$data .= $r['ali'] . ',';
$data .= $r['msn'] . ',';
$data .= $r['skype'] . ',';
$data .= $r['address'] . ',';
$data .= $r['postcode'] . ',';
$data .= timetodate($r['regtime']) . ',';
$data .= timetodate($r['logintime']) . ',';
$data .= $r['logintimes'] . ',';
$data .= $r['money'] . ',';
$data .= $r['credit'] . ',';
$data .= $r['sms'] . ',';
$data .= $r['vip'] . ',';
$data .= "\n";
}
$data = convert($data, DT_CHARSET, 'GBK');
file_down('', 'contact.csv', $data);
}
if ($page > 1 && $sum) {
$items = $sum;
} else {
$r = $db->get_one("SELECT COUNT(*) AS num FROM {$DT_PRE}member m,{$DT_PRE}company c WHERE {$condition}");
$items = $r['num'];
}
$pages = pages($items, $page, $pagesize);
$members = array();
$result = $db->query("SELECT * FROM {$DT_PRE}member m,{$DT_PRE}company c WHERE {$condition} ORDER BY {$order} LIMIT {$offset},{$pagesize}");
while ($r = $db->fetch_array($result)) {
$r['logindate'] = timetodate($r['logintime'], 5);
$r['regdate'] = timetodate($r['regtime'], 5);
$members[] = $r;
}
<?php
defined('IN_DESTOON') or exit('Access Denied');
if ($DT_BOT) {
dhttp(403);
}
require DT_ROOT . '/module/' . $module . '/common.inc.php';
$data = "[InternetShortcut]\r\n";
$data .= "URL=" . DT_PATH . "?from=desktop\r\n";
$data .= "IconFile=" . DT_PATH . "favicon.ico\r\n";
$data .= "IconIndex=1";
$file = file_vname($DT['sitename'] . '.url');
$file = convert($file, DT_CHARSET, 'GBK');
file_down('', $file, $data);
function down_url($url)
{
if (islocal($url)) {
file_down(local_file($url));
} else {
header("location:{$url}");
}
mexit();
}
file_put(DT_ROOT . '/file/mobile/' . $filename, trim($mail));
$page++;
msg('文件' . $filename . '获取成功。<br/>请稍候,程序将自动继续...', '?moduleid=' . $moduleid . '&file=' . $file . '&action=' . $action . '&tb=' . urlencode($tb) . '&field=' . urlencode($field) . '&sql=' . urlencode(base64_encode($sql)) . '&num=' . $num . '&page=' . $page . '&random=' . urlencode($random) . '&make=1');
} else {
msg('列表获取成功', '?moduleid=' . $moduleid . '&file=' . $file . '&action=list');
}
} else {
include tpl('sendsms_make', $module);
}
break;
case 'download':
$file_ext = file_ext($filename);
if ($file_ext != 'txt') {
msg('只能下载TxT文件');
}
file_down(DT_ROOT . '/file/mobile/' . $filename);
break;
case 'upload':
require DT_ROOT . '/include/upload.class.php';
$do = new upload($_FILES, 'file/mobile/', $uploadfile_name, 'txt');
$do->adduserid = false;
if ($do->save()) {
msg('上传成功', '?moduleid=' . $moduleid . '&file=' . $file . '&action=list');
}
msg($do->errmsg);
break;
case 'delete':
if (is_array($filenames)) {
foreach ($filenames as $filename) {
if (file_ext($filename) == 'txt') {
@unlink(DT_ROOT . '/file/mobile/' . $filename);
if ($mail) {
$filename = timetodate($DT_TIME, 'Ymd') . '_' . $random . '_' . $page . '.txt';
file_put(DT_ROOT . '/file/email/' . $filename, trim($mail));
$page++;
msg('文件' . $filename . '获取成功。<br/>请稍候,程序将自动继续...', '?moduleid=' . $moduleid . '&file=' . $file . '&action=' . $action . '&tb=' . urlencode($tb) . '&field=' . urlencode($field) . '&sql=' . urlencode(base64_encode($sql)) . '&num=' . $num . '&page=' . $page . '&random=' . urlencode($random) . '&make=1');
} else {
msg('列表获取成功', '?moduleid=' . $moduleid . '&file=' . $file . '&action=list');
}
} else {
include tpl('sendmail_make', $module);
}
break;
case 'download':
$file_ext = file_ext($filename);
$file_ext == 'txt' or msg('只能下载TxT文件');
file_down(DT_ROOT . '/file/email/' . $filename);
break;
case 'upload':
require DT_ROOT . '/include/upload.class.php';
$do = new upload($_FILES, 'file/email/', $uploadfile_name, 'txt');
$do->adduserid = false;
if ($do->save()) {
msg('上传成功', '?moduleid=' . $moduleid . '&file=' . $file . '&action=list');
}
msg($do->errmsg);
break;
case 'delete':
if (is_array($filenames)) {
foreach ($filenames as $filename) {
if (file_ext($filename) == 'txt') {
@unlink(DT_ROOT . '/file/email/' . $filename);
if (is_array($filenames)) {
foreach ($filenames as $filename) {
if (fileext($filename) == 'sql') {
@unlink('./data/' . $filename);
}
}
} else {
if (fileext($filenames) == 'sql') {
@unlink('./data/' . $filenames);
}
}
echo "<script>alert('Data deleted successfully!');location.href='save_data.php?action=import';</script>";
break;
case 'down':
$filename or message('文件名不能为空');
file_down('./data/' . $filename);
break;
case 'phpinfo':
phpinfo();
exit;
break;
}
function message($msg, $url_forward = './', $ms = 1250)
{
global $charset;
include template("message");
exit;
}
function daddslashes($string, $force = 0)
{
global $magic_quotes_gpc;
break;
case 'export':
if (!$table) {
msg();
}
//$memory_limit = trim(@ini_get('memory_limit'));
$sizelimit = 1024 * 1024;
//Max 1G
file_down('', $table . '.sql', sql_dumptable($table));
break;
case 'download':
$file_ext = file_ext($filename);
if ($file_ext != 'sql') {
msg('只能下载SQL文件');
}
file_down($dir ? $D . $dir . '/' . $filename : $D . $filename);
break;
case 'delete':
if (!is_array($filenames)) {
$tmp = $filenames;
$filenames = array();
$filenames[0] = $tmp;
}
foreach ($filenames as $filename) {
if (file_ext($filename) == 'sql') {
file_del($dir ? $D . $dir . '/' . $filename : $D . $filename);
} else {
if (is_dir($D . $filename)) {
dir_delete($D . $filename);
}
}
adminlog(lang('db_tb_' . submitcheck('bdboptimize') ? 'optimize' : 'repair'));
amessage('tableoperatefinish', '?entry=database&action=dboptimize');
}
} elseif ($action == 'dbsql') {
if (!submitcheck('bdbsql')) {
url_nav(lang('dboperate'), $urlsarr, 'dbsql');
tabheader(lang('run_sql_code'), 'dbsql', '?entry=database&action=dbsql');
echo "<tr class=\"txt\"><td class=\"txtL w25B\">" . lang('im_sql_code_content') . "</td><td class=\"txtL\"><textarea rows=\"15\" name=\"sqlcode\" cols=\"100\"></textarea></td></tr>";
tabfooter('bdbsql');
a_guide('dbsql');
} else {
empty($sqlcode) && amessage('inputsqlcode', '?entry=database&action=dbsql');
$sqlquery = splitsql(str_replace(array(' cms_', ' {tblprefix}', ' `cms_'), array(' ' . $tblprefix, ' ' . $tblprefix, ' `' . $tblprefix), $sqlcode));
$affected_rows = 0;
foreach ($sqlquery as $sql) {
if (trim($sql) != '') {
$db->query(stripslashes($sql), 'SILENT');
if ($sqlerror = $db->error()) {
break;
} else {
$affected_rows += intval($db->affected_rows());
}
}
}
adminlog(lang('run_sql_code'));
amessage('sqlresult', '?entry=database&action=dbsql', $affected_rows);
}
} elseif ($action == 'download' && $filename) {
adminlog(lang('dl_db_backup_file'));
file_down(M_ROOT . './dynamic/' . $backupdir . '/' . $filename);
}
$names = parse_dict($tb);
}
}
}
$result = $db->query("SHOW COLUMNS FROM `{$sc_table}`");
while ($r = $db->fetch_array($result)) {
$k = $r['Field'];
$fields[$k]['name'] = $edit ? $_fields[$k]['name'] : '';
$fields[$k]['value'] = $edit ? $_fields[$k]['value'] : '';
}
include tpl('data_config');
}
break;
case 'download':
if ($name) {
file_down(DT_ROOT . '/file/data/' . $name . '.php');
}
msg();
break;
case 'delete':
if ($name) {
file_del(DT_ROOT . '/file/data/' . $name . '.php');
file_del(DT_ROOT . '/file/data/' . $name . '.inc.php');
}
dmsg('删除成功', '?file=' . $file);
break;
case 'view':
$data = array();
@(include DT_ROOT . '/file/data/' . $name . '.php');
$data = dstripslashes($data);
extract($data);
$sql = str_replace(' {$tblprefix}', " {$tblprefix}", $sql);
$db->query($sql, 'SILENT');
if (($sqlerror = $db->error()) && $db->errno() != 1062) {
$db->halt('MySQL Query Error', $sql);
}
}
}
}
$db->query("REPLACE INTO {$tblprefix}mconfigs (varname, value, cftype) VALUES ('templatedir','{$tpltarget}','view')");
$db->query("INSERT INTO {$tblprefix}members (mid, mname, isfounder, password, email, checked) VALUES ('{$memberid}', '" . $curuser->info['mname'] . "', '1', '" . $curuser->info['password'] . "', '" . $curuser->info['email'] . "', '1');");
adminlog(lang('instwebscon'));
rebuild_cache(-1);
}
} elseif ($action == 'download' && $filename) {
adminlog(lang('downsyscondatfi'));
file_down(M_ROOT . './dynamic/export/' . $filename);
}
function dircopy($source, $destination, $child = 1)
{
if (!is_dir($source)) {
return false;
}
mmkdir($destination);
$handle = dir($source);
while ($entry = $handle->read()) {
if ($entry != "." && $entry != "..") {
if (is_dir($source . "/" . $entry)) {
dircopy($source . "/" . $entry, $destination . "/" . $entry, $child);
} else {
copy($source . "/" . $entry, $destination . "/" . $entry);
}
if (strpos($data, $post['title'] . '|' . $post['url']) === false) {
$post = daddslashes($post);
if ($do->add($post)) {
$i++;
}
}
}
}
}
if ($i) {
cache_keylink($item);
}
dmsg('添加成功' . $i . '条', '?file=' . $file . '&item=' . $item);
break;
case 'export':
file_down('', 'keylink-' . $item . '.txt', $do->merge($item));
break;
default:
if ($submit) {
if ($do->update($post)) {
dmsg('更新成功', '?file=' . $file . '&item=' . $item);
} else {
msg($do->errmsg);
}
} else {
$condition = '';
if ($kw) {
$condition .= " AND (title LIKE '%{$keyword}%' OR url LIKE '%{$keyword}%')";
}
$lists = $do->get_list($condition);
$fid = isset($fid) ? intval($fid) : 0;
if (file_copy($template_root . '/' . $fileid . '.' . $bakid . '.bak', $template_root . '/' . $fileid . '.htm')) {
dmsg('恢复成功', $this_forward);
}
msg('备份文件恢复失败');
break;
case 'template_name':
$fileid or exit('0');
$name or exit('0');
$name = convert($name, 'UTF-8', DT_CHARSET);
template_name($fileid, $name);
exit('1');
break;
case 'download':
$fileid or msg();
$file_ext = $bakid ? '.' . $bakid . '.bak' : '.htm';
file_down($template_root . '/' . $fileid . $file_ext);
break;
case 'delete':
$fileid or msg();
$file_ext = $bakid ? '.' . $bakid . '.bak' : '.htm';
file_del($template_root . '/' . $fileid . $file_ext);
if (!$bakid) {
template_name();
}
dmsg('删除成功', $this_forward);
break;
case 'cache':
cache_clear('php', 'dir', 'tpl');
dmsg('更新成功', $this_forward);
break;
default:
msg('文件名不能为空');
}
if (!$bakid) {
msg('Invalid Request');
}
if (file_copy($skin_root . $fileid . '.' . $bakid . '.bak', $skin_root . $fileid . '.css')) {
dmsg('备份文件恢复成功', $this_forward);
}
dmsg('备份文件恢复失败');
break;
case 'download':
if (!$fileid) {
msg('文件名不能为空');
}
$file_ext = $bakid ? '.' . $bakid . '.bak' : '.css';
file_down($skin_root . $fileid . $file_ext);
break;
case 'delete':
if (!$fileid) {
msg('文件名不能为空');
}
$file_ext = $bakid ? '.' . $bakid . '.bak' : '.css';
file_del($skin_root . $fileid . $file_ext);
dmsg('文件删除成功', $this_forward);
break;
default:
$files = $skins = $baks = array();
$files = glob($skin_root . '*.*');
if (!$files) {
msg('风格文件不存在,请先创建', "?file={$file}&action=add");
}
} else {
$black = $username;
}
$db->query("UPDATE {$DT_PRE}member SET black='{$black}' WHERE userid={$_userid}");
$chatid = get_chat_id($_username, $username);
$db->query("DELETE FROM {$table} WHERE chatid='{$chatid}'");
dmsg('屏蔽成功', 'message.php?action=setting');
break;
case 'down':
if ($data) {
$data = stripslashes(dsafe($data));
$css = file_get('image/chat.css');
$css = str_replace('#chat{width:auto;height:286px;overflow:auto;', '#chat{width:700px;margin:auto;', $css);
$css = str_replace("url('", "url('" . $MOD['linkurl'] . "image/", $css);
$data = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html;charset=' . DT_CHARSET . '"/><title>聊天记录</title><style type="text/css">' . $css . '</style><base href="' . $MOD['linkurl'] . '"/></head><body><div id="chat">' . $data . '</div></body></html>';
file_down('', 'chat_' . timetodate($DT_TIME, 'Y-m-d-H-i') . '.html', $data);
}
exit;
break;
case 'contact':
check_name($touser) or dalert('不能与自己对话', 'goback');
$go = '?touser='******'&mid=' . $mid . '&itemid=' . $itemid . '&forward=' . $forward;
if ($_username) {
dheader($go);
}
$filename = get_chat_file(get_chat_id($chatuser, $touser));
if (is_file($filename)) {
dheader($go);
}
require DT_ROOT . '/include/post.func.php';
strlen($truename) > 2 or dalert('请填写联系人', 'goback');
} else {
dalert($L['not_mirror'], $linkurl);
}
} else {
if ($local) {
if ($MOD['upload'] && filesize($localfile) < $MOD['readsize'] * 1024 * 1024) {
$ext = file_ext($localfile);
if (!in_array($ext, explode('|', $MOD['upload'])) || in_array($ext, array('php', 'sql')) || strpos($localfile, './') !== false) {
dheader($fileurl);
}
//Safe
$title = file_vname($title);
$title or dheader($fileurl);
if (strpos($_SERVER['HTTP_USER_AGENT'], 'Chrome') !== false) {
$title = convert($title, DT_CHARSET, 'UTF-8');
}
if (strpos($_SERVER['HTTP_USER_AGENT'], 'Firefox') !== false) {
$title = str_replace(' ', '_', $title);
}
if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false) {
$title = convert($title, DT_CHARSET, 'GBK');
}
$title or dheader($fileurl);
file_down($localfile, $title . '.' . $ext);
} else {
dheader($fileurl);
}
} else {
dheader($fileurl);
}
}
public function download()
{
$a_k = trim($_GET['a_k']);
$pc_auth_key = md5(pc_base::load_config('system', 'auth_key') . $_SERVER['HTTP_USER_AGENT']);
$a_k = sys_auth($a_k, 'DECODE', $pc_auth_key);
if (empty($a_k)) {
showmessage(L('illegal_parameters'));
}
unset($i, $m, $f, $t, $ip);
parse_str($a_k);
if (isset($i)) {
$downid = intval($i);
}
if (!isset($m)) {
showmessage(L('illegal_parameters'));
}
if (!isset($modelid)) {
showmessage(L('illegal_parameters'));
}
if (empty($f)) {
showmessage(L('url_invalid'));
}
if (!$i || $m < 0) {
showmessage(L('illegal_parameters'));
}
if (!isset($t)) {
showmessage(L('illegal_parameters'));
}
if (!isset($ip)) {
showmessage(L('illegal_parameters'));
}
$starttime = intval($t);
if (preg_match('/(php|phtml|php3|php4|jsp|dll|asp|cer|asa|shtml|shtm|aspx|asax|cgi|fcgi|pl)(\\.|$)/i', $f) || strpos($f, ":\\") !== FALSE || strpos($f, '..') !== FALSE) {
showmessage(L('url_error'));
}
$fileurl = trim($f);
if (!$downid || empty($fileurl) || !preg_match("/[0-9]{10}/", $starttime) || !preg_match("/[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/", $ip) || $ip != ip()) {
showmessage(L('illegal_parameters'));
}
$endtime = SYS_TIME - $starttime;
if ($endtime > 3600) {
showmessage(L('url_invalid'));
}
if ($m) {
$fileurl = trim($s) . trim($fileurl);
}
//远程文件
if (strpos($fileurl, ':/') && strpos($fileurl, pc_base::load_config('system', 'upload_url')) === false) {
header("Location: {$fileurl}");
} else {
if ($d == 0) {
header("Location: " . $fileurl);
} else {
$fileurl = str_replace(array(pc_base::load_config('system', 'upload_url'), '/'), array(pc_base::load_config('system', 'upload_path'), DIRECTORY_SEPARATOR), $fileurl);
$filename = basename($fileurl);
//处理中文文件
if (preg_match("/^([\\s\\S]*?)([�-�][@-�])([\\s\\S]*?)/", $fileurl)) {
$filename = str_replace(array("%5C", "%2F", "%3A"), array("\\", "/", ":"), urlencode($fileurl));
$filename = urldecode(basename($filename));
}
$ext = fileext($filename);
$filename = date('Ymd_his') . random(3) . '.' . $ext;
file_down($fileurl, $filename);
}
}
}
/**
* 备份文件下载
*/
public function public_down()
{
$admin_founders = explode(',', pc_base::load_config('system', 'admin_founders'));
if (!in_array($this->userid, $admin_founders)) {
showmessage(L('only_fonder_operation'));
}
$datadir = $_GET['pdoname'];
$filename = $_GET['filename'];
$fileext = fileext($filename);
if ($fileext != 'sql') {
showmessage(L('only_sql_down'));
}
file_down(CACHE_PATH . 'bakup' . DIRECTORY_SEPARATOR . $datadir . DIRECTORY_SEPARATOR . $filename);
}
break;
case 'down':
if ($data && check_name($username) && is_md5($chatid)) {
$chat = $db->get_one("SELECT * FROM {$table} WHERE chatid='{$chatid}'");
if ($chat['fromuser'] == $_username) {
$chat['touser'] == $username or exit;
} else {
$chat['fromuser'] == $username or exit;
}
$data = stripslashes(dsafe($data));
$css = file_get('image/chat.css');
$css = str_replace('#chat{width:auto;height:266px;overflow:auto;', '#chat{width:600px;margin:auto;', $css);
$css = str_replace("url('", "url('" . $MOD['linkurl'] . "image/", $css);
$data = str_replace('o<em></em>n', 'on', $data);
$data = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html;charset=' . DT_CHARSET . '"/><title>' . lang($L['chat_record'], array($username)) . '</title><style type="text/css">' . $css . '</style><base href="' . $MOD['linkurl'] . '"/></head><body><div id="chat">' . $data . '</div></body></html>';
file_down('', 'chat-' . $username . '-' . timetodate($DT_TIME, 'Y-m-d-H-i') . '.html', $data);
}
exit;
break;
case 'list':
$data = '';
$new = 0;
$result = $db->query("SELECT * FROM {$table} WHERE fromuser='******' OR touser='******' ORDER BY lasttime DESC LIMIT 100");
while ($r = $db->fetch_array($result)) {
if ($r['fromuser'] == $_username) {
$r['user'] = $r['touser'];
$r['new'] = $r['fnew'];
} else {
$r['user'] = $r['fromuser'];
$r['new'] = $r['tnew'];
}
