' ORDER BY area_pid ASC,area_sort ASC', '*', '1', 'area_id');
foreach ($area_array as $k => $v) {
    if ($v['area_pid'] == '0') {
        $sum = fetch_all('info_area', " WHERE area_pid='{$v['area_id']}' ", ' count(area_id) as sum ', 0);
        $area_array[$k] = array_merge($area_array[$k], $sum);
    }
}
if (!cloudaddons_getmd5("info.plugin")) {
    cpmsg(lang('admincp_msg', 'cloudaddons_genuine_message'), '', 'error', array('addonid' => "info.plugin"));
}
$area_array_field .= "\$area_array = " . arrayeval($area_array) . ";\n";
writetocache('info_area_array', $area_array_field);
Пример #15
0
function views_stat($file_id)
{
    global $db, $tpf, $file, $settings, $auth;
    $view_stat = gpc('view_stat', 'C', '');
    if (!$view_stat) {
        pd_setcookie('view_stat', 1, 3600 * 3);
        $db->query_unbuffered("update {$tpf}files set file_views=file_views+1 where file_id='{$file_id}'");
        if ($auth[view_credit] && $settings[how_view_credit_views] && $settings[how_view_credit_credit]) {
            $add_credit = @round((int) $settings[how_view_credit_credit] / (int) $settings[how_view_credit_views], 4);
            add_credit_log($file_id, $add_credit, 'view', $file[userid]);
            $db->query_unbuffered("update {$tpf}users set credit=credit+{$add_credit} where userid='{$file[userid]}'");
        }
    }
}
Пример #16
0
                redirect('back', $sysmsg);
            }
        } else {
            $rs = $db->fetch_one_array("select * from {$tpf}navigations where navid='{$navid}'");
            if ($rs) {
                $nav_text = $rs['text'];
                $nav_title = $rs['title'];
                $nav_href = $rs['href'];
                $nav_target = $rs['target'];
                $nav_position = $rs['position'];
            }
            unset($rs);
            require_once template_echo($item, $admin_tpl_dir, '', 1);
        }
        break;
    case 'delete_nav':
        if ($settings['online_demo']) {
            $error = true;
            $sysmsg[] = __('online_demo_deny');
        }
        if (!$error) {
            $navid = (int) gpc('navid', 'G', 0);
            $db->query_unbuffered("delete from {$tpf}navigations where navid='{$navid}' limit 1");
            redirect(urr(ADMINCP, "item={$item}&menu=extend&action=index"), '', 0);
        } else {
            redirect('back', $sysmsg);
        }
        break;
    default:
        redirect(urr(ADMINCP, "item={$item}&menu=extend&action=index"), '', 0);
}
Пример #17
0
                 $prepre = $info['pre'];
                 $info['a_delete'] = urr(ADMINCP, "item=database&action=delete&pre={$info['pre']}");
                 $info['a_restore'] = urr(ADMINCP, "item=database&action=restore&task=restore&pre={$info['pre']}");
                 $infos[] = $info;
             }
         }
         require_once template_echo($item, $admin_tpl_dir, '', 1);
     }
     break;
 case 'delete':
     if ($settings['online_demo']) {
         $error = true;
         $sysmsg[] = __('online_demo_deny');
     }
     if (!$error) {
         $pre = gpc('pre', 'G', '');
         $sqlfiles = glob(PHPDISK_ROOT . 'system/data/*.sql');
         if (is_array($sqlfiles)) {
             foreach ($sqlfiles as $k => $sqlfile) {
                 if (preg_match("/({$pre})([0-9]+)\\.sql/i", basename($sqlfile))) {
                     $sysmsg[] = __('delete') . '&nbsp;&nbsp;' . $sqlfile . ' ...... ' . __('success');
                     @unlink($sqlfile);
                 }
             }
         }
         redirect(urr(ADMINCP, "item=database&action=restore"), $sysmsg);
     } else {
         redirect('back', $sysmsg);
     }
     break;
 default:
Пример #18
0
/**
#	Project: PHPDISK File Storage Solution
#	This is NOT a freeware, use is subject to license terms.
#
#	Site: http://www.google.com
#
#	$Id: tag.php 121 2014-03-04 12:38:05Z along $
#
#	Copyright (C) 2008-2014 PHPDisk Team. All Rights Reserved.
#
*/
include "includes/commons.inc.php";
!$auth[is_fms] && exit(msg::umsg('Not_FMS', __('zcore_no_power')));
$in_front = true;
$tag = trim(gpc('tag', 'G', ''));
if ($tag) {
    $title = __('tag') . ': ' . $tag . ' - ' . $settings['site_title'];
    $tag_title = __('tag') . ': ' . $tag;
} else {
    $title = __('tag_view') . ' - ' . $settings['site_title'];
    $tag_title = __('tag_view');
}
include PHPDISK_ROOT . "./includes/header.inc.php";
if (!$tag) {
    $hot_tags = get_hot_tag(50);
    $last_tags = get_last_tag(50);
} else {
    function get_file_ids($tag)
    {
        global $db, $tpf;
Пример #19
0
<?php

/**
#	Project: PHPDISK File Storage Solution
#	This is NOT a freeware, use is subject to license terms.
#
#	Site: http://www.google.com
#
#	$Id: announce.php 121 2014-03-04 12:38:05Z along $
#
#	Copyright (C) 2008-2014 PHPDisk Team. All Rights Reserved.
#
*/
include "includes/commons.inc.php";
$inner_box = true;
$aid = (int) gpc('aid', 'G', 0);
include PHPDISK_ROOT . 'includes/header.inc.php';
$content = $db->result_first("select content from {$tpf}announces where annid='{$aid}'");
$str = '<div class="in_announce">' . $content . '</div>';
$str .= "<br><div align=\"center\"><input type=\"button\" class=\"btn\" value=\"" . __('btn_close') . "\" onclick=\"top.\$.jBox.close(true);\"/></div>";
$str .= '</body></html>';
echo $str;
include PHPDISK_ROOT . 'includes/footer.inc.php';
Пример #20
0
        $tmp = $log_day * 86400;
        $db->query_unbuffered("delete from " . get_table_credit_log() . " where in_time<{$timestamp}-{$tmp}");
        exit('true|' . __('adm_del_log_success'));
        break;
    case 'dostat':
        $act = gpc('act', 'P', '');
        $dd = gpc('dd', 'P', '');
        if ($act && $dd) {
            if (in_array($act, array('views', 'downs', 'money'))) {
                //$all = (float)@$db->result_first("select sum($act) from {$tpf}stat_user where dd='$dd'");
                $all = 0;
                $q = $db->query("select views,downs,money,userid from {$tpf}stat_user where dd='{$dd}'");
                while ($rs = $db->fetch_array($q)) {
                    $all += get_discount($rs[userid], $rs[$act]);
                }
                $db->free($q);
                unset($rs);
                echo 'true|' . round($all, 4);
            } else {
                echo 'Error Act';
            }
        } else {
            echo 'Error action!';
        }
        break;
    case 'vip_count':
        $vip_id = (int) gpc('vip_id', 'P', 0);
        $num = (int) @$db->result_first("select count(*) from {$tpf}users where vip_id='{$vip_id}'");
        echo 'true|' . $num;
        break;
}
Пример #21
0
 $u = trim(gpc('u', 'G', ''));
 $s = trim(gpc('s', 'G', ''));
 $t = trim(gpc('t', 'G', ''));
 $o_arr = array('asc', 'desc');
 if ($n) {
     $sql_order = in_array($n, $o_arr) ? " file_name {$n}" : " file_name asc";
 } elseif ($u) {
     $sql_order = in_array($u, $o_arr) ? " username {$u}" : " username asc";
 } elseif ($s) {
     $sql_order = in_array($s, $o_arr) ? " file_size {$s}" : " file_size asc";
 } elseif ($t) {
     $sql_order = in_array($t, $o_arr) ? " file_time {$t}" : " file_time asc";
 } else {
     $sql_order = " file_id desc";
 }
 $scope = trim(gpc('scope', 'G', ''));
 $word_str = $word = str_replace(' ', ' ', replace_inject_str($word));
 if (strpos($word_str, '.') === true) {
     $arr = explode('.', $word_str);
 } else {
     $arr = explode(' ', $word_str);
 }
 $str = '';
 if (count($arr) > 1) {
     for ($i = 0; $i < count($arr); $i++) {
         if (trim($arr[$i]) != '') {
             $str .= " (file_name like '%{$arr[$i]}%' or file_extension like '%{$arr[$i]}%') and";
         }
     }
     $str = substr($str, 0, -3);
     $sql_keyword = " (" . $str . ")";
Пример #22
0
 }
 if (empty($_GET['member_phone'])) {
     showmessage($_lang['must_member_phone']);
 }
 /* begin:发布积分消费	*/
 if ($op == 'post') {
     $new_credit = $my_credit - $gongqiu_config['postcredit'];
     if ($new_credit < 0) {
         showmessage($_lang['post'] . $gongqiu_config['credit_unit'] . $_lang['not_credit']);
     } else {
         DB::query("UPDATE " . DB::table('common_member_count') . " SET extcredits{$gongqiu_config['extcredits']}='{$new_credit}' WHERE uid='{$_G['uid']}'");
     }
 }
 /* end:发布积分消费	*/
 $goods = gpc('goods_');
 $_member = gpc('member_');
 if ($op == 'post') {
     $_member['member_uid'] = $_G['uid'];
 }
 if ($goods['goods_settime'] != 0) {
     if ($goods['goods_settime'] == 7) {
         $goods['goods_settime'] = strtotime("+7 days");
     } elseif ($goods['goods_settime'] == 30) {
         $goods['goods_settime'] = strtotime("+30 days");
     } elseif ($goods['goods_settime'] == 90) {
         $goods['goods_settime'] = strtotime("+90 days");
     } elseif ($goods['goods_settime'] == 180) {
         $goods['goods_settime'] = strtotime("+180 days");
     }
 } else {
     $goods['goods_settime'] = 0;
Пример #23
0
             $reqHandler->setParameter("spbill_create_ip", $_SERVER['REMOTE_ADDR']);
             $reqUrl = $reqHandler->getRequestURL();
             header("Location: {$reqUrl}");
         } else {
             redirect('back', $sysmsg);
         }
     } elseif ($task == 'chinabank') {
         form_auth(gpc('formhash', 'P', ''), formhash());
         if (!$error) {
             $go_url = "plugins/payment/chinabank/Send.php?v_amount={$money}&vip_id={$vip_id}";
             echo "<script>window.location =\"{$go_url}\";</script>";
         } else {
             redirect('back', $sysmsg);
         }
     } elseif ($task == 'yeepay') {
         form_auth(gpc('formhash', 'P', ''), formhash());
         if (!$error) {
             $go_url = "plugins/payment/yeepay/req.php?p3_Amt={$money}&vip_id={$vip_id}";
             echo "<script>window.location =\"{$go_url}\";</script>";
         } else {
             redirect('back', $sysmsg);
         }
     }
     break;
 default:
     $q = $db->query("select * from {$tpf}vips where is_hidden=0 order by show_order asc,vip_id asc");
     $vips = array();
     while ($rs = $db->fetch_array($q)) {
         $rs['status_text'] = $rs['is_hidden'] ? '<span class="txtred">' . __('hidden') . '</span>' : '<span class="txtblue">' . __('display') . '</span>';
         $rs[img] = $rs[img] ? '<img src="{$rs[img]}" border="0" />' : '&nbsp;';
         $rs[pop_ads] = $rs[pop_ads] ? __('yes') : __('no');
Пример #24
0
 case 'credit_log':
     if ($task == 'update') {
         form_auth(gpc('formhash', 'P', ''), formhash());
         $setting = array('show_credit_log' => 0, 'close_credit_log' => 0);
         $settings = gpc('setting', 'P', $setting);
         if (!$error) {
             settings_cache($settings);
             $sysmsg[] = '积分配置管理更新成功';
             redirect(urr(ADMINCP, "item={$item}&menu={$menu}&action={$action}"), $sysmsg);
         } else {
             redirect('back', $sysmsg);
         }
     } else {
         $log_count = @$db->result_first("select count(*) from " . get_table_credit_log() . "");
         $perpage = 50;
         $userid = (int) gpc('userid', 'G', 0);
         $task_sql = in_array($task, array('download', 'ref')) ? " p.action='{$task}' and" : '';
         $uid_sql = $userid ? " p.userid='{$userid}' and" : '';
         $sql_do = get_table_credit_log() . " p,{$tpf}files f,{$tpf}users u where {$task_sql} {$uid_sql} p.userid=u.userid and p.file_id=f.file_id";
         $rs = $db->fetch_one_array("select count(*) as total_num from {$sql_do}");
         $total_num = $rs['total_num'];
         $start_num = ($pg - 1) * $perpage;
         $q = $db->query("select p.*,f.file_name,f.file_extension,u.username from {$sql_do} order by p.in_time desc limit {$start_num},{$perpage}");
         $orders = array();
         while ($rs = $db->fetch_array($q)) {
             $rs[a_view] = urr(ADMINCP, "item={$item}&menu={$menu}&action={$action}&userid={$rs[userid]}");
             $rs[action] = $ca_arr[$rs[action]];
             $tmp_ext = $rs[file_extension] ? '.' . $rs[file_extension] : '';
             $rs[file_name] = $rs[file_name] . $tmp_ext;
             $rs['in_time'] = date('Y-m-d H:i:s', $rs['in_time']);
             $orders[] = $rs;
Пример #25
0
 private function on_chmod()
 {
     $path = $this->path;
     $deep = gpc('fs-deep');
     $chmod = gpc('fs-chmod', 'g', 'octdec');
     $this->code = $this->FileFS->chmod($path, $chmod, $deep, $this->data) ? 200 : 300;
     $this->mess = $this->FileFS->error();
     $this->show();
 }
Пример #26
0
    $perpage = $gongqiu_config['perpage'];
    $urlnow = $gongqiu_config['root'] . "?mod={$mod}&op={$op}";
    $multipage = multi($pagenum, $perpage, $page, $urlnow, 0, 10);
    $stat_limit = ($page - 1) * $perpage;
    $where .= " LIMIT {$stat_limit},{$perpage}";
    $goods_list = fetch_all('gongqiu_goods', $where);
} elseif ($op == 'memberinfo') {
    $uid = $_G['uid'];
    $member = fetch_all('gongqiu_member', " WHERE member_uid='{$uid}'");
    $member = $member[0];
    if (submitcheck('submit_member')) {
        if (!empty($member['member_uid'])) {
            DB::update('gongqiu_member', gpc('member_'), " member_uid='{$member['member_uid']}'");
            showmessage($_lang['edit_ok']);
        } else {
            DB::insert('gongqiu_member', gpc('member_'));
            showmessage($_lang['edit_ok']);
        }
    }
} elseif ($op == 'mycredit') {
    if (empty($gongqiu_config['extcredits'])) {
        showmessage($_lang['no_extcredits']);
    } else {
        $credit = DB::result_first("SELECT extcredits{$gongqiu_config['extcredits']} FROM " . DB::table('common_member_count') . " WHERE uid='{$_G['uid']}'");
        $credit_log = fetch_all('gongqiu_up', " as su LEFT JOIN " . DB::table('gongqiu_goods') . " as sg ON su.goods_id = sg.goods_id WHERE sg.member_uid='{$_G['uid']}'");
    }
} elseif ($op == 'quiteup') {
    $goods_id = intval($_GET['goods_id']);
    DB::update('gongqiu_goods', array('goods_up' => ''), " goods_id='{$goods_id}'");
    showmessage($_lang['edit_ok'], $gongqiu_config['root'] . "?mod=member&op=mypost");
} elseif ($op == 'setpostup') {
Пример #27
0
/**
#	Project: PHPDISK File Storage Solution
#	This is NOT a freeware, use is subject to license terms.
#
#	Site: http://www.phpdisk.com
#
#	$Id: mydisk.php 25 2011-03-04 07:36:51Z along $
#
#	Copyright (C) 2008-2013 PHPDisk Team. All Rights Reserved.
#
*/
include "includes/commons.inc.php";
$uid = (int) gpc('uid', 'G', 0);
$folder_id = (int) gpc('folder_id', 'G', 0);
$plugin_type = trim(gpc('plugin_type', 'G', ''));
$hash = trim(gpc('hash', 'G', ''));
$md5_sign = md5($uid . $folder_id . $plugin_type . $settings[phpdisk_url]);
if ($md5_sign != $hash) {
    //exit('[PHPDisk] Error Params [main]!');
}
$sign = md5($_SERVER['HTTP_USER_AGENT'] . $onlineip);
write_file(PHPDISK_ROOT . 'system/b.txt', $sign . LF, 'ab');
$q = $db->query("select file_id from {$tpf}plugin_upload where hash='{$sign}'");
$file_ids = '';
while ($rs = $db->fetch_array($q)) {
    $file_ids .= $rs[file_id] . ',';
}
$db->free($q);
unset($rs);
$file_ids = $file_ids ? substr($file_ids, 0, -1) : '';
if ($file_ids) {
Пример #28
0
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>PHPDisk Remote Server</title>
<style type="text/css">body{font-size:12px}</style>
</head>

<body>
<div id="tips" style="padding:10px"><img src="images/ajax_load_bar.gif" align="absmiddle" border="0"><Br><?php 
echo __('sub_server_config_processing');
?>
</div>
<script type="text/javascript">
<?
$code = gpc('code','G','');
$up_size = gpc('up_size','G','');
$dir = PHPDISK_ROOT.'system/global/';
make_dir($dir);
$upload_max = get_byte_value(ini_get('upload_max_filesize'));
$post_max = get_byte_value(ini_get('post_max_size'));
$max_php_file_size = min($upload_max, $post_max);
$up_size = $max_php_file_size;
if($up_size==$max_php_file_size){
	$str = '您的网盘支持单个文件上传最大 <u style=\"font-size:14px;\">'.str_replace(' ','',get_size($max_php_file_size,'B',0)).'B</u>';
}else{
	$str = '您的网盘支持单个文件上传信息:<br>网盘主站, <u>'.str_replace(' ','',get_size($max_php_file_size,'B',0)).'B</u> ; 子服, <u>'.str_replace(' ','',get_size($up_size,'B',0)).'B</u><br><span <span style=\"color:red\">两个服务配置不一致!请重新配置,否则文件上传将可能会出现异常。</span>';
}

if($code && ($code==$configs['server_key'])){
	settings_cache();
	lang_cache();
Пример #29
0
 $meta_keywords2 = trim(gpc('meta_keywords2', 'P', ''));
 $meta_description2 = trim(gpc('meta_description2', 'P', ''));
 $meta_title3 = trim(gpc('meta_title3', 'P', ''));
 $meta_keywords3 = trim(gpc('meta_keywords3', 'P', ''));
 $meta_description3 = trim(gpc('meta_description3', 'P', ''));
 $meta_title_s = trim(gpc('meta_title_s', 'P', ''));
 $meta_keywords_s = trim(gpc('meta_keywords_s', 'P', ''));
 $meta_description_s = trim(gpc('meta_description_s', 'P', ''));
 $meta_title_v = trim(gpc('meta_title_v', 'P', ''));
 $meta_keywords_v = trim(gpc('meta_keywords_v', 'P', ''));
 $meta_description_v = trim(gpc('meta_description_v', 'P', ''));
 $meta_title_d = trim(gpc('meta_title_d', 'P', ''));
 $meta_keywords_d = trim(gpc('meta_keywords_d', 'P', ''));
 $meta_description_d = trim(gpc('meta_description_d', 'P', ''));
 $setting = array('open_rewrite' => 0);
 $settings = gpc('setting', 'P', $setting);
 if (!$error) {
     update_seo('index', 0, $meta_title, $meta_keywords, $meta_description);
     if ($auth[pd_a]) {
         update_seo('public', 0, $meta_title2, $meta_keywords2, $meta_description2);
         update_seo('hotfile', 0, $meta_title3, $meta_keywords3, $meta_description3);
         update_seo('space', 0, $meta_title_s, $meta_keywords_s, $meta_description_s);
         update_seo('viewfile', 0, $meta_title_v, $meta_keywords_v, $meta_description_v);
         update_seo('download', 0, $meta_title_d, $meta_keywords_d, $meta_description_d);
     }
     settings_cache($settings);
     $sysmsg[] = __('seo_update_success');
     redirect(urr(ADMINCP, "item={$item}&menu={$menu}"), $sysmsg);
 } else {
     redirect('back', $sysmsg);
 }
Пример #30
0
/**
#	Project: PHPDISK File Storage Solution
#	This is NOT a freeware, use is subject to license terms.
#
#	Site: http://www.google.com
#
#	$Id: public.php 121 2014-03-04 12:38:05Z along $
#
#	Copyright (C) 2008-2014 PHPDisk Team. All Rights Reserved.
#
*/
include "includes/commons.inc.php";
!$auth[is_fms] && exit(msg::umsg('Not_FMS', __('zcore_no_power')));
$in_front = true;
$cate_id = (int) gpc('cate_id', 'G', 0);
if ($cate_id) {
    $cate_name = $db->result_first("select cate_name from {$tpf}categories where cate_id='{$cate_id}'");
}
$nav_title = $cate_name ? $cate_name . '' : '';
$nav_title = $nav_title;
$title = $nav_title . ' - ' . $settings['site_title'];
$file_keywords = $nav_title . ',';
$C[cate_hot_file] = get_cate_file($cate_id, 'file_downs');
if ($auth[pd_a]) {
    $seo = get_seo('public', $cate_id);
    if ($seo[title]) {
        eval("\$title = \"{$seo['title']}\";");
    }
    eval("\$keywords = \"{$seo['keywords']}\";");
    eval("\$description = \"{$seo['description']}\";");