}
$smarty->assign('lang', $_LANG);
$smarty->assign('help_open', $_CFG['help_open']);
if (isset($_CFG['enable_order_check'])) {
$smarty->assign('enable_order_check', $_CFG['enable_order_check']);
} else {
$smarty->assign('enable_order_check', 0);
}
/* 验证通行证信息 */
if (isset($_GET['ent_id']) && isset($_GET['ent_ac']) && isset($_GET['ent_sign']) && isset($_GET['ent_email'])) {
$ent_id = trim($_GET['ent_id']);
$ent_ac = trim($_GET['ent_ac']);
$ent_sign = trim($_GET['ent_sign']);
$ent_email = trim($_GET['ent_email']);
$certificate_id = trim($_CFG['certificate_id']);
$domain_url = $ecs->url();
$token = $_GET['token'];
if ($token == md5(md5($_CFG['token']) . $domain_url . ADMIN_PATH)) {
require ROOT_PATH . 'includes/cls_transport.php';
$t = new transport('-1', 5);
$apiget = "act=ent_sign&ent_id= {$ent_id} & certificate_id={$certificate_id}";
$t->request('http://cloud.ecshop.com/api.php', $apiget);
$db->query('UPDATE ' . $ecs->table('shop_config') . ' SET value = "' . $ent_id . '" WHERE code = "ent_id"');
$db->query('UPDATE ' . $ecs->table('shop_config') . ' SET value = "' . $ent_ac . '" WHERE code = "ent_ac"');
$db->query('UPDATE ' . $ecs->table('shop_config') . ' SET value = "' . $ent_sign . '" WHERE code = "ent_sign"');
$db->query('UPDATE ' . $ecs->table('shop_config') . ' SET value = "' . $ent_email . '" WHERE code = "ent_email"');
clear_cache_files();
ecs_header("Location: ./index.php\n");
}
}
/* 验证管理员身份 */
/**
* 获得spt代码
*
* @access public
* @return string spt代码
*/
function get_spt_code()
{
include(ROOT_PATH . 'data/config.php');
include_once(ROOT_PATH . 'includes/cls_ecshop.php');
include_once(ROOT_PATH . 'includes/cls_mysql.php');
$db = new cls_mysql($db_host, $db_user, $db_pass, $db_name);
$ecs = new ECS($db_name, $prefix);
$hash_code = $db->getOne("SELECT value FROM " . $ecs->table('shop_config') . " WHERE code='hash_code'");
$spt = '<script type="text/javascript" src="http://api.ecshop.com/record.php?';
$spt .= "url=" .urlencode($ecs->url()). "&mod=install&version=" .VERSION. "&hash_code=" . $hash_code . "&charset=" .EC_CHARSET. "&language=" . $GLOBALS['installer_lang'] . "\"></script>";
return $spt;
}
ecs_header("Location: privilege.php?act=login\n");
}
exit;
}
}
} else {
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
ecs_header("Location: privilege.php?act=login\n");
}
exit;
}
}
if ($_REQUEST['act'] != 'login' && $_REQUEST['act'] != 'signin' && $_REQUEST['act'] != 'forget_pwd' && $_REQUEST['act'] != 'reset_pwd' && $_REQUEST['act'] != 'check_order') {
$admin_path = preg_replace('/:\\d+/', '', $ecs->url()) . 'admin';
if (!empty($_SERVER['HTTP_REFERER']) && strpos(preg_replace('/:\\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false) {
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
ecs_header("Location: privilege.php?act=login\n");
}
exit;
}
}
/* 管理员登录后可在任何页面使用 act=phpinfo 显示 phpinfo() 信息 */
if ($_REQUEST['act'] == 'phpinfo' && function_exists('phpinfo')) {
phpinfo();
exit;
}
//header('Cache-control: private');
}
exit;
}
}
} else {
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
die("HTTP_REFERER4");
ecs_header("Location: ../login.php\n");
}
exit;
}
}
if ($_REQUEST['act'] != 'signin') {
$admin_path = preg_replace('/:\\d+/', '', $ecs->url()) . GURADIAN_PATH;
if (!empty($_SERVER['HTTP_REFERER']) && strpos(preg_replace('/:\\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false) {
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
die("HTTP_REFERER5");
ecs_header("Location: ../login.php\n");
}
exit;
}
}
//header('Cache-control: private');
header('content-type: text/html; charset=' . EC_CHARSET);
header('Expires: Fri, 14 Mar 1980 20:53:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
}
$smarty->assign('lang', $_LANG);
$smarty->assign('help_open', $_CFG['help_open']);
if (isset($_CFG['enable_order_check'])) {
$smarty->assign('enable_order_check', $_CFG['enable_order_check']);
} else {
$smarty->assign('enable_order_check', 0);
}
/* 验证通行证信息 */
if (isset($_GET['ent_id']) && isset($_GET['ent_ac']) && isset($_GET['ent_sign']) && isset($_GET['ent_email'])) {
$ent_id = trim($_GET['ent_id']);
$ent_ac = trim($_GET['ent_ac']);
$ent_sign = trim($_GET['ent_sign']);
$ent_email = trim($_GET['ent_email']);
$certificate_id = trim($_CFG['certificate_id']);
$domain_url = $ecs->url();
$token = $_GET['token'];
if ($token == md5(md5($_CFG['token']) . $domain_url . ADMIN_PATH_M)) {
require ROOT_PATH . 'includes/cls_transport.php';
$t = new transport('-1', 5);
$apiget = "act=ent_sign&ent_id= {$ent_id} & certificate_id={$certificate_id}";
$t->request('http://cloud.ecshop.com/api.php', $apiget);
$db->query('UPDATE ' . $ecs->table('ecsmart_shop_config', 1) . ' SET value = "' . $ent_id . '" WHERE code = "ent_id"');
$db->query('UPDATE ' . $ecs->table('ecsmart_shop_config', 1) . ' SET value = "' . $ent_ac . '" WHERE code = "ent_ac"');
$db->query('UPDATE ' . $ecs->table('ecsmart_shop_config', 1) . ' SET value = "' . $ent_sign . '" WHERE code = "ent_sign"');
$db->query('UPDATE ' . $ecs->table('ecsmart_shop_config', 1) . ' SET value = "' . $ent_email . '" WHERE code = "ent_email"');
clear_cache_files();
ecs_header("Location: ./index.php\n");
}
}
/* 验证管理员身份 */
if (!file_exists(APP_ROOT_PATH . 'temp/compiled')) {
@mkdir(APP_ROOT_PATH . 'temp/compiled', 0777);
@chmod(APP_ROOT_PATH . 'temp/compiled', 0777);
}
$smarty->cache_dir = APP_ROOT_PATH . 'temp/caches';
$smarty->compile_dir = APP_ROOT_PATH . 'temp/compiled';
if ((DEBUG_MODE & 2) == 2) {
$smarty->direct_output = true;
$smarty->force_compile = true;
} else {
$smarty->direct_output = false;
$smarty->force_compile = false;
}
$smarty->assign('lang', $_LANG);
$smarty->assign('ecs_charset', EC_CHARSET);
$smarty->assign('url', str_replace('app/', '', $ecs->url()));
if (!empty($_CFG['stylename'])) {
$smarty->assign('ecs_css_path', 'themes/' . $_CFG['template'] . '/style_' . $_CFG['stylename'] . '.css');
} else {
$smarty->assign('ecs_css_path', 'themes/' . $_CFG['template'] . '/style.css');
}
}
if (!defined('INIT_NO_USERS')) {
/* 会员信息 */
$user =& init_users();
if (!isset($_SESSION['user_id'])) {
/* 获取投放站点的名称 */
$site_name = isset($_GET['from']) ? $_GET['from'] : addslashes($_LANG['self_site']);
$from_ad = !empty($_GET['ad_id']) ? intval($_GET['ad_id']) : 0;
$_SESSION['from_ad'] = $from_ad;
// 用户点击的广告ID
}
exit;
}
}
} else {
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
// die("HTTP_REFERER4");
ecs_header("Location: ../login.php\n");
}
exit;
}
}
if ($_REQUEST['act'] != 'signin') {
$admin_path = preg_replace('/:\\d+/', '', $ecs->url()) . TEACHER_PATH;
if (!empty($_SERVER['HTTP_REFERER']) && strpos(preg_replace('/:\\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false) {
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
die("HTTP_REFERER5");
ecs_header("Location: ../login.php\n");
}
exit;
}
}
//header('Cache-control: private');
header('content-type: text/html; charset=' . EC_CHARSET);
header('Expires: Fri, 14 Mar 1980 20:53:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
}
exit;
}
}
} else {
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
// die("HTTP_REFERER4");
ecs_header("Location: ../login.php\n");
}
exit;
}
}
if ($_REQUEST['act'] != 'signin') {
$admin_path = preg_replace('/:\\d+/', '', $ecs->url()) . SCHOOL_PATH;
if (!empty($_SERVER['HTTP_REFERER']) && strpos(preg_replace('/:\\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false) {
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
// die("HTTP_REFERER5");
ecs_header("Location: ../login.php\n");
}
exit;
}
}
//header('Cache-control: private');
header('content-type: text/html; charset=' . EC_CHARSET);
header('Expires: Fri, 14 Mar 1980 20:53:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
