if ($action == 'reg') {
$user = isset($_POST['user']) ? addslashes(trim($_POST['user'])) : '';
$email = isset($_POST['email']) ? addslashes(trim($_POST['email'])) : '';
$pw = isset($_POST['pw']) ? addslashes(trim($_POST['pw'])) : '';
$repw = isset($_POST['repw']) ? addslashes(trim($_POST['repw'])) : '';
$chcode = isset($_POST['chcode']) ? addslashes(trim(strtoupper($_POST['chcode']))) : '';
$User_Model = new User_Model();
$error_msg = '';
if ($user == '') {
emDirect('./reg.php?error_login=1');
}
if ($User_Model->isUserExist($user)) {
emDirect('./reg.php?error_exist=1');
}
if (strlen($pw) < 6) {
emDirect('./reg.php?error_pwd_len=1');
}
if ($pw != $repw) {
emDirect('./reg.php?error_pwd2=1');
}
session_start();
$sessionCode = isset($_SESSION['code']) ? $_SESSION['code'] : '';
if (empty($chcode) || $chcode != $sessionCode) {
emDirect('./reg.php?error_chcode=1');
}
$PHPASS = new PasswordHash(8, true);
$pw = $PHPASS->HashPassword($pw);
$User_Model->addUser($user, $pw, ROLE_MEMBER, 'y');
$CACHE->updateCache(array('sta', 'user'));
emDirect('./?reg_ok=1');
}
function addComment($name, $content, $mail, $url, $imgcode, $blogId, $pid)
{
$ipaddr = getIp();
$utctimestamp = time();
if ($pid != 0) {
$comment = $this->getOneComment($pid);
$content = '@' . addslashes($comment['poster']) . ':' . $content;
}
$ischkcomment = Option::get('ischkcomment');
$hide = ROLE == ROLE_VISITOR ? $ischkcomment : 'n';
$sql = 'INSERT INTO ' . DB_PREFIX . "comment (date,poster,gid,comment,mail,url,hide,ip,pid)\n VALUES ('{$utctimestamp}','{$name}','{$blogId}','{$content}','{$mail}','{$url}','{$hide}','{$ipaddr}','{$pid}')";
$ret = $this->db->query($sql);
$cid = $this->db->insert_id();
$CACHE = Cache::getInstance();
if ($hide == 'n') {
$this->db->query('UPDATE ' . DB_PREFIX . "blog SET comnum = comnum + 1 WHERE gid='{$blogId}'");
$CACHE->updateCache(array('sta', 'comment'));
doAction('comment_saved', $cid);
emDirect(Url::log($blogId) . '#' . $cid);
} else {
$CACHE->updateCache('sta');
doAction('comment_saved', $cid);
emMsg('评论发表成功,请等待管理员审核', Url::log($blogId));
}
}
}
//上传zip模板
if ($action == 'upload_zip') {
LoginAuth::checkToken();
$zipfile = isset($_FILES['tplzip']) ? $_FILES['tplzip'] : '';
if ($zipfile['error'] == 4) {
emDirect("./template.php?action=install&error_d=1");
}
if (!$zipfile || $zipfile['error'] >= 1 || empty($zipfile['tmp_name'])) {
emMsg('模板上传失败');
}
if (getFileSuffix($zipfile['name']) != 'zip') {
emDirect("./template.php?action=install&error_a=1");
}
$ret = emUnZip($zipfile['tmp_name'], '../content/templates/', 'tpl');
switch ($ret) {
case 0:
emDirect("./template.php?activate_install=1#tpllib");
break;
case -2:
emDirect("./template.php?action=install&error_e=1");
break;
case 1:
case 2:
emDirect("./template.php?action=install&error_b=1");
break;
case 3:
emDirect("./template.php?action=install&error_c=1");
break;
}
}
$pid = isset($_POST['pid']) ? intval(trim($_POST['pid'])) : 0;
$navi_data = array('naviname' => $naviname, 'newtab' => $newtab, 'pid' => $pid);
if (empty($naviname)) {
unset($navi_data['naviname']);
}
if ($isdefault == 'n') {
$navi_data['url'] = $url;
}
$Navi_Model->updateNavi($navi_data, $naviId);
$CACHE->updateCache('navi');
emDirect("./navbar.php?active_edit=1");
}
if ($action == 'del') {
LoginAuth::checkToken();
$navid = isset($_GET['id']) ? intval($_GET['id']) : '';
$Navi_Model->deleteNavi($navid);
$CACHE->updateCache('navi');
emDirect("./navbar.php?active_del=1");
}
if ($action == 'hide') {
$naviId = isset($_GET['id']) ? intval($_GET['id']) : '';
$Navi_Model->updateNavi(array('hide' => 'y'), $naviId);
$CACHE->updateCache('navi');
emDirect('./navbar.php');
}
if ($action == 'show') {
$naviId = isset($_GET['id']) ? intval($_GET['id']) : '';
$Navi_Model->updateNavi(array('hide' => 'n'), $naviId);
$CACHE->updateCache('navi');
emDirect('./navbar.php');
}
if (file_exists($style_path . $file . '/style.css')) {
$styleData = implode('', @file($style_path . $file . '/style.css'));
preg_match("/Style Name:([^\r\n]+)/i", $styleData, $name);
preg_match("/Author:(.*)/i", $styleData, $author);
preg_match("/Url:(.*)/i", $styleData, $url);
$styleInfo['style_name'] = !empty($name[1]) ? trim($name[1]) : $file;
$styleInfo['style_file'] = $file;
if (!empty($author[1]) && !empty($url[1])) {
$styleInfo['style_author'] = '(作者:<a href="' . $url[1] . '" target="_blank">' . $author[1] . '</a>)';
} elseif (!empty($author[1])) {
$styleInfo['style_author'] = '(作者:' . $author[1] . ')';
} else {
$styleInfo['style_author'] = '';
}
$styles[] = $styleInfo;
}
}
closedir($handle);
$stylenums = count($styles);
include View::getView('header');
require_once View::getView('style');
include View::getView('footer');
View::output();
}
//update
if ($action == 'usestyle') {
$styleName = isset($_GET['style']) ? addslashes($_GET['style']) : '';
Option::updateOption('admin_style', $styleName);
$CACHE->updateCache('options');
emDirect("./style.php?activated=1");
}
/**
* 手动退出登录
* @param string
* @return null
*/
public function SignOut($UserInfo = null)
{
if ($UserInfo) {
Juser::setAuthOut();
}
emDirect(BLOG_URL);
}
$avatar = isset($_POST['avatar']) ? addslashes(trim($_POST['avatar'])) : '';
$type = array('gif', 'jpg', 'jpeg', 'png');
if ($_FILES['avatar']['size'] > 0) {
$file_info = uploadFile($_FILES['avatar']['name'], $_FILES['avatar']['error'], $_FILES['avatar']['tmp_name'], $_FILES['avatar']['size'], $type, true);
if (!empty($file_info['file_path'])) {
$avatar = !empty($file_info['thum_file']) ? $file_info['thum_file'] : $file_info['file_path'];
}
}
$userData = array('name' => $name, 'vipid' => '', 'age' => $age, 'sex' => $sex, 'dance_age' => $dance_age, 'dance_type' => $dance_type, 'province' => $province, 'contact' => $contact, 'company' => $company, 'awards' => $awards, 'homeurl' => $homeurl, 'avatar' => $avatar, 'duty' => '10', 'regist' => 1);
$Vip_model->addUser($userData);
$mail = new PHPMailer();
$mail->isSMTP();
//Enable SMTP debugging
// 0 = off (for production use)
// 1 = client messages
// 2 = client and server messages
$mail->SMTPDebug = 0;
$mail->Debugoutput = 'html';
$mail->CharSet = "UTF-8";
$mail->Host = SMTP_HOST;
$mail->Port = SMTP_POST;
$mail->SMTPAuth = true;
$mail->Username = SMTP_USER_NAME;
$mail->Password = SMTP_PASSWORD;
$mail->setFrom(SMTP_USER_NAME);
$mail->addAddress(EMAIL_VIP_VIPORG);
$mail->Subject = '新会员申请提醒 姓名:' . $name;
$mail->Body = '请去后台管理页面查看并审核';
$mail->send();
emDirect('./payment.php?active_add=1');
}
}
if (strlen($reply) > 2000) {
emDirect("./comment.php?error_d=1");
}
if (isset($_POST['pub_it'])) {
$Comment_Model->showComment($commentId);
$hide = 'n';
}
$Comment_Model->replyComment($blogId, $commentId, $reply, $hide);
$CACHE->updateCache('comment');
$CACHE->updateCache('sta');
doAction('comment_reply', $commentId, $reply);
emDirect("./comment.php?active_rep=1");
}
if ($action == 'doedit') {
$name = isset($_POST['name']) ? addslashes(trim($_POST['name'])) : '';
$mail = isset($_POST['mail']) ? addslashes(trim($_POST['mail'])) : '';
$url = isset($_POST['url']) ? addslashes(trim($_POST['url'])) : '';
$comment = isset($_POST['comment']) ? addslashes(trim($_POST['comment'])) : '';
$commentId = isset($_POST['cid']) ? intval($_POST['cid']) : '';
if ($comment == '') {
emDirect("./comment.php?error_e=1");
}
if (strlen($comment) > 2000) {
emDirect("./comment.php?error_d=1");
}
$commentData = array('poster' => $name, 'mail' => $mail, 'url' => $url, 'comment' => $comment);
$Comment_Model->updateComment($commentData, $commentId);
$CACHE->updateCache('comment');
emDirect("./comment.php?active_edit=1");
}
$tagId = isset($_GET['tid']) ? intval($_GET['tid']) : '';
$tag = $Tag_Model->getOneTag($tagId);
extract($tag);
include View::getView('header');
require_once View::getView('tagedit');
include View::getView('footer');
View::output();
}
//标签修改
if ($action == 'update_tag') {
$tagName = isset($_POST['tagname']) ? addslashes($_POST['tagname']) : '';
$tagId = isset($_POST['tid']) ? intval($_POST['tid']) : '';
if (empty($tagName)) {
emDirect("tag.php?action=mod_tag&tid={$tagId}&error_a=1");
}
$Tag_Model->updateTagName($tagId, $tagName);
$CACHE->updateCache(array('tags', 'logtags'));
emDirect("./tag.php?active_edit=1");
}
//批量删除标签
if ($action == 'dell_all_tag') {
$tags = isset($_POST['tag']) ? $_POST['tag'] : '';
if (!$tags) {
emDirect("./tag.php?error_a=1");
}
foreach ($tags as $key => $value) {
$Tag_Model->deleteTag($key);
}
$CACHE->updateCache(array('tags', 'logtags'));
emDirect("./tag.php?active_del=1");
}
if (!$t) {
emDirect("twitter.php?error_a=1");
}
$tdata = array('content' => $Twitter_Model->formatTwitter($t), 'author' => UID, 'date' => time(), 'img' => str_replace('../', '', $img));
$twid = $Twitter_Model->addTwitter($tdata);
$CACHE->updateCache(array('sta', 'newtw'));
doAction('post_twitter', $t, $twid);
emDirect("twitter.php?active_t=1");
}
// 删除微语.
if ($action == 'del') {
LoginAuth::checkToken();
$id = isset($_GET['id']) ? intval($_GET['id']) : '';
$Twitter_Model->delTwitter($id);
$CACHE->updateCache(array('sta', 'newtw'));
emDirect("twitter.php?active_del=1");
}
// 获取回复.
if ($action == 'getreply') {
$tid = isset($_GET['tid']) ? intval($_GET['tid']) : null;
$Reply_Model = new Reply_Model();
$replys = $Reply_Model->getReplys($tid);
$response = '';
foreach ($replys as $val) {
if ($val['hide'] == 'n') {
$style = "background-color:#FFF";
$act = "<span><a href=\"javascript: hidereply({$val['id']},{$tid});\">隐藏</a></span> ";
} else {
$style = "background-color:#FEE0E4";
$act = "<span><a href=\"javascript: pubreply({$val['id']},{$tid});\">审核</a></span> ";
}
}
//上传zip插件
if ($action == 'upload_zip') {
LoginAuth::checkToken();
$zipfile = isset($_FILES['pluzip']) ? $_FILES['pluzip'] : '';
if ($zipfile['error'] == 4) {
emDirect("./plugin.php?error_d=1");
}
if (!$zipfile || $zipfile['error'] >= 1 || empty($zipfile['tmp_name'])) {
emMsg('插件上传失败');
}
if (getFileSuffix($zipfile['name']) != 'zip') {
emDirect("./plugin.php?error_f=1");
}
$ret = emUnZip($zipfile['tmp_name'], '../content/plugins/', 'plugin');
switch ($ret) {
case 0:
emDirect("./plugin.php?activate_install=1#tpllib");
break;
case -1:
emDirect("./plugin.php?error_e=1");
break;
case 1:
case 2:
emDirect("./plugin.php?error_b=1");
break;
case 3:
emDirect("./plugin.php?error_c=1");
break;
}
}
<div class="clear"></div>
</div>
<!-- End .content-box-header -->
<div class="content-box-content">
<div class="tab-content default-tab" id="tab1" style="display: block; ">
<!-- This is the target div. id must match the href of this div's tab -->
<?php
require_once 'define.php';
require_once 'mysql.php';
require_once 'FunctionBase.php';
$mysql = MySql::getInstance();
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
if ($action == 'del' && isset($_REQUEST['id'])) {
$id = $_REQUEST['id'];
$mysql->query("delete from ErrFeature where id='" . $id . "';");
emDirect("FeatureList.php?active_del=true");
}
$rq = $mysql->query('select * from ErrFeature');
?>
<table>
<thead>
<tr>
<th>ID</th>
<th>类型</th>
<th>特征表达式</th>
<th>提示信息</th>
<th>操作</th>
</tr>
</thead>
<tfoot>
<tr>
header("content-Type: text/html; charset=utf-8");
require_once 'FunctionBase.php';
require_once 'mysql.php';
/*
print_r($_REQUEST['feature']);
echo '<br />';
print_r($_REQUEST['info']);
echo '<br />';
*/
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
$regex = $_REQUEST['regex'];
$info = $_REQUEST['info'];
$type = $_REQUEST['type'];
if ($action == 'new') {
$mysql = MySql::getInstance();
$regex = mysql_real_escape_string($regex);
$info = mysql_real_escape_string($info);
$sql = "insert into ErrFeature(regex, info, type) values('" . $regex . "','" . $info . "','" . $type . "');\n";
$rq = $mysql->query($sql);
} else {
if ($action == 'update') {
$id = intval($_REQUEST['id']);
$mysql = MySql::getInstance();
$regex = mysql_real_escape_string($regex);
$info = mysql_real_escape_string($info);
$sql = "update ErrFeature set regex='" . $regex . "', info='" . $info . "', type='" . $type . "' where id=" . $id . ";";
$rq = $mysql->query($sql);
}
}
emDirect('FeatureList.php');
if ($action == 'update') {
$uid = isset($_POST['uid']) ? intval(trim($_POST['uid'])) : '';
$vipid = isset($_POST['vipid']) ? addslashes(trim($_POST['vipid'])) : '';
$name = isset($_POST['name']) ? addslashes(trim($_POST['name'])) : '';
$age = isset($_POST['age']) ? addslashes(trim($_POST['age'])) : '';
$sex = isset($_POST['sex']) ? addslashes(trim($_POST['sex'])) : '';
$province = isset($_POST['province']) ? addslashes(trim($_POST['province'])) : '';
$dance_age = isset($_POST['dance_age']) ? addslashes(trim($_POST['dance_age'])) : '';
$contact = isset($_POST['contact']) ? addslashes(trim($_POST['contact'])) : '';
$dance_type = isset($_POST['dance_type']) ? addslashes(trim($_POST['dance_type'])) : '';
$company = isset($_POST['company']) ? addslashes(trim($_POST['company'])) : '';
$awards = isset($_POST['awards']) ? addslashes(trim($_POST['awards'])) : '';
$homeurl = isset($_POST['homeurl']) ? addslashes(trim($_POST['homeurl'])) : '';
$duty = isset($_POST['duty']) ? addslashes(trim($_POST['duty'])) : '';
$avatar = isset($_POST['avatar']) ? addslashes(trim($_POST['avatar'])) : '';
$type = array('gif', 'jpg', 'jpeg', 'png');
if ($_FILES['avatar']['size'] > 0) {
$file_info = uploadFile($_FILES['avatar']['name'], $_FILES['avatar']['error'], $_FILES['avatar']['tmp_name'], $_FILES['avatar']['size'], $type, true);
if (!empty($file_info['file_path'])) {
$avatar = !empty($file_info['thum_file']) ? $file_info['thum_file'] : $file_info['file_path'];
}
}
$userData = array('name' => $name, 'vipid' => $vipid, 'age' => $age, 'sex' => $sex, 'dance_age' => $dance_age, 'dance_type' => $dance_type, 'province' => $province, 'contact' => $contact, 'company' => $company, 'awards' => $awards, 'homeurl' => $homeurl, 'avatar' => $avatar, 'duty' => $duty, 'regist' => 0);
$Vip_model->updateUser($userData, $uid);
emDirect('./vip.php?active_update=1');
}
if ($action == 'del') {
$id = isset($_GET['id']) ? intval($_GET['id']) : '';
$Vip_model->deleteUser($id);
emDirect('./vip.php?active_del=1');
}
define('OFFICIAL_SERVICE_HOST', 'http://www.emlog.net/');
//官方服务域名
$sta_cache = $CACHE->readCache('sta');
$user_cache = $CACHE->readCache('user');
$action = isset($_GET['action']) ? addslashes($_GET['action']) : '';
//登录验证
if ($action == 'login') {
$username = isset($_POST['user']) ? addslashes(trim($_POST['user'])) : '';
$password = isset($_POST['pw']) ? addslashes(trim($_POST['pw'])) : '';
$ispersis = isset($_POST['ispersis']) ? intval($_POST['ispersis']) : false;
$img_code = Option::get('login_code') == 'y' && isset($_POST['imgcode']) ? addslashes(trim(strtoupper($_POST['imgcode']))) : '';
$loginAuthRet = LoginAuth::checkUser($username, $password, $img_code);
if ($loginAuthRet === true) {
LoginAuth::setAuthCookie($username, $ispersis);
emDirect("./");
} else {
LoginAuth::loginPage($loginAuthRet);
}
}
//退出
if ($action == 'logout') {
setcookie(AUTH_COOKIE_NAME, ' ', time() - 31536000, '/');
emDirect("../");
}
if (ISLOGIN === false) {
LoginAuth::loginPage();
}
$request_uri = strtolower(substr(basename($_SERVER['SCRIPT_NAME']), 0, -4));
if (ROLE == ROLE_WRITER && !in_array($request_uri, array('write_log', 'admin_log', 'attachment', 'blogger', 'comment', 'index', 'save_log'))) {
emMsg('权限不足!', './');
}
if ($_FILES['photo']['size'] > 0) {
$file_info = uploadFile($_FILES['photo']['name'], $_FILES['photo']['error'], $_FILES['photo']['tmp_name'], $_FILES['photo']['size'], $photo_type, true);
if (!empty($file_info['file_path'])) {
$usericon = !empty($file_info['thum_file']) ? $file_info['thum_file'] : $file_info['file_path'];
}
}
$User_Model->updateUser(array('nickname' => $nickname, 'email' => $email, 'photo' => $usericon, 'description' => $description), UID);
$CACHE->updateCache('user');
emDirect("./blogger.php?active_edit=1");
}
if ($action == 'delicon') {
LoginAuth::checkToken();
$DB = Database::getInstance();
$query = $DB->query("select photo from " . DB_PREFIX . "user where uid=" . UID);
$icon = $DB->fetch_array($query);
$icon_1 = $icon['photo'];
if (file_exists($icon_1)) {
$icon_2 = str_replace('thum-', '', $icon_1);
if ($icon_2 != $icon_1 && file_exists($icon_2)) {
unlink($icon_2);
}
$icon_3 = preg_replace("/^(.*)\\/(.*)\$/", "\$1/thum52-\$2", $icon_2);
if ($icon_3 != $icon_2 && file_exists($icon_3)) {
unlink($icon_3);
}
unlink($icon_1);
}
$DB->query("UPDATE " . DB_PREFIX . "user SET photo='' where uid=" . UID);
$CACHE->updateCache('user');
emDirect("./blogger.php?active_del=1");
}
if (isset($_POST['alias'])) {
$sort_data['alias'] = addslashes(trim($_POST['alias']));
if (!empty($sort_data['alias'])) {
if (!preg_match("|^[\\w-]+\$|", $sort_data['alias'])) {
emDirect("./sort.php?action=mod_sort&sid={$sid}&error_c=1");
} elseif (preg_match("|^[0-9]+\$|", $sort_data['alias'])) {
emDirect("././sort.php?action=mod_sort&sid={$sid}&error_c=1");
} elseif (in_array($sort_data['alias'], array('post', 'record', 'sort', 'tag', 'author', 'page'))) {
emDirect("././sort.php?action=mod_sort&sid={$sid}&error_e=1");
} else {
$sort_cache = $CACHE->readCache('sort');
unset($sort_cache[$sid]);
foreach ($sort_cache as $key => $value) {
if ($sort_data['alias'] == $value['alias']) {
emDirect("././sort.php?action=mod_sort&sid={$sid}&error_d=1");
}
}
}
}
}
$Sort_Model->updateSort($sort_data, $sid);
$CACHE->updateCache(array('sort', 'logsort', 'navi'));
emDirect("./sort.php?active_edit=1");
}
if ($action == 'del') {
$sid = isset($_GET['sid']) ? intval($_GET['sid']) : '';
LoginAuth::checkToken();
$Sort_Model->deleteSort($sid);
$CACHE->updateCache(array('sort', 'logsort', 'navi'));
emDirect("./sort.php?active_del=1");
}
if ($action == 'auth') {
session_start();
$username = addslashes(trim($_POST['user']));
$password = addslashes(trim($_POST['pw']));
$img_code = Option::get('login_code') == 'y' && isset($_POST['imgcode']) ? addslashes(trim(strtoupper($_POST['imgcode']))) : '';
$ispersis = true;
if (LoginAuth::checkUser($username, $password, $img_code) === true) {
loginAuth::setAuthCookie($username, $ispersis);
emDirect('?tem=' . time());
} else {
emDirect("?action=login");
}
}
if ($action == 'logout') {
setcookie(AUTH_COOKIE_NAME, ' ', time() - 31536000, '/');
emDirect('?tem=' . time());
}
function mMsg($msg, $url)
{
include View::getView('header');
include View::getView('msg');
include View::getView('footer');
View::output();
}
function authPassword($postPwd, $cookiePwd, $logPwd, $logid)
{
$pwd = $cookiePwd ? $cookiePwd : $postPwd;
if ($pwd !== addslashes($logPwd)) {
include View::getView('header');
include View::getView('logauth');
include View::getView('footer');
//操作页面
if ($action == 'operate_page') {
$operate = isset($_POST['operate']) ? $_POST['operate'] : '';
$pages = isset($_POST['page']) ? array_map('intval', $_POST['page']) : array();
LoginAuth::checkToken();
$emPage = new Log_Model();
switch ($operate) {
case 'del':
foreach ($pages as $value) {
$emPage->deleteLog($value);
unset($navibar[$value]);
}
$navibar = addslashes(serialize($navibar));
Option::updateOption('navibar', $navibar);
$CACHE->updateCache(array('options', 'sta', 'comment', 'logalias'));
emDirect("./page.php?active_del=1");
break;
case 'hide':
case 'pub':
$ishide = $operate == 'hide' ? 'y' : 'n';
foreach ($pages as $value) {
$emPage->hideSwitch($value, $ishide);
$navibar[$value]['hide'] = $ishide;
}
$navibar = addslashes(serialize($navibar));
Option::updateOption('navibar', $navibar);
$CACHE->updateCache(array('options', 'sta', 'comment'));
emDirect("./page.php?active_hide_" . $ishide . "=1");
break;
}
}
#调度执行各种方法
if ($ReflctionClass->hasMethod($Acttion)) {
$ReflectionMethod = $ReflctionClass->getMethod($Acttion);
if ($ReflectionMethod->isPublic() && !$ReflectionMethod->isStatic()) {
if (IS_GET && !in_array($Acttion, array('openlogin'))) {
include View::getView('header');
}
$ReflectionMethod->inVoke($JuserController, $isLogin);
if (IS_GET && !in_array($Acttion, array('openlogin'))) {
include View::getView('footer');
}
} else {
emDirect(BLOG_URL . '?plugin=juser');
}
} else {
emDirect(BLOG_URL . '?plugin=juser');
}
/*===================================================================================================*/
function Juser_getTitle($action)
{
$Title = array('__empty' => '登录_', 'register' => '注册_', 'login' => '登录_', 'openlogin' => '', 'opencallback' => '', 'usercenter' => '会员中心_', 'userinfo' => '个人资料_', 'userpasswd' => '修改密码_', 'usercomment' => '评论管理_');
return empty($Title[$action]) ? '' : $Title[$action];
}
/*===================================================================================================*/
// $options_cache = $CACHE->readCache('options');
// $kl_album_config = unserialize($options_cache['kl_album_config']);
// $blogname = $options_cache['blogname'];
// $bloginfo = $options_cache['bloginfo'];
// $site_title = $options_cache['blogname'];
// $site_description = $options_cache['bloginfo'];
// $site_key = $options_cache['site_key'];
$numrows = $DB->num_rows($rows);
while ($row = $DB->fetch_row($rows)) {
$comma = '';
$sql .= "INSERT INTO {$table} VALUES(";
for ($i = 0; $i < $numfields; $i++) {
$sql .= $comma . "'" . $DB->escape_string($row[$i]) . "'";
$comma = ',';
}
$sql .= ");\n";
}
$sql .= "\n";
return $sql;
}
/**
* 检查文件是否包含BOM(byte-order mark)
*/
function checkBOM($contents)
{
$charset[1] = substr($contents, 0, 1);
$charset[2] = substr($contents, 1, 1);
$charset[3] = substr($contents, 2, 1);
if (ord($charset[1]) == 239 && ord($charset[2]) == 187 && ord($charset[3]) == 191) {
return true;
} else {
return false;
}
}
if ($action == 'Cache') {
$CACHE->updateCache();
emDirect('./data.php?active_mc=1');
}
if ($comment_order == 'newer') {
$ex3 = 'selected="selected"';
} else {
$ex4 = 'selected="selected"';
}
include View::getView('header');
require_once View::getView('configure');
include View::getView('footer');
View::output();
}
if ($action == 'mod_config') {
LoginAuth::checkToken();
$getData = array('blogname' => isset($_POST['blogname']) ? addslashes($_POST['blogname']) : '', 'blogurl' => isset($_POST['blogurl']) ? addslashes($_POST['blogurl']) : '', 'bloginfo' => isset($_POST['bloginfo']) ? addslashes($_POST['bloginfo']) : '', 'icp' => isset($_POST['icp']) ? addslashes($_POST['icp']) : '', 'footer_info' => isset($_POST['footer_info']) ? addslashes($_POST['footer_info']) : '', 'index_lognum' => isset($_POST['index_lognum']) ? intval($_POST['index_lognum']) : '', 'timezone' => isset($_POST['timezone']) ? floatval($_POST['timezone']) : '', 'login_code' => isset($_POST['login_code']) ? addslashes($_POST['login_code']) : 'n', 'comment_code' => isset($_POST['comment_code']) ? addslashes($_POST['comment_code']) : 'n', 'comment_needchinese' => isset($_POST['comment_needchinese']) ? addslashes($_POST['comment_needchinese']) : 'n', 'comment_interval' => isset($_POST['comment_interval']) ? intval($_POST['comment_interval']) : 15, 'iscomment' => isset($_POST['iscomment']) ? addslashes($_POST['iscomment']) : 'n', 'ischkcomment' => isset($_POST['ischkcomment']) ? addslashes($_POST['ischkcomment']) : 'n', 'isgzipenable' => isset($_POST['isgzipenable']) ? addslashes($_POST['isgzipenable']) : 'n', 'isxmlrpcenable' => isset($_POST['isxmlrpcenable']) ? addslashes($_POST['isxmlrpcenable']) : 'n', 'ismobile' => isset($_POST['ismobile']) ? addslashes($_POST['ismobile']) : 'n', 'isexcerpt' => isset($_POST['isexcerpt']) ? addslashes($_POST['isexcerpt']) : 'n', 'excerpt_subnum' => isset($_POST['excerpt_subnum']) ? intval($_POST['excerpt_subnum']) : '300', 'isthumbnail' => isset($_POST['isthumbnail']) ? addslashes($_POST['isthumbnail']) : 'n', 'rss_output_num' => isset($_POST['rss_output_num']) ? intval($_POST['rss_output_num']) : 10, 'rss_output_fulltext' => isset($_POST['rss_output_fulltext']) ? addslashes($_POST['rss_output_fulltext']) : 'y', 'isgravatar' => isset($_POST['isgravatar']) ? addslashes($_POST['isgravatar']) : 'n', 'comment_paging' => isset($_POST['comment_paging']) ? addslashes($_POST['comment_paging']) : 'n', 'comment_pnum' => isset($_POST['comment_pnum']) ? intval($_POST['comment_pnum']) : '', 'comment_order' => isset($_POST['comment_order']) ? addslashes($_POST['comment_order']) : 'newer', 'istwitter' => isset($_POST['istwitter']) ? addslashes($_POST['istwitter']) : 'n', 'istreply' => isset($_POST['istreply']) ? addslashes($_POST['istreply']) : 'n', 'ischkreply' => isset($_POST['ischkreply']) ? addslashes($_POST['ischkreply']) : 'n', 'reply_code' => isset($_POST['reply_code']) ? addslashes($_POST['reply_code']) : 'n', 'index_twnum' => isset($_POST['index_twnum']) ? intval($_POST['index_twnum']) : 10, 'att_maxsize' => isset($_POST['att_maxsize']) ? intval($_POST['att_maxsize']) : 20480, 'att_type' => isset($_POST['att_type']) ? str_replace('php', 'x', strtolower(addslashes($_POST['att_type']))) : '', 'att_imgmaxw' => isset($_POST['att_imgmaxw']) ? intval($_POST['att_imgmaxw']) : 420, 'att_imgmaxh' => isset($_POST['att_imgmaxh']) ? intval($_POST['att_imgmaxh']) : 460);
if ($getData['login_code'] == 'y' && !function_exists("imagecreate") && !function_exists('imagepng')) {
emMsg("开启登录验证码失败!服务器空间不支持GD图形库", "configure.php");
}
if ($getData['comment_code'] == 'y' && !function_exists("imagecreate") && !function_exists('imagepng')) {
emMsg("开启评论验证码失败!服务器空间不支持GD图形库", "configure.php");
}
if ($getData['blogurl'] && substr($getData['blogurl'], -1) != '/') {
$getData['blogurl'] .= '/';
}
if ($getData['blogurl'] && strncasecmp($getData['blogurl'], 'http', 4)) {
$getData['blogurl'] = 'http://' . $getData['blogurl'];
}
foreach ($getData as $key => $val) {
Option::updateOption($key, $val);
}
$CACHE->updateCache(array('tags', 'options', 'comment', 'record'));
emDirect("./configure.php?activated=1");
}
}
}
//上传zip插件
if ($action == 'upload_zip') {
$zipfile = isset($_FILES['pluzip']) ? $_FILES['pluzip'] : '';
if ($zipfile['error'] == 4) {
emDirect("./plugin.php?action=install&error_d=1");
}
if (!$zipfile || $zipfile['error'] >= 1 || empty($zipfile['tmp_name'])) {
emMsg('插件上传失败');
}
if (getFileSuffix($zipfile['name']) != 'zip') {
emDirect("./plugin.php?action=install&error_a=1");
}
$ret = emUnZip($zipfile['tmp_name'], '../content/plugins/', 'plugin');
switch ($ret) {
case 0:
emDirect("./plugin.php?activate_install=1#tpllib");
break;
case -1:
emDirect("./plugin.php?action=install&error_e=1");
break;
case 1:
case 2:
emDirect("./plugin.php?action=install&error_b=1");
break;
case 3:
emDirect("./plugin.php?action=install&error_c=1");
break;
}
}
$logid = $attach['blogid'];
if (file_exists($attach['filepath'])) {
@unlink($attach['filepath']) or emMsg("删除附件失败!");
}
deleteQiNiu($attach['filepath']);
$query = $DB->query("SELECT * FROM " . DB_PREFIX . "attachment WHERE thumfor = " . $attach['aid']);
$thum_attach = $DB->fetch_array($query);
if ($thum_attach) {
if (file_exists($thum_attach['filepath'])) {
@unlink($thum_attach['filepath']) or emMsg("删除附件失败!");
}
$DB->query("DELETE FROM " . DB_PREFIX . "attachment WHERE aid = {$thum_attach['aid']} ");
}
$DB->query("UPDATE " . DB_PREFIX . "blog SET attnum=attnum-1 WHERE gid = {$attach['blogid']}");
$DB->query("DELETE FROM " . DB_PREFIX . "attachment WHERE aid = {$attach['aid']} ");
emDirect("attachment.php?action=attlib&logid={$logid}");
}
//微语图片上传
if ($action == 'upload_tw_img') {
$attach = isset($_FILES['attach']) ? $_FILES['attach'] : '';
if ($attach) {
$file_info = uploadFile($attach['name'], $attach['error'], $attach['tmp_name'], $attach['size'], Option::getAttType(), false, false);
$w = $file_info['width'];
$h = $file_info['height'];
if ($w > Option::T_IMG_MAX_W || $h > Option::T_IMG_MAX_H) {
$uppath = Option::UPLOADFILE_PATH . gmdate('Ym') . '/';
$thum = str_replace($uppath, $uppath . 'thum-', $file_info['file_path']);
if (false !== resizeImage($file_info['file_path'], $thum, Option::T_IMG_MAX_W, Option::T_IMG_MAX_H)) {
$file_info['file_path'] = $thum;
}
}
if ($action == 'update_link') {
$sitename = isset($_POST['sitename']) ? addslashes(trim($_POST['sitename'])) : '';
$siteurl = isset($_POST['siteurl']) ? addslashes(trim($_POST['siteurl'])) : '';
$description = isset($_POST['description']) ? addslashes(trim($_POST['description'])) : '';
$linkId = isset($_POST['linkid']) ? intval($_POST['linkid']) : '';
if (!preg_match("/^http|ftp.+\$/i", $siteurl)) {
$siteurl = 'http://' . $siteurl;
}
$Link_Model->updateLink(array('sitename' => $sitename, 'siteurl' => $siteurl, 'description' => $description), $linkId);
$CACHE->updateCache('link');
emDirect("./link.php?active_edit=1");
}
if ($action == 'dellink') {
LoginAuth::checkToken();
$linkid = isset($_GET['linkid']) ? intval($_GET['linkid']) : '';
$Link_Model->deleteLink($linkid);
$CACHE->updateCache('link');
emDirect("./link.php?active_del=1");
}
if ($action == 'hide') {
$linkId = isset($_GET['linkid']) ? intval($_GET['linkid']) : '';
$Link_Model->updateLink(array('hide' => 'y'), $linkId);
$CACHE->updateCache('link');
emDirect('./link.php');
}
if ($action == 'show') {
$linkId = isset($_GET['linkid']) ? intval($_GET['linkid']) : '';
$Link_Model->updateLink(array('hide' => 'n'), $linkId);
$CACHE->updateCache('link');
emDirect('./link.php');
}
if (strlen($password) > 0 && strlen($password) < 6) {
emDirect("./user.php?action=edit&uid={$uid}&error_pwd_len=1");
}
if ($password != $password2) {
emDirect("./user.php?action=edit&uid={$uid}&error_pwd2=1");
}
$userData = array('username' => $login, 'nickname' => $nickname, 'email' => $email, 'description' => $description, 'role' => $role, 'ischeck' => $ischeck);
if (!empty($password)) {
$PHPASS = new PasswordHash(8, true);
$password = $PHPASS->HashPassword($password);
$userData['password'] = $password;
}
$User_Model->updateUser($userData, $uid);
$CACHE->updateCache('user');
emDirect('./user.php?active_update=1');
}
if ($action == 'del') {
LoginAuth::checkToken();
$users = $User_Model->getUsers();
$uid = isset($_GET['uid']) ? intval($_GET['uid']) : '';
if (UID == $uid) {
emDirect('./user.php');
}
//创始人账户不能被删除
if ($uid == 1) {
emDirect('./user.php?error_del_a=1');
}
$User_Model->deleteUser($uid);
$CACHE->updateCache(array('sta', 'user'));
emDirect('./user.php?active_del=1');
}
$CACHE->updateCache(array('sort', 'logsort'));
emDirect("./admin_log.php?active_move=1");
break;
case 'change_author':
if (ROLE != ROLE_ADMIN) {
emMsg('权限不足!', './');
}
foreach ($logs as $val) {
$Log_Model->updateLog(array('author' => $author), $val);
}
$CACHE->updateCache('sta');
emDirect("./admin_log.php?active_change_author=1");
break;
case 'check':
if (ROLE != ROLE_ADMIN) {
emMsg('权限不足!', './');
}
$Log_Model->checkSwitch($gid, 'y');
$CACHE->updateCache();
emDirect("./admin_log.php?active_ck=1");
break;
case 'uncheck':
if (ROLE != ROLE_ADMIN) {
emMsg('权限不足!', './');
}
$Log_Model->checkSwitch($gid, 'n');
$CACHE->updateCache();
emDirect("./admin_log.php?active_unck=1");
break;
}
}
$Tag_Model->updateTag($tagstring, $blogid);
$dftnum = '';
} else {
if (!($blogid = $Log_Model->isRepeatPost($title, $postTime))) {
$blogid = $Log_Model->addlog($logData);
}
$Tag_Model->addTag($tagstring, $blogid);
$dftnum = $Log_Model->getLogNum('y', '', 'blog', 1);
}
$CACHE->updateCache();
doAction('save_log', $blogid);
switch ($action) {
case 'autosave':
echo "autosave_gid:{$blogid}_df:{$dftnum}_";
break;
case 'add':
case 'edit':
$tbmsg = '';
if ($ishide == 'y') {
emDirect("./admin_log.php?pid=draft&active_savedraft=1");
} else {
if ($action == 'add' || isset($_POST['pubdf'])) {
emDirect("./admin_log.php?active_post=1");
//文章发布成功
} else {
emDirect("./admin_log.php?active_savelog=1");
//文章保存成功
}
}
break;
}
Option::updateOption("widgets{$i}", $widgets_str);
}
}
unset($custom_widget[$rmwg]);
$custom_widget_str = addslashes(serialize($custom_widget));
Option::updateOption('custom_widget', $custom_widget_str);
}
break;
}
$CACHE->updateCache('options');
emDirect("./widgets.php?activated=1");
}
//保存组件排序
if ($action == 'compages') {
$wgNum = isset($_POST['wgnum']) ? intval($_POST['wgnum']) : 1;
//侧边栏编号 1、2、3 ……
$widgets = isset($_POST['widgets']) ? serialize($_POST['widgets']) : '';
Option::updateOption("widgets{$wgNum}", $widgets);
$CACHE->updateCache('options');
emDirect("./widgets.php?activated=true&wg={$wgNum}");
}
//恢复组件设置到初始安装状态
if ($action == 'reset') {
$widget_title = serialize(Option::getWidgetTitle());
$default_widget = serialize(Option::getDefWidget());
Option::updateOption("widget_title", $widget_title);
Option::updateOption("custom_widget", 'a:0:{}');
Option::updateOption("widgets1", $default_widget);
$CACHE->updateCache('options');
emDirect("./widgets.php?activated=1");
}
if ($attach['error'][$i] != 4) {
$file_info = uploadFile($attach['name'][$i], $attach['error'][$i], $attach['tmp_name'][$i], $attach['size'][$i], Option::getAttType(), false, $isthumbnail);
// 写入附件信息
$query = "INSERT INTO " . DB_PREFIX . "attachment (blogid, filename, filesize, filepath, addtime, width, height, mimetype, thumfor) VALUES ('%s','%s','%s','%s','%s','%s','%s','%s', 0)";
$query = sprintf($query, -1, $file_info['file_name'], $file_info['size'], $file_info['file_path'], time(), $file_info['width'], $file_info['height'], $file_info['mime_type']);
$DB->query($query);
$aid = $DB->insert_id();
$org_photo_atts[] = $file_info['file_path'];
}
}
}
$userData['photos'] = serialize($org_photo_atts);
$Viporg_model->addUser($userData);
emDirect('./viporg.php?active_add=1');
}
if ($action == 'del') {
$id = isset($_GET['id']) ? intval($_GET['id']) : '';
$Viporg_model->deleteUser($id);
emDirect('./viporg.php?active_del=1');
}
if ($action == 'delphoto') {
$id = isset($_GET['id']) ? $_GET['id'] : '';
$pic = isset($_GET['pic']) ? $_GET['pic'] : '';
$data = $Viporg_model->getUserDetail($id);
$org_photo_atts = $data['photos'] ? unserialize($data['photos']) : array();
$key = array_search($pic, $org_photo_atts);
unset($org_photo_atts[$key]);
$userData = array('photos' => serialize($org_photo_atts));
$Viporg_model->updateUser($userData, $id);
emDirect('./viporg.php?action=edit&uid=' . $id);
}
