function login() { $this->_fix_failedlogins(); if(MEMBER_ID < 1) { $this->Messager("请先在前台进行<a href='index.php?mod=account&code=login'><b>登录</b></a>",null); } $loginperm = $this->_logincheck(); if(!$loginperm) { $this->Messager("累计 5 次错误尝试,15 分钟内您将不能登录。",null); } $this->Title="用户登录"; if ($this->CookieHandler->GetVar('referer')=='') { $this->CookieHandler->Setvar('referer',referer()); } $action="admin.php?mod=login&code=dologin"; $question_select=FormHandler::Select('question',ConfigHandler::get('member','question_list'),0); $role_type_select=FormHandler::Radio('role_type',ConfigHandler::get('member','role_type_list'),'normal'); ob_clean(); include(handler('template')->file("@admin/login")); }
/** * @copyright (C)2014 Cenwor Inc. * @author Cenwor <www.cenwor.com> * @package php * @name common.func.php * @date 2014-11-04 13:51:54 */ function position() { global $rewriteHandler; $decribe=__('您的位置:'); $child_symbol=' > '; $mod=$_GET['rmod']?$_GET['rmod']:$_GET['mod']; if(strpos($mod,'_')!==false)list($mod,$mod_child)=explode('_',$mod); $code=$_GET['code']; $config = ConfigHandler::get(); $list['index']="<a href='{$config['site_url']}'>{$config['site_name']}".__('首页')."</a>"; $list['mod']=ConfigHandler::get('header_menu','list',$mod); if($list['mod']!=false) { if($rewriteHandler)$list['mod']['link']=$rewriteHandler->formatURL($list['mod']['link']); $list['mod']="<a href='{$list['mod']['link']}'>{$list['mod']['name']}</a>"; } else { unset($list['mod']); } $args_list=func_get_args(); if(is_array($args_list) and count($args_list)>0) { foreach ($args_list as $key=>$value) { if(empty($value))continue; if(is_string($value)) { if(trim($value)=='')continue; $value=preg_replace("~(\s+[/]\s+)|(\-\>)~",$child_symbol,$value); } else { if(isset($value['name'])) { $value['url']=($value['url']!='')?$value['url']:$value['link']; $url=$value['url']; $name=$value['name']; } else { $url=current($value); $name=key($value); } if($rewriteHandler)$url=$rewriteHandler->formatURL($url); $value="<a href='$url'>$name</a>"; } $list[$key]=$value; } } $position=implode($child_symbol,$list); return $decribe.$position; }
function ModuleObject( $config ) { $this->MasterObject($config); Load::logic('product'); $this->ProductLogic = new ProductLogic(); Load::logic('pay'); $this->PayLogic = new PayLogic(); Load::logic('me'); $this->MeLogic = new MeLogic(); Load::logic('order'); $this->OrderLogic = new OrderLogic(); $this->ID = ( int )($this->Post['id'] ? $this->Post['id'] : $this->Get['id']); $this->CacheConfig = ConfigHandler::get('cache'); $this->ShowConfig = ConfigHandler::get('show'); $runCode = Load::moduleCode($this, $this->Code); $this->$runCode(); }
function CheckUsername() { $username=trim($this->Post['username'] ? $this->Post['username'] : $this->Post['check_value']); if (strlen($username) < 3 || strlen($username) > 15) { response_text(__("用户名长度请控制在3~15")); } if (($filter_msg = filter($username))) { response_text("用户名 ".$filter_msg); } if (preg_match('~[\~\`\!\@\#\$\%\^\&\*\(\)\=\+\[\{\]\}\;\:\'\"\,\<\.\>\/\?]~',$username)) { response_text(__("用户名不能包含特殊字符")); } $censoruser = ConfigHandler::get('user','forbid'); $censoruser .= "topic login member profile tag get_password report weather master url"; $censorexp = '/^('.str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote(($censoruser = trim($censoruser)), '/')).')$/i'; if($censoruser && @preg_match($censorexp, $username)) { response_text(sprintf(__("用户名<b>%s</b>被保留,禁止注册"), $username)); } $response= "对不起,您输入的用户名 <B>{$username}</B> 不能注册或已经被他人使用,请选择其他名字后再试。"; $this->DatabaseHandler->SetTable(TABLE_PREFIX. 'system_members'); $is_exists=$this->DatabaseHandler->Select('',"username='******'"); if($is_exists) { response_text($response); } if(true === UCENTER) { include_once(UC_CLIENT_ROOT . './client.php'); $uc_result = uc_user_checkname($username); if($uc_result < 0) { response_text($response); } } exit ; }
function MasterObject(&$config) { $config['v'] = SYS_VERSION; $this->Config=$config; $this->Get = &$_GET; $this->Post = &$_POST; $this->Cookie = &$_COOKIE; $this->Session = &$_SESSION; $this->Request = &$_REQUEST; $this->Server = &$_SERVER; $this->Files = &$_FILES; $this->Module = $this->Post['mod']?$this->Post['mod']:$this->Get['mod']; $this->Code = $this->Post['code']?$this->Post['code']:$this->Get['code']; $this->OPC = trim($this->Post['op']?$this->Post['op']:$this->Get['op']); $GLOBALS['iframe'] = ''; $ipbanned=ConfigHandler::get('access','ipbanned'); if(!empty($ipbanned) && preg_match("~^({$ipbanned})~",$_SERVER['REMOTE_ADDR'])) { die(__("您的IP已经被禁止访问。")); } $this->TemplateHandler=new TemplateHandler($config); Obj::register('TemplateHandler',$this->TemplateHandler); $this->CookieHandler = handler('cookie'); $this->DatabaseHandler = dbc(); Obj::register('DatabaseHandler',$this->DatabaseHandler); Obj::register('CookieHandler',$this->CookieHandler); Obj::register('config',$this->Config); }
function Execute() { $this -> config=ConfigHandler::get('product'); $sql='select * from '.TABLE_PREFIX.'tttuangou_city '; $query = $this->DatabaseHandler->Query($sql); $this -> cityary=$query->GetAll(); if($_GET['city']!=''){ foreach($this -> cityary as $value){ if($value['shorthand'] == $_GET['city']){ $this->CookieHandler->setVar('mycity',$value['cityid']); $this -> city =$value['cityid']; break; }; }; }; if($this -> city == ''){ if($this->CookieHandler->getVar('mycity')!=''){ $this -> city = $this->CookieHandler->getVar('mycity'); }else{ $this -> city=1; }; }; foreach($this -> cityary as $value){ if($value['cityid'] == $this -> city){ $this -> cityname = $value['cityname']; break; }; }; ob_start(); $load_file=array("vivian_reg.css",'validate.js'); switch($this->Code) { case 'dologin': $this->DoLogin(); break; case 'logout': $this->LogOut(); break; default: $this->login(); break; } $body=ob_get_clean(); $this->ShowBody($body); }
function sms_remain() { $sms = ConfigHandler::get('sms'); $sms['server'] = sms_server_init(); $data = 'name='.$sms['account'].'&password='******'password']); $result = dfopen($sms['server'].'?method=remaincount&'.$data, 10485760, '', '', true); $result = iconv('GB2312', 'UTF-8/'.'/IGNORE', $result); preg_match('/<describe>(.*?)<\/describe>/', $result, $match); $status = $match[1]; preg_match('/<count>(.*?)<\/count>/', $result, $match); $remain = (int)$match[1]/10; if ($match[0] == '') { preg_match('/<message>(.*?)<\/message>/', $result, $match); $remain = $match[1]; } return array('status'=>$status, 'remain'=>$remain); }
function ModuleObject( $config ) { $this->MasterObject($config); if (MEMBER_ID < 1) { $this->Messager(__('请先登录!'), '?mod=account&code=login'); } Load::logic('product'); $this->ProductLogic = new ProductLogic(); Load::logic('pay'); $this->PayLogic = new PayLogic(); Load::logic('me'); $this->MeLogic = new MeLogic(); Load::logic('order'); $this->OrderLogic = new OrderLogic(); $this->config = $config; $this->ID = ( int )($this->Post['id'] ? $this->Post['id'] : $this->Get['id']); $this->CacheConfig = ConfigHandler::get('cache'); $this->ShowConfig = ConfigHandler::get('show'); $runCode = Load::moduleCode($this, $this->Code); $this->$runCode(); }
function Execute() { if ($this->Code == '') { $this->Code = 'main'; } $this -> config=ConfigHandler::get('product'); list($this->cityary,$this->city,$this->cityname)=logic('misc')->City(); if ('main' == $this->Code) { ob_start(); $this->UrlList(); $body = ob_get_clean(); $this->ShowBody($body); } else { $this->RssOutput(); } }
function Execute(){ include_once ROOT_PATH . './setting/constants.php'; $this -> Title ='商家' . TUANGOU_STR . '管理'; if(MEMBER_ID < 1)$this->Messager("您必须先注册或登录!"); $this -> config=ConfigHandler::get('product'); list($this->cityary,$this->city,$this->cityname)=logic('misc')->City(); ob_start(); switch($this->Code){ case 'ticket': $this->Ticket(); break; case 'sendmail': $this->Sendmail(); break; case 'express': $this->Express(); break; default: $this->Main(); break; }; $body = ob_get_clean(); $this->ShowBody($body); }
static function backup($type = null) { if (null === $type) { $config = ConfigHandler::core_settings(); } else { $config = ConfigHandler::get($type); } if ($config) { $dir = ROOT_PATH . 'data/backup/setting/'; if (!is_dir($dir)) { jmkdir($dir); } return jio()->WriteFile($dir . (null === $type ? 'settings' : $type) . '.php', '<?php $config' . (null === $type ? '' : "['{$type}']") . ' = ' . var_export($config, true) . '; ?>'); } }
function ShareConfig() { $this->CheckAdminPrivs('share'); $op = $this->Get['op']; if($op == 'modify') { $list = $this->Post; $order = $list['order']; foreach ($order as $i => $oid) { if ($oid != '') { $sort[$oid] = $i; } } ksort($sort); foreach ($sort as $oid => $i) { $flag = $list['flag'][$i]; $one = array(); $one['order'] = $list['order'][$i]; $one['name'] = $list['name'][$i]; $one['display'] = (isset($list['display'][$flag]) && $list['display'][$flag] == 'on') ? 'yes' : 'no'; $set[$flag] = $one; } $bshare = ini('share.~@bshare'); $bshare_POST = post('bshare'); $bshare['uuid'] = $bshare_POST['uuid']; $set['~@bshare'] = $bshare; ini('share', $set); $this->Messager('保存成功!'); } $listAll = array('link', 'qzone', 'kaixin001', 'renren', 'douban', 'tsina', 'bai', 'gmail', 'delicious', 'digg', 'yahoo', 'google', 'facebook', 'twitter', 'baiduhi', 'blogbus', 'clipboard', 'qqmb', 'qqxiaoyou', 'xianguo'); $action = '?mod=tttuangou&code=shareconfig&op=modify'; $shares = ConfigHandler::get('share'); foreach ($listAll as $i => $flag) { if (!array_key_exists($flag, $shares)) { $shares[$flag] = array( 'order' => '', 'name' => '', 'display' => 'no' ); } } if (isset($shares['~@bshare'])) { $bshare = $shares['~@bshare']; unset($shares['~@bshare']); } include(handler('template')->file('@admin/tttuangou_list_share')); }
<?php /* 2014-02-25 in jishigou invalid request template */ if (!defined("IN_JISHIGOU")) { exit("invalid request"); } hookscriptoutput(); if ($link_config = ConfigHandler::get('link')) { ?> <div class="foot-line"> <p>友情链接:</p> <?php if (is_array($link_config)) { foreach ($link_config as $link) { ?> <?php if (!empty($link['logo'])) { ?> <a href="<?php echo $link['url']; ?> " target="_blank"><img src="<?php echo $link['logo']; ?> " width="88" height="31" border="0" alt="<?php echo $link['name']; ?> "></a> <?php } else { ?> <a href="<?php echo $link['url']; ?>
function MasterObject(&$config) { global $rewriteHandler; $config['v'] = SYS_VERSION.SYS_RELEASE; $this->Config=$config; Obj::register('config', $this->Config); $this->Get = &$_GET; $this->Post = &$_POST; $this->Cookie = &$_COOKIE; $this->Session = &$_SESSION; $this->Request = &$_REQUEST; $this->Server = &$_SERVER; $this->Files = &$_FILES; $this->Module = trim($this->Post['mod']?$this->Post['mod']:$this->Get['mod']); $this->Code = trim($this->Post['code']?$this->Post['code']:$this->Get['code']); $this->OPC = trim($this->Post['op']?$this->Post['op']:$this->Get['op']); if ($this->Code == '') { $this->Code = ini('settings.default_code'); } $GLOBALS['iframe'] = ''; require_once LIB_PATH . 'cookie.han.php'; $this->CookieHandler = handler('cookie'); Obj::register('CookieHandler',$this->CookieHandler); if(false == in_array($this->Module, array('downapp', 'wap')) && false === X_IS_AJAX) { if(false != ($get_ignore_jump = get('ignore_jump'))) { $this->CookieHandler->SetVar('ignore_jump', time()); } $ignore_jump = ($get_ignore_jump ? $get_ignore_jump : $this->CookieHandler->GetVar('ignore_jump')); if(false == $ignore_jump && $_SERVER['HTTP_USER_AGENT'] && false != preg_match('~(MicroMessenger|iPhone|Android|Mobile)~i', $_SERVER['HTTP_USER_AGENT'], $match)) { header('Location: index.php?mod=downapp'); } } $__navs = ConfigHandler::get('nav'); foreach ($__navs as $i => $nav) { $curClass = ''; if (strpos($nav['url'], $this->Module)>0 && strpos($nav['url'], $this->Code)>0) { $curClass = 'current'; } elseif (strpos($nav['url'], $this->Module)>0 && $this->Code === false) { $curClass = 'current'; } elseif ($this->Module=='index' && $this->Code=='' && strpos($nav['url'], 'mod')==false && strpos($nav['url'], 'code')==false && substr($nav['url'], 0, 4) != 'http') { $curClass = 'current'; } $__navs[$i]['class'] = $curClass; if ($rewriteHandler) { $__navs[$i]['url'] = $rewriteHandler->formatURL($nav['url']); } } $this->Config['__navs'] = $__navs; $this->TemplateHandler = handler('template'); Obj::register('TemplateHandler',$this->TemplateHandler); $this->DatabaseHandler = dbc(); Obj::register('DatabaseHandler',$this->DatabaseHandler); require_once LIB_PATH . 'member.han.php'; $uid = 0;$password = '';$secques = ''; if($authcode=$this->CookieHandler->GetVar('auth')) { list($password,$secques,$uid)=explode("\t",authcode($authcode,'DECODE')); } $this->MemberHandler= handler('member'); $this->MemberHandler->FetchMember($uid,$password,$secques); $this->Title=$this->MemberHandler->CurrentAction['name']; Obj::register("MemberHandler",$this->MemberHandler); $ipbanned=ConfigHandler::get('access','ipbanned'); if(!empty($ipbanned) && preg_match("~^({$ipbanned})~",$_SERVER['REMOTE_ADDR'])) { $this->Messager("您的IP已经被禁止访问。",null); } unset($ipbanned); if(MEMBER_ID<1 && (int)$this->Config['robot']['turnon']==1) { include_once LOGIC_PATH.'robot.logic.php'; $RobotLogic=new RobotLogic(); define("ROBOT_NAME",$RobotLogic->isRobot()); if(ROBOT_NAME!==false) { if ($this->Config['robot']['list'][ROBOT_NAME]['disallow']) { exit('Access Denied'); } $RobotLogic->statistic(); if(isset($this->Config['robot']['list'][ROBOT_NAME]['show_ad']) && (int)$this->Config['robot']['list'][ROBOT_NAME]['show_ad']==0) { unset($this->Config['ad']); } include_once LOGIC_PATH.'robot_log.logic.php'; $RobotLogLogic=new RobotLogLogic(ROBOT_NAME); $RobotLogLogic->statistic(); unset($RobotLogLogic); } unset($RobotLogic); } unset($this->Config['robot']); define("FORMHASH",substr(md5(substr(time(), 0, -7).$_SERVER['HTTP_HOST'].$this->Config['auth_key'].$_SERVER['HTTP_USER_AGENT']),0,16)); if($_SERVER['REQUEST_METHOD']=="POST" && $this->Module!='callback' && $this->Module!='misc' && $this->Module!='upload' && $this->Module!='address') { if($this->Post["FORMHASH"]!=FORMHASH || strpos($_SERVER["HTTP_REFERER"],$_SERVER["HTTP_HOST"])===false) { X_IS_AJAX || $this->Messager("请求无效",null); } } }
function DoMerge() { $this->CheckAdminPrivs('ucenter'); $start = max(0,(int) $this->Get['start']); $limit = 500; $ucenter = ConfigHandler::get('ucenter'); if(!$ucenter['enable'] || !$this->Get['confirm'] || 'mysql' != $ucenter['uc_connect']) { $this->Messager("你的配置不正确,或者已经进行过用户数据整合了",null); } include_once(ROOT_PATH.'./api/uc_api_db.php'); $db = new JSG_UC_API_DB(); $db->connect($this->Config['db_host'],$this->Config['db_user'],$this->Config['db_pass'],$this->Config['db_name'],$this->Config['charset'],$this->Config['db_persist'],$this->Config['db_table_prefix']); $query = $db->query("select * from ".TABLE_PREFIX."system_members where ucuid=0 limit {$limit}"); if($db->num_rows($query) < 1) { $this->Messager("用户数据合并成功",null); } $uc_db = new JSG_UC_API_DB(); $uc_db->connect($ucenter['uc_db_host'],$ucenter['uc_db_user'],$ucenter['uc_db_password'],$ucenter['uc_db_name'],$ucenter['uc_db_charset'],1,$ucenter['uc_db_table_prefix']); while ($data = $db->fetch_array($query)) { $ucuid = -1; $salt = rand(100000, 999999); $password = md5($data['password'].$salt); $data['username'] = addslashes($data['username']); $uc_user = $uc_db->fetch_first("SELECT * FROM {$ucenter['uc_db_table_prefix']}members WHERE username='******'"); if(!$uc_user) { $uc_db->query("INSERT LOW_PRIORITY INTO {$ucenter['uc_db_table_prefix']}members SET username='******', password='******',email='$data[email]', regip='$data[regip]', regdate='$data[regdate]', salt='$salt'", 'SILENT'); $ucuid = $uc_db->insert_id(); $uc_db->query("INSERT LOW_PRIORITY INTO {$ucenter['uc_db_table_prefix']}memberfields SET uid='$ucuid'",'SILENT'); } else { if($uc_user['password'] == md5($data['password'].$uc_user['salt'])) { $ucuid = $uc_user['uid']; } else { $uc_db->query("REPLACE INTO {$ucenter['uc_db_table_prefix']}mergemembers SET appid='".UC_APPID."', username='******'", 'SILENT'); } } $db->query("update ".TABLE_PREFIX."system_members set ucuid={$ucuid} where uid={$data['uid']}"); } $next = ($start + $limit); $this->Messager("[{$start}-{$next}]正在进行用户数据的合并中,请稍候……",'admin.php?mod=ucenter&code=merge&confirm=1&start='.$next); }
function MasterObject(&$config) { $config['v'] = SYS_VERSION.SYS_RELEASE; $this->Config=$config; Obj::register('config',$this->Config); $this->ajhAuthKey = $this->Config['auth_key'] . $_SERVER['HTTP_USER_AGENT'] . '_IN_ADMIN_PANEL_' . date('Y-m-Y-m') . '_' . $this->Config['safe_key']; $this->Get = &$_GET; $this->Post = &$_POST; $this->Cookie = &$_COOKIE; $this->Session = &$_SESSION; $this->Request = &$_REQUEST; $this->Server = &$_SERVER; $this->Files = &$_FILES; $this->Module = trim($this->Post['mod']?$this->Post['mod']:$this->Get['mod']); $this->Code = trim($this->Post['code']?$this->Post['code']:$this->Get['code']); $this->OPC = trim($this->Post['op']?$this->Post['op']:$this->Get['op']); if ($this->Code == '') { $this->Code = ini('settings.default_code'); } $GLOBALS['iframe'] = ''; require_once LIB_PATH . 'cookie.han.php'; $this->CookieHandler = handler('cookie'); Obj::register('CookieHandler',$this->CookieHandler); $this->TemplateHandler = handler('template'); Obj::register('TemplateHandler',$this->TemplateHandler); $this->DatabaseHandler = dbc(); Obj::register('DatabaseHandler',$this->DatabaseHandler); require_once LIB_PATH . 'member.han.php'; if($authcode=$this->CookieHandler->GetVar('auth')) { list($password,$secques,$uid)=explode("\t",authcode($authcode,'DECODE')); } $this->MemberHandler= handler('member'); $this->MemberHandler->FetchMember($uid,$password,$secques); $access=ConfigHandler::get('access'); if(!empty($access['ipbanned']) && preg_match("~^({$access['ipbanned']})~",$_SERVER['REMOTE_ADDR'])) { $this->Messager("您的IP已经被禁止访问",null); } if(!empty($access['admincp']) && !preg_match("~^({$access['admincp']})~",$_SERVER['REMOTE_ADDR'])) { $this->Messager("您当前的IP在不在后台允许的IP里,无法访问后台。",null); } if(MEMBER_ID<1) { $this->Messager("请先在前台进行<a href='index.php?mod=account&code=login'><b>登录</b></a>",null); } $this->CheckAdminPrivs(); if(!($this->Config['close_second_verify_enable']) && $this->Module!='login') { unset($ajhAuth,$_pwd,$_uid); if(($ajhAuth = $this->CookieHandler->GetVar('ajhAuth'))) { list($_pwd,$_uid) = explode("\t",authcode($ajhAuth,'DECODE',$this->ajhAuthKey)); } if (!$ajhAuth || !$_pwd || $_pwd!=$this->MemberHandler->MemberFields['password'] || $_uid < 1 || $_uid!=MEMBER_ID) { $this->Messager(null,'admin.php?mod=login'); } } $this->Title=$this->MemberHandler->CurrentAction['name']; Obj::register("MemberHandler",$this->MemberHandler); define("FORMHASH",substr(md5(substr(time(), 0, -7).$_SERVER['HTTP_USER_AGENT'].$_SERVER['HTTP_HOST'].$this->Config['auth_key'].date('Y-m-d')),0,16)); if($_SERVER['REQUEST_METHOD']=="POST") { if(($this->Post['FORMHASH']!=FORMHASH || strpos($_SERVER['HTTP_REFERER'],$_SERVER['HTTP_HOST'])===false)) { $this->Messager("请求无效", null); } } $this->actionName(); }
function ticketCreate( $userid, $productid, $orderid ) { Load::logic('product'); $ProductLogic = new ProductLogic(); $product = $ProductLogic->productGet($productid, 0, true); if ( $product['type'] == 'stuff' ) { return true; } $rndLength = 12; $rndLoop = ceil($rndLength / 3); $rndString = ''; for ( $i = 0; $i < $rndLoop; $i ++ ) { $rndString .= ( string )rand(100, 999); } $rndString = substr($rndString, 0, $rndLength); $ticketNumber = $rndString; $ticketPassword = rand('100000', '999999'); $ary = array( 'uid' => $userid, 'productid' => $productid, 'orderid' => $orderid, 'number' => $ticketNumber, 'password' => authcode($ticketPassword, 'ENCODE', $this->Config['auth_key']), 'status' => 1 ); $this->DatabaseHandler->SetTable(TABLE_PREFIX . 'tttuangou_ticket'); $result = $this->DatabaseHandler->Insert($ary); $sms = ConfigHandler::get('sms'); if ( $sms['power'] == 'on' ) { $sql = 'SELECT * FROM ' . TABLE_PREFIX . 'system_members WHERE uid=' . $userid; $userInfo = $this->DatabaseHandler->Query($sql)->GetRow(); if ( is_numeric($userInfo['phone']) ) { $sql = ' SELECT p.name, p.perioddate, s.sellerphone, s.selleraddress FROM ' . TABLE_PREFIX . 'tttuangou_product p LEFT join ' . TABLE_PREFIX . 'tttuangou_seller s on p.sellerid=s.id WHERE p.id=' . $productid; $ticketInfo = $this->DatabaseHandler->Query($sql)->GetRow(); $smsContent = str_replace(array( '{user_name}', '{product_name}', '{ticket_number}', '{ticket_password}', '{perioddate}', '{seller_phone}', '{seller_address}', '{site_name}' ), array( $userInfo['username'], $ticketInfo['name'], $ticketNumber, $ticketPassword, date('Y-m-d', $ticketInfo['perioddate']), $ticketInfo['sellerphone'], $ticketInfo['selleraddress'], $this->Config['site_name'] ), $sms['template']); Load::functions('sms'); $result = sms_send($userInfo['phone'], $smsContent); $sql = 'INSERT INTO ' . TABLE_PREFIX . 'tttuangou_sms (id, name, phone, content, mid, state)VALUES(NULL, "' . $userInfo['username'] . '", "' . $userInfo['phone'] . '", "' . $smsContent . '", "' . $result['msgid'] . '", "' . $result['msgstate'] . '")'; $this->DatabaseHandler->Query($sql); } } Load::logic('order'); $OrderLogic = new OrderLogic(); $OrderLogic->orderType($orderid, 9); return true; }
function Login() { if ( (MEMBER_ID != 0 and false == $this->IsAdmin) || MEMBER_ID > 0) { $this->Messager("您已经使用用户名 " . MEMBER_NAME . " 登录系统,无需再次登录!", null); } $loginperm = $this->_logincheck(); if ( ! $loginperm ) { $this->Messager("累计 5 次错误尝试,15 分钟内您将不能登录。", null); } $this->Title = "用户登录"; $action = "?mod=account&code=login&op=done"; $question_select = FormHandler::Select("question", ConfigHandler::get("member", "question_list"), 0); $role_type_select = FormHandler::Radio("role_type", ConfigHandler::get("member", "role_type_list"), "normal"); account()->loginReferer($_SERVER['HTTP_REFERER']); include ($this->TemplateHandler->Template("account_login")); }
function Main() { $this->CheckAdminPrivs('sessions'); $where_list=array(); $where=""; $query_link="admin.php?mod=sessions"; $p=max((int)$this->Get['page'],1); $query_link.="&page=".$p; $pn=(int)$this->Get['pn']?(int)$this->Get['pn']:20; if($pn<1)$pn=20; $query_link.='&pn='.$pn; $username=trim($this->Get['username']); if ($username!="") { $where_list[]="username like '%$username%'"; $query_link.="&username="******"*" || empty($_ip))continue; $ips.=$and."ip{$i}='$_ip'"; $and=" and "; } $where_list[]=$ips; } if($this->Get['order_by'])$query_link.="&order_by=".$this->Get['order_by']; if($this->Get['order_type'])$query_link.="&order_type=".$this->Get['order_type']; if($where_list)$where=" where ".implode(" AND ",$where_list); $order_by_list = array ( 'order_by_default' => 'lastactivity', 'lastactivity' => array ( 'name' => '最后访问时间', 'order_by' => 'lastactivity', ), 'ip' => array ( 'name' => 'IP地址', 'order_by' =>"concat_ws('.',ip1,ip2,ip3,ip4)", ), 'uid' => array ( 'name' => '用户名', 'order_by' => 'uid', ), ); $order_array = order($order_by_list,$query_link,array('display_un_href'=>true)); $order = $order_array['order']; $order_html = $order_array['html']; $limit=""; $offset=($p-1)*$pn; $sql="SELECT count(1) total from ".TABLE_PREFIX."system_sessions".$where; $query = $this->DatabaseHandler->Query($sql); $row=$query->GetRow(); $total=$row['total']; $sql="SELECT * from ".TABLE_PREFIX."system_sessions".$where." ".$order." limit $offset,$pn"; $query = $this->DatabaseHandler->Query($sql); $session_list=array(); while ($row=$query->GetRow()) { $row['dateline']=my_date_format($row['lastactivity']); $row['ip']=sprintf("%s.%s.%s.%s",$row['ip1'],$row['ip2'],$row['ip3'],$row['ip4']); $session_list[]=$row; } $robot=array(); $robot_record=(int)ConfigHandler::get('robot','turnon'); if($robot_record==1) { $sql="SELECT * from ".TABLE_PREFIX."system_robot_ip"; $query=$this->DatabaseHandler->Query($sql,"SKIP_ERROR"); if($query) { while ($row=$query->GetRow()) { $robot[$row['ip']]=$row['name']; } } } $pages=page($total,$pn,$query_link,array(),"2 10 20 50 100 200 500"); include handler('template')->file('@admin/sessions'); }
function modifyAccess() { $this->CheckAdminPrivs('ipset'); $access=(array)ConfigHandler::get('access'); foreach ($access as $type =>$ips) { if(!empty($ips)) { $ips=str_replace("|","\n",$ips); $access[$type]=stripslashes($ips); } } $action="admin.php?mod=setting&code=domodify_access"; include handler('template')->file('@admin/setting_access'); }
function Disallow() { $this->CheckAdminPrivs('robot'); $name = trim($this->Get['name']); $disallow = 'disallow1' == $this->Code ? 1 : 0; $sql = "update `".TABLE_PREFIX."system_robot` set `disallow`='{$disallow}' where `name`='{$name}'"; $this->DatabaseHandler->Query($sql); $sql = "select `name`,`disallow` from `".TABLE_PREFIX."system_robot` where `disallow`=1"; $query = $this->DatabaseHandler->Query($sql); $robot_config = ConfigHandler::get('robot'); $robot_config['list'] = array(); while ($row = $query->GetRow()) { $robot_config['list'][$row['name']]['disallow'] = $row['disallow']; } $configHandler = new ConfigHandler(); $configHandler->set('robot',$robot_config); $disallow_string = "User-agent: {$name} Disallow: / "; $load = new Load(); $load->lib('io'); $IoHandler = new IoHandler(); $robots_path = ROOT_PATH . 'robots.txt'; $robots_string_new = $robots_string = $IoHandler->ReadFile($robots_path); $disallow_string_strpos = strpos($robots_string,$disallow_string); if ($disallow && false===$disallow_string_strpos) { $robots_string_new = $disallow_string . $robots_string_new; } elseif (!$disallow && false!==$disallow_string_strpos) { $robots_string_new = str_replace($disallow_string,"",$robots_string_new); } if ($robots_string_new!=$robots_string) { $return = $IoHandler->WriteFile($robots_path,$robots_string_new); if (!$return) { $this->Messager("写入 <b>{$robots_path}</b> 文件失败,请检查是否有可读写的权限",null); } } $this->Messager("修改成功"); }
<?php /* 2014-02-25 in jishigou invalid request template */ if (!defined("IN_JISHIGOU")) { exit("invalid request"); } hookscriptoutput(); $naviList = ConfigHandler::get('footer_navigation'); ?> <?php if (is_array($naviList['list'])) { foreach ($naviList['list'] as $k_g => $group) { ?> <?php $k_g = $k_g + 1; ?> <div class="foot-line"> <?php if ($group['avaliable']) { ?> <p><?php echo $group['name']; ?> :</p> <?php } ?> <?php if (is_array($group['type_list'])) { foreach ($group['type_list'] as $k_o => $one) { ?> <?php if ($one['avaliable']) {
function _send_mail_by_smtp($email_to,$email_subject,$email_message,$smtp_config='',$html=true) { $sys_config = ConfigHandler::get(); $smtp_config = $smtp_config ? $smtp_config : (ConfigHandler::get('smtp')); $mail['from'] = $smtp_config['mail']; $mail['server'] = ($smtp_config['ssl'] ? 'ssl:/'.'/' : '') . $smtp_config['host']; $mail['port'] = $smtp_config['port']; $mail['auth'] = (boolean) ($smtp_config['username'] && $smtp_config['password']); $mail['auth_username'] = $smtp_config['username']; $mail['auth_password'] = $smtp_config['password']; $errorlog = 'ajherrorlog'; $charset = $sys_config['charset']; $bbname = $sys_config['site_name']; $adminemail = $sys_config['site_admin_email']; $maildelimiter = NEW_LINE; $mailusername = 1; $email_subject = '=?'.$charset.'?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $email_subject))).'?='; $email_message = chunk_split(base64_encode(str_replace("\r\n.", " \r\n..", str_replace("\n", "\r\n", str_replace("\r", "\n", str_replace("\r\n", "\n", str_replace("\n\r", "\r", $email_message))))))); $email_from = $smtp_config['email_from'] ? $smtp_config['email_from'] : $smtp_config['mail']; $email_from = ($email_from == '' ? '=?'.$charset.'?B?'.base64_encode($bbname)."?= <$adminemail>" : (preg_match('/^(.+?) \<(.+?)\>$/',$email_from, $from) ? '=?'.$charset.'?B?'.base64_encode($from[1])."?= <$from[2]>" : $email_from)); foreach(explode(',', $email_to) as $touser) { $tousers[] = preg_match('/^(.+?) \<(.+?)\>$/',$touser, $to) ? ($mailusername ? '=?'.$charset.'?B?'.base64_encode($to[1])."?= <$to[2]>" : $to[2]) : $touser; } $email_to = implode(',', $tousers); $headers = "From: $email_from{$maildelimiter}X-Priority: 3{$maildelimiter}X-Mailer: TTTuangou ".SYS_VERSION."{$maildelimiter}MIME-Version: 1.0{$maildelimiter}Content-type: text/".($html ? 'html' : 'plain')."; charset=$charset{$maildelimiter}Content-Transfer-Encoding: base64{$maildelimiter}"; $mail['port'] = $mail['port'] ? $mail['port'] : 25; if(!$fp = msockopen($mail['server'], $mail['port'], $errno, $errstr, 3)) { $errorlog('SMTP', "($mail[server]:$mail[port]) CONNECT - Unable to connect to the SMTP server", 0); return false; } stream_set_blocking($fp, true); $lastmessage = fgets($fp, 512); if(substr($lastmessage, 0, 3) != '220') { $errorlog('SMTP', "$mail[server]:$mail[port] CONNECT - $lastmessage", 0); return false; } fputs($fp, ($mail['auth'] ? 'EHLO' : 'HELO')." TTTuangou\r\n"); $lastmessage = fgets($fp, 512); if(substr($lastmessage, 0, 3) != 220 && substr($lastmessage, 0, 3) != 250) { $errorlog('SMTP', "($mail[server]:$mail[port]) HELO/EHLO - $lastmessage", 0); return false; } while(1) { if(substr($lastmessage, 3, 1) != '-' || empty($lastmessage)) { break; } $lastmessage = fgets($fp, 512); } if($mail['auth']) { fputs($fp, "AUTH LOGIN\r\n"); $lastmessage = fgets($fp, 512); if(substr($lastmessage, 0, 3) != 334) { $errorlog('SMTP', "($mail[server]:$mail[port]) AUTH LOGIN - $lastmessage", 0); return false; } fputs($fp, base64_encode($mail['auth_username'])."\r\n"); $lastmessage = fgets($fp, 512); if(substr($lastmessage, 0, 3) != 334) { $errorlog('SMTP', "($mail[server]:$mail[port]) USERNAME - $lastmessage", 0); return false; } fputs($fp, base64_encode($mail['auth_password'])."\r\n"); $lastmessage = fgets($fp, 512); if(substr($lastmessage, 0, 3) != 235) { $errorlog('SMTP', "($mail[server]:$mail[port]) PASSWORD - $lastmessage", 0); return false; } $email_from = $mail['from']; } fputs($fp, "MAIL FROM: <".preg_replace("/.*\<(.+?)\>.*/", "\\1", $email_from).">\r\n"); $lastmessage = fgets($fp, 512); if(substr($lastmessage, 0, 3) != 250) { fputs($fp, "MAIL FROM: <".preg_replace("/.*\<(.+?)\>.*/", "\\1", $email_from).">\r\n"); $lastmessage = fgets($fp, 512); if(substr($lastmessage, 0, 3) != 250) { $errorlog('SMTP', "($mail[server]:$mail[port]) MAIL FROM - $lastmessage", 0); return false; } } $email_tos = array(); foreach(explode(',', $email_to) as $touser) { $touser = trim($touser); if($touser) { fputs($fp, "RCPT TO: <".preg_replace("/.*\<(.+?)\>.*/", "\\1", $touser).">\r\n"); $lastmessage = fgets($fp, 512); if(substr($lastmessage, 0, 3) != 250) { fputs($fp, "RCPT TO: <".preg_replace("/.*\<(.+?)\>.*/", "\\1", $touser).">\r\n"); $lastmessage = fgets($fp, 512); $errorlog('SMTP', "($mail[server]:$mail[port]) RCPT TO - $lastmessage", 0); return false; } } } fputs($fp, "DATA\r\n"); $lastmessage = fgets($fp, 512); if(substr($lastmessage, 0, 3) != 354) { $errorlog('SMTP', "($mail[server]:$mail[port]) DATA - $lastmessage", 0); return false; } $headers .= 'Message-ID: <'.gmdate('YmdHs').'.'.substr(md5($email_message.microtime()), 0, 6).rand(100000, 999999).'@'.$_SERVER['HTTP_HOST'].">{$maildelimiter}"; fputs($fp, "Date: ".gmdate('r')."\r\n"); fputs($fp, "To: ".$email_to."\r\n"); fputs($fp, "Subject: ".$email_subject."\r\n"); fputs($fp, $headers."\r\n"); fputs($fp, "\r\n\r\n"); fputs($fp, "$email_message\r\n.\r\n"); $lastmessage = fgets($fp, 512); if(substr($lastmessage, 0, 3) != 250) { $errorlog('SMTP', "($mail[server]:$mail[port]) END - $lastmessage", 0); return false; } fputs($fp, "QUIT\r\n"); return true; }
function get_system_env( ) { $e = array(); $e['time'] = gmdate( "Y-m-d", time( ) ); $e['os'] = PHP_OS; $e['ip'] = @gethostbyname($_SERVER['SERVER_NAME']) or ($e['ip'] = getenv( "SERVER_ADDR" )) or ($e['ip'] = getenv('LOCAL_ADDR')); $e['sapi'] = @php_sapi_name( ); $e['host'] = strtolower(getenv('HTTP_HOST') ? getenv('HTTP_HOST') : $_SERVER['HTTP_HOST']); $e['path'] = substr(dirname(__FILE__),0,-17); $e['cpu'] = $_ENV['PROCESSOR_IDENTIFIER']."/".$_ENV['PROCESSOR_REVISION']; $e['name'] = $_ENV['COMPUTERNAME']; if(defined('SYS_VERSION')) $e['sys_version']=SYS_VERSION; if(defined('SYS_BUILD')) $e['sys_build']=SYS_BUILD; $sys_conf = ConfigHandler::get(); if($sys_conf['site_name']) $e['sys_name'] = $sys_conf['site_name']; if($sys_conf['site_admin_email']) $e['sys_email'] = $sys_conf['site_admin_email']; if($sys_conf['site_url']) $e['sys_url'] = $sys_conf['site_url']; if($sys_conf['charset']) $e['sys_charset'] = $sys_conf['charset']; if($sys_conf['language']) $e['sys_language'] = $sys_conf['language']; return get_system_count($e); }