function add() { global $viewhelper; if (isset($_POST['do']) && !empty($_POST['data']['market']['name'])) { pb_submit_check("data"); $this->market->setParams(); $this->market->params['data']['market']['industry_id'] = PbController::getMultiId($_POST['industry']['id']); $this->market->params['data']['market']['area_id'] = PbController::getMultiId($_POST['area']['id']); $result = $this->market->Add(); if ($result) { flash('thanks_for_adding_market'); } else { pheader("location:add.php"); } } $viewhelper->setPosition(L("added_market_info", "tpl")); render("market/add"); }
function reactive() { global $G; if (!empty($_GET['em'])) { //check em $email = $_GET['em']; $result = $this->member->checkUserExistsByEmail($email); if (!$result) { flash("member_not_exists", null, 0); } else { $member_reg_auth = $G['setting']['new_userauth']; $id = $this->member->field("id", "email='" . $email . "'"); $member_info = $this->member->getInfoById($id); require LIB_PATH . "sendmail.inc.php"; require CACHE_LANG_PATH . "lang_emails.php"; if ($member_reg_auth == 1) { $if_need_check = true; $exp_time = $this->member->timestamp + 86400; $tmp_username = $member_info['username']; $hash = authcode("{$tmp_username}\t" . $exp_time, "ENCODE"); //$hash = str_replace(array("+", "|"), array("|", "_"), $hash); $hash = rawurlencode($hash); setvar("hash", $hash); setvar("expire_date", date("Y-m-d H:i", strtotime("+1 day"))); $sended = pb_sendmail(array($email, $member_info['username']), $member_info['username'] . "," . $arrTemplate["_pls_active_your_account"], "activite"); if (empty($G['setting']['reg_filename'])) { $gopage = URL . 'register.php?action=done&em=' . urlencode($email); } else { $gopage = URL . $G['setting']['reg_filename'] . '?action=done&em=' . urlencode($email); } pheader("location:" . $gopage); } } } else { flash("invalid_request", null, 0); } }
function direct() { global $pdb, $tb_prefix; $result = $pdb->GetRow("SELECT * FROM " . $tb_prefix . "companies WHERE adwords='" . $this->keyword . "' OR name='" . $this->keyword . "'"); if (!empty($result)) { pheader("Location:" . URL . "space/?id=" . $result['id']); exit; } else { flash("record_not_exists", '', 0); } }
function Start() { global $topleveldomain_support, $pdb, $tb_prefix; if ($topleveldomain_support) { $host = isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : ''); $result = $pdb->GetRow("SELECT id,cache_spacename FROM {$tb_prefix}companies WHERE topleveldomain='" . $host . "' AND status='1'"); if (!empty($result)) { pheader("HTTP/1.1 301 Moved Permanently"); pheader("location:" . URL . "space.php?id=" . $result['id']); exit; } } formhash(); }
} else { flash(); } } if (isset($_POST['save_cache'])) { $updated = $setting->replace($_POST['data']['setting']); if ($updated) { $cache->writeCache("setting", "setting"); pheader("location:setting.php?do=cache"); } } if (isset($_POST['save_mail'])) { $updated = $setting->replace($_POST['data']['setting']); if ($updated) { $cache->writeCache("setting", "setting"); pheader("location:setting.php?do=email"); } } function edit_function($data) { if (empty($data) && !is_array($data)) { return; } $configfile = PHPB2B_ROOT . 'configs' . DS . 'config.inc.php'; $configfiles = file_get_contents($configfile); $configfiles = trim($configfiles); foreach ($data as $key => $val) { $pattern[$key] = "/[\$]" . $key . "\\s*\\=\\s*.*?;/is"; $replacement[$key] = "\$" . $key . " = " . $val . ";"; if ($key == "subdomain_support") { if ($val == 1) {
/** * PHPB2B : Opensource B2B Script (http://www.phpb2b.com/) * Copyright (C) 2007-2010, Ualink. All Rights Reserved. * * Licensed under The Languages Packages Licenses. * Support : phpb2b@hotmail.com * * @version $Revision: 1393 $ */ function pb_sendmail($to_users = array(), $subject, $template = null, $body = null, $redirect_url = null) { global $charset, $smarty, $theme_name, $_PB_CACHE; require_once LIB_PATH . "phpmailer/class.phpmailer.php"; $content = null; $mail = new PHPMailer(); $result = false; $logdata['created'] = time(); if (!empty($_PB_CACHE['setting']['mail'])) { extract(unserialize($_PB_CACHE['setting']['mail'])); } if ($send_mail == 2) { $mail->IsSMTP(); $mail->Host = $smtp_server; $mail->Port = $smtp_port; if ($smtp_auth) { $mail->SMTPAuth = true; } if (!empty($auth_protocol)) { $mail->SMTPSecure = $auth_protocol; } $mail->Username = $auth_username; $mail->Password = $auth_password; } else { $mail->IsMail(); } $mail->IsHTML(true); $mail->CharSet = $charset; $mail->Encoding = "base64"; $mail->From = $mail_from; $mail->FromName = empty($mail_fromwho) ? $_PB_CACHE['setting']['site_name'] : $mail_fromwho; $mail->Subject = $subject; $mail->AltBody = "To view the message, please use an HTML compatible email viewer!"; // optional, comment out and test $tpl_file = $theme_name . "/emails/" . $template . $smarty->tpl_ext; if (!empty($template) && $smarty->template_exists($tpl_file)) { $content = $smarty->fetch($tpl_file); } elseif (!empty($body)) { $content = $body; } $mail->MsgHTML($content); if (!empty($to_users)) { if (!is_array($to_users[0])) { $mail->AddAddress($to_users[0], $to_users[1]); $result = $mail->Send(); } elseif (is_array($to_users[0])) { $mail->ClearAddresses(); foreach ($to_users as $key => $val) { $mail->AddAddress($val[0], $val[1]); $result = $mail->Send(); } } } if ($mail->error_count > 0) { if (class_exists("Logs")) { $log = new Logs(); } else { uses("log"); $log = new Logs(); } $logdata['handle_type'] = "error"; $logdata['source_module'] = "sendmail"; $logdata['description'] = $mail->ErrorInfo; $log->Add($logdata); return false; } if (!empty($redirect_url)) { pheader("Location:" . $redirect_url); } else { return $result; } }
} $sql = "UPDATE {$tb_prefix}attachments a,{$tb_prefix}albums ab SET a.title='" . $title . "',a.description='" . $description . "',ab.attachment_id={$attachment_id},type_id='" . $vals['type_id'] . "' WHERE ab.id={$id} AND a.id=" . $attachment_id; } else { if ($g['max_album'] && $now_album_amount >= $g['max_album']) { flash('one_day_max'); } if (empty($_FILES['pic']['name'])) { flash("failed"); } $sql = "INSERT INTO {$tb_prefix}albums (member_id,attachment_id,type_id) VALUES (" . $_SESSION['MemberID'] . ",'" . $attachment_controller->id . "','" . $vals['type_id'] . "')"; } $result = $pdb->Execute($sql); if (!$result) { flash(); } else { pheader("Location:album.php"); } } setvar("AlbumTypes", $_PB_CACHE['albumtype']); if (isset($_GET['do'])) { $do = trim($_GET['do']); if (!empty($_GET['id'])) { $id = intval($_GET['id']); } if ($do == "del" && !empty($id)) { $result = $album->del(intval($id), "member_id=" . $_SESSION['MemberID']); } if ($do == "edit") { if (!empty($id)) { $album_info = $pdb->GetRow("SELECT a.title,a.description,ab.id,a.attachment,ab.type_id FROM {$tb_prefix}albums ab LEFT JOIN {$tb_prefix}attachments a ON a.id=ab.attachment_id WHERE ab.member_id=" . $_SESSION['MemberID'] . " AND ab.id={$id}"); if (!empty($album_info['attachment'])) {
if (isset($_POST['do'])) { pb_submit_check('do'); uses("order"); $order = new Orders(); $result = $adzone->read("*", intval($_POST['id'])); if (!empty($result)) { $data['member_id'] = $the_memberid; $data['cache_username'] = $memberinfo['username']; $data['subject'] = $result['name']; $data['pay_id'] = $_POST['pay_id']; $data['pay_name'] = $_POST['pay_name']; $data['total_price'] = $result['price']; $new_trade_no = $order->Add($data); if (!empty($_POST['paynow'])) { //header('Cache-Control: no-cache, no-store, max-age=0, must-revalidate'); pheader("Location:../purchase.php?do=pay&tradeno=" . $new_trade_no); exit; } else { flash('success', 'order.php'); } } } if (isset($_GET['do'])) { $do = trim($_GET['do']); $id = intval($_GET['id']); if ($do == "buy" && !empty($id)) { $result = $adzone->read("*", $id); if (!empty($result)) { setvar("payments", $payment); setvar("item", $result); vtemplate("ads_edit");
require "libraries/common.inc.php"; require "share.inc.php"; if (!empty($_GET['do'])) { $action = isset($_GET['action']) ? htmlspecialchars(trim($_GET['action'])) : 'index'; $do = $_GET['do'] == '' ? 'home' : htmlspecialchars(trim($_GET['do'])); $c_file = LIB_PATH . 'core/controllers/' . $do . '_controller.php'; $c_do = ucwords($do); $secure_c = array("rss", "offer", "news", "job", "fair", "space", "pc", "wap", "pad", "help", "friendlink", "page", "standard", "brand", "company", "announce", "error", "product", "market", "member", "message", "topic", "service", "search", "dict"); if (in_array($do, $secure_c)) { if (is_file($c_file)) { require $c_file; $pc = new $c_do(); if ($action == 'list') { $action = 'lists'; } if (method_exists($pc, $action)) { call_user_func_array(array($pc, $action), array()); } elseif (method_exists($pc, 'index')) { $pc->index(); } } else { render("index"); } } else { flash(); } } elseif (pb_ismobile()) { pheader("location:index.php?do=wap"); } else { render("index"); }
<?php /** * [PHPB2B] Copyright (C) 2007-2099, Ualink Inc. All Rights Reserved. * The contents of this file are subject to the License; you may not use this file except in compliance with the License. * * @version $Revision: 2075 $ */ define('CURSCRIPT', 'index'); require "../libraries/common.inc.php"; if (empty($_COOKIE[$cookiepre . 'admin']) || !$_COOKIE[$cookiepre . 'admin']) { pheader("location:login.php"); } require "session_cp.inc.php"; require "menu.php"; if (!empty($adminer->info['permissions']) && $adminer->info['member_id'] != $administrator_id) { $allowed_permissions = explode(",", $adminer->info['permissions']); foreach ($menus as $key => $val) { if (!in_array($key, $allowed_permissions)) { unset($menus[$key]); } else { foreach ($val['children'] as $key1 => $val1) { if (!in_array($key1, $allowed_permissions)) { unset($menus[$key]['children'][$key1]); } } } } } require LIB_PATH . "json_config.php"; $smarty->template_dir = "template/";
} } if (isset($_POST['save_permission'])) { foreach ($result as $key => $val) { $exempt = null; $exempt .= in_array($val['id'], $_POST['basic']) ? "1" : "0"; $exempt .= in_array($val['id'], $_POST['offer']) ? "1" : "0"; $exempt .= in_array($val['id'], $_POST['product']) ? "1" : "0"; $exempt .= in_array($val['id'], $_POST['company']) ? "1" : "0"; $exempt .= in_array($val['id'], $_POST['pms']) ? "1" : "0"; $exempt_value = bindec($exempt); $sql = "UPDATE {$tb_prefix}membergroups SET exempt='{$exempt_value}',modified={$time_stamp} WHERE id={$val['id']}"; $pdb->Execute($sql); } $cache->writeCache('membergroup', 'membergroup'); pheader("location:membergroup.php?do=permission"); } if (isset($_GET['do'])) { $do = trim($_GET['do']); if (isset($_GET['id'])) { $id = intval($_GET['id']); } if ($do == "permission") { $tpl_file = "membergroup.permission"; } if ($do == "del" && !empty($id)) { $membergroup->del($id); } if ($do == "edit") { $data = array(); foreach ($_PB_CACHE['membergroup'] as $key1 => $val1) {
$message = new Messages(); $page = new Pages(); $conditions = array(); $tpl_file = "message"; if (isset($_POST['del']) && is_array($_POST['id'])) { $deleted = $message->del($_POST['id']); if (!$deleted) { flash(); } } if (isset($_POST['save'])) { $sended = $message->SendToUser($current_adminer, $_POST['to_username'], $_POST['data']['message']); if (!$sended) { flash(null, null, 0); } else { pheader("location:message.php"); } } if (isset($_GET['do'])) { $do = trim($_GET['do']); if (!empty($_GET['id'])) { $id = intval($_GET['id']); } if ($do == 'search') { if (!empty($_GET['q'])) { $conditions[] = "title like '%" . trim($_GET['q']) . "%'"; } } if ($do == "send") { $tpl_file = "message.send"; template($tpl_file);
$iteminfo['product_id'] = $pid; $charginginfo = $payment->request($iteminfo); if (isset($charginginfo)) { $token = $charginginfo[0]; $redirectUrl = $charginginfo[1]; //Get Charging status //Save token to order $vals['transection_token'] = $token; $vals['transection_time'] = time(); $vals['transection_method'] = 'wap-tinhvan'; $vals['msisdn'] = $_SESSION['msisdn']; $vals['product_id'] = $pid; $vals['device_id'] = $device_id; $resul_s = $transection->save($vals); if ($resul_s == 1 && $token != "" && $token != "-1" && $token != "-2") { pheader("Location: " . $redirectUrl); } else { flash("Đăng ký giao dịch không thành công!"); } } } else { //Neu giao dich mien phi $token = pb_radom(24, 1); $vals['transection_token'] = $token; $vals['transection_time'] = time(); $vals['transection_method'] = 'free'; $vals['msisdn'] = $_SESSION['msisdn']; $vals['product_id'] = $pid; $vals['device_id'] = $device_id; $vals['status'] = 1; $resul_s = $transection->save($vals);
if (!empty($id)) { $result = $pdb->Execute("UPDATE {$tb_prefix}passports SET title='" . $datas['title'] . "',url='" . $datas['url'] . "',description='" . $datas['description'] . "',available='" . $datas['available'] . "',config='" . $datas['config'] . "',modified={$time_stamp} WHERE id=" . $id); } else { $result = $pdb->Execute("INSERT INTO {$tb_prefix}passports (name,title,description,url,available,config,created,modified) VALUE ('" . $datas['name'] . "','" . $datas['title'] . "','" . $datas['description'] . "','" . $datas['url'] . "','" . $datas['available'] . "','" . $datas['config'] . "',{$time_stamp},{$time_stamp});"); } if ($datas['name'] == "ucenter") { if (!$file->file_writeable($passport->passport_path . $datas['name'] . DS . "config.inc.php")) { flash("file_not_writeable", null, 0); } else { $passport->writeConfig($datas['name'] . DS . "config.inc.php", $_POST['data']['config']); } } if (!$result) { flash("action_failed", null, 0); } else { pheader("Location:passport.php"); } } if (isset($_GET['do'])) { $do = trim($_GET['do']); if (!empty($_GET['id'])) { $id = intval($_GET['id']); } if ($do == "set") { $item = $pdb->GetRow("SELECT valued AS passport_support FROM {$tb_prefix}settings WHERE variable='passport_support'"); setvar("item", $item); $tpl_file = "passport.set"; template($tpl_file); exit; } if (!empty($_GET['entry'])) {
$company = new Companies(); $company_controller = new Company(); $smarty->template_dir = "template/"; $smarty->setCompileDir("office-room" . DS); $smarty->flash_layout = "flash"; $check_invite_code = false; $pdb->setFetchMode(ADODB_FETCH_ASSOC); if (isset($_PB_CACHE['setting']['register_type'])) { $register_type = $_PB_CACHE['setting']['register_type']; if ($register_type == "open_invite_reg") { setvar("IfInviteCode", true); } } if (empty($_SESSION['MemberID']) || empty($_SESSION['MemberName'])) { uclearcookies(); pheader("location:" . URL . "logging.php?forward=" . urlencode(pb_get_host() . $php_self)); } //if caches $cache_data = array(); if (isset($_PB_CACHE['setting']['member_cache']) && $_PB_CACHE['setting']['member_cache']) { $pdb->Execute("DELETE FROM {$tb_prefix}membercaches WHERE expiration<" . $time_stamp); $cache_data = $pdb->GetRow("SELECT data1 AS member,data2 AS company FROM {$tb_prefix}membercaches WHERE member_id='" . $_SESSION['MemberID'] . "'"); } if (!empty($cache_data)) { $memberinfo = @unserialize($cache_data['member']); if (!empty($cache_data['company'])) { $companyinfo = @unserialize($cache_data['company']); $company_id = $companyinfo['id']; setvar("COMPANYINFO", $companyinfo); } if (empty($memberinfo) || !is_array($memberinfo)) {
/** */ if (session_id() == '') { require_once LIB_PATH . "session_php.class.php"; $session = new PbSessions(); } $wap_theme_name = ""; require APP_ROOT . 'languages' . DS . $app_lang . DS . 'template.room.inc.php'; require CACHE_PATH . "cache_membergroup.php"; require APP_ROOT . './libraries/device.class.php'; $smarty->template_dir = "template/"; $smarty->setCompileDir("wap" . DS); $smarty->flash_layout = "flash"; $device = new Devices(); $device_id = $device->getHandsetId(); setvar("Device", $device->getHandsetFullname()); if (isset($_GET['msisdn'])) { $_SESSION['msisdn'] = $_GET['msisdn']; } if (!isset($_SESSION['msisdn'])) { pheader("location:" . URL . "wap/msisdn.php?forward=" . urlencode(pb_get_host() . $_SERVER['REQUEST_URI'])); //echo urlencode(pb_get_host().$_SERVER['REQUEST_URI'] ); exit; } if (!empty($_SESSION['msisdn'])) { setvar("msisdn", "Xin chào: " . $_SESSION['msisdn']); } else { setvar("msisdn", "Chưa nhận diện được số điện thoại!"); } $today_start = mktime(0, 0, 0, date("m"), date("d"), date("Y")); formhash();
$result = $old_commend == 1 ? $pdb->Execute("update {$tb_prefix}trades set if_commend=0 where id={$val}") : $pdb->Execute("update {$tb_prefix}trades set if_commend=1 where id={$val}"); } } if ($result) { flash("success"); } else { flash(); } } if (isset($_POST['setting'])) { require LIB_PATH . "cache.class.php"; $cache = new Caches(); $updated = $setting->replace($_POST['data']['setting'], 1); if ($updated) { $cache->writeCache("setting", "setting"); pheader("location:offer.php?do=setting"); } else { flash(); } } if (isset($_GET['do'])) { $do = trim($_GET['do']); if (!empty($_GET['id'])) { $id = intval($_GET['id']); } if ($do == "refresh" && !empty($id)) { $trade->refresh($id); } if ($do == "setting") { $setting_offer_status = L("setting_offer_expired", "tpl"); $setting_offer_status = explode("|", $setting_offer_status);
if (isset($_GET['action'])) { if ($_GET['action'] == "dereg") { usetcookie("admin", ""); unset($_SESSION['last_adminer_time']); } } capt_check("capt_login_admin"); if (isset($_POST['do'])) { $do = trim($_POST['do']); if ($do == "login") { pb_submit_check('data'); if (!empty($_POST['data']['username']) && !empty($_POST['data']['userpass'])) { $checked = false; $uname = $_POST['data']['username']; $upass = $_POST['data']['userpass']; $checked = $adminer->checkUserLogin($uname, $upass); if ($checked > 0) { pheader("Location:index.php"); } else { setvar("LoginError", $adminer->error); } } } } $smarty->template_dir = "template/"; $smarty->setCompileDir("pb-admin" . DS); if (!empty($arrTemplate)) { $smarty->assign($arrTemplate); } template("login"); exit;
<?php /** * [PHPB2B] Copyright (C) 2007-2099, Ualink Inc. All Rights Reserved. * The contents of this file are subject to the License; you may not use this file except in compliance with the License. * * @version $Revision: 2048 $ */ define('CURSCRIPT', 'add'); require "../libraries/common.inc.php"; require "../share.inc.php"; uses("market"); $market = new Markets(); if (isset($_POST['do']) && !empty($_POST['data']['market']['name'])) { pb_submit_check("data"); $market->setParams(); $market->params['data']['market']['industry_id'] = PbController::getMultiId($_POST['industry']['id']); $market->params['data']['market']['area_id'] = PbController::getMultiId($_POST['area']['id']); $result = $market->Add(); if ($result) { flash('thanks_for_adding_market'); } else { pheader("location:add.php"); } } $viewhelper->setPosition(L("added_market_info", "tpl")); render("market/add");
if (isset($_GET['pos'])) { $pos = intval($_GET['pos']); } $conditions = array(); $tpl_file = "search"; $cache_types = cache_read("type"); if (isset($_GET['q'])) { $_GET['q'] = urldecode(strip_tags(htmlspecialchars($_GET['q']))); setvar('highlight_str', $_GET['q']); } $viewhelper->setTitle(L("advanced_search", 'tpl')); if (isset($_GET['act'])) { if ($_GET['act'] == "direct") { $result = $pdb->GetRow("SELECT * FROM " . $tb_prefix . "companies WHERE adwords='" . $_GET['q'] . "' OR name='" . $_GET['q'] . "'"); if (!empty($result)) { pheader("Location:" . URL . "space/?id=" . $result['id']); exit; } } } if (isset($_GET['do']) && (!empty($_GET['q']) || !empty($_GET['industryid']) || !empty($_GET['areaid']) || !empty($_GET['typeid']) || !empty($_GET['type']))) { $do = trim(strtolower($_GET['do'])); $allowed_search = array("dictionary" => "dict", "help" => "help", "market" => "market", "info" => "news", "offer" => "offer", "fair" => "fair", "product" => "product", "yellow_page" => "company"); if (in_array($do, $allowed_search)) { $tpl_file = "search.list"; switch ($do) { case "fair": $do = "expo"; $option = "fair"; break; case "offer":
$member_info = $pdb->GetRow("SELECT id,username FROM {$tb_prefix}members WHERE id='" . $to_memberid . "'"); } else { $member_info = $pdb->GetRow("SELECT id,username FROM {$tb_prefix}members WHERE username='******'to'] . "'"); } if (!$member_info || empty($member_info) || $member_info['id'] == $_SESSION['MemberID']) { flash(); } $result = $pms->SendToUser($_SESSION['MemberName'], $member_info['username'], $vals); if (!$result) { flash(); } } if (isset($_POST['del'])) { $result = $pms->del($_POST['id'], "to_member_id=" . $_SESSION['MemberID']); if ($result) { pheader("location:pms.php"); } else { flash(); } } $tpl_file = "pms"; $page->displaypg = 15; $amount = $pms->findCount(null, $conditions); $page->setPagenav($amount); $result = $pms->findAll("id,from_member_id,cache_from_username,title,content,status,created", null, $conditions, "id DESC", $page->firstcount, $page->displaypg); setvar("MessageStatus", $pms->getReadStatus()); if (!empty($result)) { for ($i = 0; $i < count($result); $i++) { $result[$i]['senddate'] = date("Y-m-d", $result[$i]['created']); switch ($result[$i]['type']) { case 'user':
template($tpl_file); exit; } if ($do == "search") { if (!empty($_GET['type_id'])) { $conditions[] = "Service.type_id=" . $_GET['type_id']; } if (!empty($_GET['q'])) { $conditions[] = "Service.title like '%" . $_GET['q'] . "%' OR Service.content like '%" . $_GET['q'] . "%'"; } } } $amount = $service->findCount(null, $conditions, "Service.id"); $page->setPagenav($amount); setvar("Items", $service->findAll("*", null, $conditions, "Service.id DESC ", $page->firstcount, $page->displaypg)); setvar("ByPages", $page->pagenav); if (isset($_REQUEST['del'])) { $deleted = false; if (!empty($_POST['id'])) { $deleted = $service->del($_POST['id']); } if (!empty($_GET['id'])) { $deleted = $service->del($_GET['id']); } if ($deleted) { pheader("location:service.php"); } else { flash(); } } template($tpl_file);
{ global $referer; $indexname = URL . "index.php"; $default = empty($default) ? $indexname : ''; $referer = pb_htmlspecialchar($referer); if (!preg_match("/(\\.php|[a-z]+(\\-\\d+)+\\.html)/", $referer) || strpos($referer, 'logging.php')) { $referer = $default; } return $referer; } if (isset($_GET['action']) && $_GET['action'] == "logout") { $referer = null; $referer = ua_referer(); session_destroy(); uclearcookies(); if (isset($_GET['fr'])) { if ($_GET['fr'] == "cp") { usetcookie("admin", ''); } } $member->logOut(); $gopage = $referer; if (!empty($_GET['forward'])) { pheader("location:" . $_GET['forward']); } else { pheader("location:" . $gopage); exit; } } formhash(); render("logging");
/** * [PHPB2B] Copyright (C) 2007-2099, Ualink Inc. All Rights Reserved. * The contents of this file are subject to the License; you may not use this file except in compliance with the License. * * @version $Revision: 2153 $ */ session_start(); define('CURSCRIPT', 'redirect'); require "libraries/common.inc.php"; require "share.inc.php"; $sid = session_id(); //search the urls at the url table. if (!empty($_GET['url'])) { $url = htmlspecialchars(trim($_GET['url'])); if (isset($_GET['app_lang'])) { if (is_file(CACHE_ROOT . $_GET['app_lang'] . DS . "lang_site.php")) { usetcookie("lang", $_GET['app_lang']); pheader("location:" . $url); exit; } else { flash(L("file_not_exists", "msg", "lang_site.php")); } } if (strpos($url, "/") === 0) { $url = ltrim($url, "/"); } pheader("location:" . $url); exit; } else { flash(null, URL); }
$vals['title'] = trim($_POST['title']); $vals['content'] = trim($_POST['content']); $vals['type_id'] = $_POST['type_id']; $now_companynews_amount = $companynews->findCount(null, "created>" . $today_start . " AND member_id=" . $the_memberid); if ($g['companynews_check']) { $vals['status'] = 0; $msg = 'msg_wait_check'; } else { $vals['status'] = 1; $msg = 'success'; } if (!empty($_POST['newsid'])) { $vals['modified'] = $time_stamp; unset($vals['created']); $companynews->save($vals, "update", $_POST['newsid'], null, "member_id=" . $the_memberid); pheader("location:news.php?action=list"); } else { if ($g['max_companynews'] && $now_companynews_amount >= $g['max_companynews']) { flash('one_day_max'); } $vals['created'] = $time_stamp; $vals['member_id'] = $the_memberid; $vals['company_id'] = $company_id; $result = $companynews->save($vals); flash($msg); } } if (isset($_POST['del'])) { $result = $companynews->del($_POST['newsid'], $conditions); if ($result) { flash("success");
function Add() { global $_PB_CACHE, $memberfield, $phpb2b_auth_key, $if_need_check; $error_msg = array(); if (empty($this->params['data']['member']['username']) or empty($this->params['data']['member']['userpass']) or empty($this->params['data']['member']['email'])) { return false; } $space_name = $this->params['data']['member']['username']; $userpass = $this->params['data']['member']['userpass']; $this->params['data']['member']['userpass'] = $this->authPasswd($this->params['data']['member']['userpass']); if (empty($this->params['data']['member']['space_name'])) { $this->params['data']['member']['space_name'] = PbController::toAlphabets($space_name); } //Todo: $uip = pb_ip2long(pb_getenv('REMOTE_ADDR')); if (empty($uip)) { pheader("location:" . URL . "redirect.php?message=" . urlencode(L('sys_error'))); } $this->params['data']['member']['last_login'] = $this->params['data']['member']['created'] = $this->params['data']['member']['modified'] = $this->timestamp; $this->params['data']['member']['last_ip'] = pb_get_client_ip('str'); $email_exists = $this->checkUserExistsByEmail($this->params['data']['member']['email']); if ($email_exists) { flash("email_exists", null, 0); } $if_exists = $this->checkUserExist($this->params['data']['member']['username']); if ($if_exists) { flash('member_has_exists', null, 0); } else { $this->save($this->params['data']['member']); $key = $this->table_name . "_id"; if ($this->ins_passport) { $this->passport(array($this->{$key}, $this->params['data']['member']['username'], $userpass, $this->params['data']['member']['email']), "reg"); } $memberfield->primaryKey = "member_id"; $memberfield->params['data']['memberfield']['member_id'] = $this->{$key}; $memberfield->params['data']['memberfield']['reg_ip'] = $this->params['data']['member']['last_ip']; $memberfield->save($memberfield->params['data']['memberfield']); if (!$if_need_check) { $user_info['id'] = $this->{$key}; $user_info['username'] = $this->params['data']['member']['username']; $user_info['userpass'] = $userpass; $user_info['useremail'] = $this->params['data']['member']['email']; $user_info['lifetime'] = $this->timestamp + 86400; $user_info['is_admin'] = 0; $this->putLoginStatus($user_info); } } return true; }
// Điền key của Partner đc cung cấp $secFrom2010 = time() - mktime(0, 0, 0, 1, 1, 2010); $minFrom2010 = floor($secFrom2010 / 60); $timeSignal = dechex($minFrom2010); $signal = encodeSignal($partnerId . '|' . $timeSignal . '|' . $key); $callback = $_GET['forward']; $info = array(); $info['now'] = date("Y-m-d H:i:s"); $info['secFrom2010'] = $secFrom2010; $info['minFrom2010'] = $minFrom2010; $info['partnerId'] = $partnerId; $info['key'] = $key; $info['timeSignal'] = $timeSignal; $info['signal'] = $signal; $info['callback'] = $callback; $info['partnerId|timeSignal|key'] = $partnerId . '|' . $timeSignal . '|' . $key; $info['MD5_partnerId|timeSignal|key'] = md5($partnerId . '|' . $timeSignal . '|' . $key, true); $info['BASE64_MD5_partnerId|timeSignal|key'] = base64_encode($info['MD5_partnerId|timeSignal|key']); $info['BASE64_MD5_partnerId|timeSignal|key'] = str_replace(array("=", "+", "/"), array("_", "-", "."), $info['BASE64_MD5_partnerId|timeSignal|key']); //echo $callback;exit; //$callback = urlencode("http://wap.thinknet.vn/wap/index.php"); $callback = urlencode($callback); //header("HTTP/1.1 200 OK"); pheader("Location: http://payment.xalo.vn/method?p={$partnerId}&t={$timeSignal}&s={$signal}&cb={$callback}"); //echo "\n<br><a href='http://payment.xalo.vn/method?p=$partnerId&t=$timeSignal&s=$signal&cb=$callback'>GO PAY</a>"; function encodeSignal($str) { $signal = base64_encode(md5($str, true)); $signal = str_replace(array("=", "+", "/"), array("_", "-", "."), $signal); return $signal; }