Пример #1
0
}
$smarty->assign('lang', $_LANG);
$smarty->assign('help_open', $_CFG['help_open']);
if (isset($_CFG['enable_order_check'])) {
    $smarty->assign('enable_order_check', $_CFG['enable_order_check']);
} else {
    $smarty->assign('enable_order_check', 0);
}
/* 验证通行证信息 */
if (isset($_GET['ent_id']) && isset($_GET['ent_ac']) && isset($_GET['ent_sign']) && isset($_GET['ent_email'])) {
    $ent_id = trim($_GET['ent_id']);
    $ent_ac = trim($_GET['ent_ac']);
    $ent_sign = trim($_GET['ent_sign']);
    $ent_email = trim($_GET['ent_email']);
    $certificate_id = trim($_CFG['certificate_id']);
    $domain_url = $ecs->url();
    $token = $_GET['token'];
    if ($token == md5(md5($_CFG['token']) . $domain_url . ADMIN_PATH)) {
        require ROOT_PATH . 'includes/cls_transport.php';
        $t = new transport('-1', 5);
        $apiget = "act=ent_sign&ent_id= {$ent_id} & certificate_id={$certificate_id}";
        $t->request('http://cloud.ecshop.com/api.php', $apiget);
        $db->query('UPDATE ' . $ecs->table('shop_config') . ' SET value = "' . $ent_id . '" WHERE code = "ent_id"');
        $db->query('UPDATE ' . $ecs->table('shop_config') . ' SET value = "' . $ent_ac . '" WHERE code = "ent_ac"');
        $db->query('UPDATE ' . $ecs->table('shop_config') . ' SET value = "' . $ent_sign . '" WHERE code = "ent_sign"');
        $db->query('UPDATE ' . $ecs->table('shop_config') . ' SET value = "' . $ent_email . '" WHERE code = "ent_email"');
        clear_cache_files();
        ecs_header("Location: ./index.php\n");
    }
}
/* 验证管理员身份 */
Пример #2
0
/**
 * 获得spt代码
 *
 * @access  public
 * @return  string   spt代码
 */
function get_spt_code()
{
    include(ROOT_PATH . 'data/config.php');
    include_once(ROOT_PATH . 'includes/cls_ecshop.php');
    include_once(ROOT_PATH . 'includes/cls_mysql.php');
    $db = new cls_mysql($db_host, $db_user, $db_pass, $db_name);
    $ecs = new ECS($db_name, $prefix);
    $hash_code = $db->getOne("SELECT value FROM " . $ecs->table('shop_config') . " WHERE code='hash_code'");
    $spt = '<script type="text/javascript" src="http://api.ecshop.com/record.php?';
    $spt .= "url=" .urlencode($ecs->url()). "&mod=install&version=" .VERSION. "&hash_code=" . $hash_code . "&charset=" .EC_CHARSET. "&language=" . $GLOBALS['installer_lang'] . "\"></script>";

    return $spt;
}
Пример #3
0
                    ecs_header("Location: privilege.php?act=login\n");
                }
                exit;
            }
        }
    } else {
        if (!empty($_REQUEST['is_ajax'])) {
            make_json_error($_LANG['priv_error']);
        } else {
            ecs_header("Location: privilege.php?act=login\n");
        }
        exit;
    }
}
if ($_REQUEST['act'] != 'login' && $_REQUEST['act'] != 'signin' && $_REQUEST['act'] != 'forget_pwd' && $_REQUEST['act'] != 'reset_pwd' && $_REQUEST['act'] != 'check_order') {
    $admin_path = preg_replace('/:\\d+/', '', $ecs->url()) . 'admin';
    if (!empty($_SERVER['HTTP_REFERER']) && strpos(preg_replace('/:\\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false) {
        if (!empty($_REQUEST['is_ajax'])) {
            make_json_error($_LANG['priv_error']);
        } else {
            ecs_header("Location: privilege.php?act=login\n");
        }
        exit;
    }
}
/* 管理员登录后可在任何页面使用 act=phpinfo 显示 phpinfo() 信息 */
if ($_REQUEST['act'] == 'phpinfo' && function_exists('phpinfo')) {
    phpinfo();
    exit;
}
//header('Cache-control: private');
Пример #4
0
                }
                exit;
            }
        }
    } else {
        if (!empty($_REQUEST['is_ajax'])) {
            make_json_error($_LANG['priv_error']);
        } else {
            die("HTTP_REFERER4");
            ecs_header("Location: ../login.php\n");
        }
        exit;
    }
}
if ($_REQUEST['act'] != 'signin') {
    $admin_path = preg_replace('/:\\d+/', '', $ecs->url()) . GURADIAN_PATH;
    if (!empty($_SERVER['HTTP_REFERER']) && strpos(preg_replace('/:\\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false) {
        if (!empty($_REQUEST['is_ajax'])) {
            make_json_error($_LANG['priv_error']);
        } else {
            die("HTTP_REFERER5");
            ecs_header("Location: ../login.php\n");
        }
        exit;
    }
}
//header('Cache-control: private');
header('content-type: text/html; charset=' . EC_CHARSET);
header('Expires: Fri, 14 Mar 1980 20:53:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
Пример #5
0
}
$smarty->assign('lang', $_LANG);
$smarty->assign('help_open', $_CFG['help_open']);
if (isset($_CFG['enable_order_check'])) {
    $smarty->assign('enable_order_check', $_CFG['enable_order_check']);
} else {
    $smarty->assign('enable_order_check', 0);
}
/* 验证通行证信息 */
if (isset($_GET['ent_id']) && isset($_GET['ent_ac']) && isset($_GET['ent_sign']) && isset($_GET['ent_email'])) {
    $ent_id = trim($_GET['ent_id']);
    $ent_ac = trim($_GET['ent_ac']);
    $ent_sign = trim($_GET['ent_sign']);
    $ent_email = trim($_GET['ent_email']);
    $certificate_id = trim($_CFG['certificate_id']);
    $domain_url = $ecs->url();
    $token = $_GET['token'];
    if ($token == md5(md5($_CFG['token']) . $domain_url . ADMIN_PATH_M)) {
        require ROOT_PATH . 'includes/cls_transport.php';
        $t = new transport('-1', 5);
        $apiget = "act=ent_sign&ent_id= {$ent_id} & certificate_id={$certificate_id}";
        $t->request('http://cloud.ecshop.com/api.php', $apiget);
        $db->query('UPDATE ' . $ecs->table('ecsmart_shop_config', 1) . ' SET value = "' . $ent_id . '" WHERE code = "ent_id"');
        $db->query('UPDATE ' . $ecs->table('ecsmart_shop_config', 1) . ' SET value = "' . $ent_ac . '" WHERE code = "ent_ac"');
        $db->query('UPDATE ' . $ecs->table('ecsmart_shop_config', 1) . ' SET value = "' . $ent_sign . '" WHERE code = "ent_sign"');
        $db->query('UPDATE ' . $ecs->table('ecsmart_shop_config', 1) . ' SET value = "' . $ent_email . '" WHERE code = "ent_email"');
        clear_cache_files();
        ecs_header("Location: ./index.php\n");
    }
}
/* 验证管理员身份 */
Пример #6
0
    if (!file_exists(APP_ROOT_PATH . 'temp/compiled')) {
        @mkdir(APP_ROOT_PATH . 'temp/compiled', 0777);
        @chmod(APP_ROOT_PATH . 'temp/compiled', 0777);
    }
    $smarty->cache_dir = APP_ROOT_PATH . 'temp/caches';
    $smarty->compile_dir = APP_ROOT_PATH . 'temp/compiled';
    if ((DEBUG_MODE & 2) == 2) {
        $smarty->direct_output = true;
        $smarty->force_compile = true;
    } else {
        $smarty->direct_output = false;
        $smarty->force_compile = false;
    }
    $smarty->assign('lang', $_LANG);
    $smarty->assign('ecs_charset', EC_CHARSET);
    $smarty->assign('url', str_replace('app/', '', $ecs->url()));
    if (!empty($_CFG['stylename'])) {
        $smarty->assign('ecs_css_path', 'themes/' . $_CFG['template'] . '/style_' . $_CFG['stylename'] . '.css');
    } else {
        $smarty->assign('ecs_css_path', 'themes/' . $_CFG['template'] . '/style.css');
    }
}
if (!defined('INIT_NO_USERS')) {
    /* 会员信息 */
    $user =& init_users();
    if (!isset($_SESSION['user_id'])) {
        /* 获取投放站点的名称 */
        $site_name = isset($_GET['from']) ? $_GET['from'] : addslashes($_LANG['self_site']);
        $from_ad = !empty($_GET['ad_id']) ? intval($_GET['ad_id']) : 0;
        $_SESSION['from_ad'] = $from_ad;
        // 用户点击的广告ID
Пример #7
0
                }
                exit;
            }
        }
    } else {
        if (!empty($_REQUEST['is_ajax'])) {
            make_json_error($_LANG['priv_error']);
        } else {
            //         	die("HTTP_REFERER4");
            ecs_header("Location: ../login.php\n");
        }
        exit;
    }
}
if ($_REQUEST['act'] != 'signin') {
    $admin_path = preg_replace('/:\\d+/', '', $ecs->url()) . TEACHER_PATH;
    if (!empty($_SERVER['HTTP_REFERER']) && strpos(preg_replace('/:\\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false) {
        if (!empty($_REQUEST['is_ajax'])) {
            make_json_error($_LANG['priv_error']);
        } else {
            die("HTTP_REFERER5");
            ecs_header("Location: ../login.php\n");
        }
        exit;
    }
}
//header('Cache-control: private');
header('content-type: text/html; charset=' . EC_CHARSET);
header('Expires: Fri, 14 Mar 1980 20:53:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
Пример #8
0
                }
                exit;
            }
        }
    } else {
        if (!empty($_REQUEST['is_ajax'])) {
            make_json_error($_LANG['priv_error']);
        } else {
            //         	die("HTTP_REFERER4");
            ecs_header("Location: ../login.php\n");
        }
        exit;
    }
}
if ($_REQUEST['act'] != 'signin') {
    $admin_path = preg_replace('/:\\d+/', '', $ecs->url()) . SCHOOL_PATH;
    if (!empty($_SERVER['HTTP_REFERER']) && strpos(preg_replace('/:\\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false) {
        if (!empty($_REQUEST['is_ajax'])) {
            make_json_error($_LANG['priv_error']);
        } else {
            //         	die("HTTP_REFERER5");
            ecs_header("Location: ../login.php\n");
        }
        exit;
    }
}
//header('Cache-control: private');
header('content-type: text/html; charset=' . EC_CHARSET);
header('Expires: Fri, 14 Mar 1980 20:53:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');