function m__edit_my_pass()
{
global $dbm;
$_POST = helper::sqlxss($_POST);
$sql = "select apass from " . TB_PREFIX . "admin_list where admin_id='{$_SESSION['admin']['admin_id']}' limit 1";
$rs = $dbm->query($sql);
if (count($rs['list']) == 0) {
die('{"code":"1","msg":"登录状态可能已失效,请重新登录"}');
}
$_POST['upassnew'] = isset($_POST['upassnew']) ? $_POST['upassnew'] : '';
$_POST['new_upass'] = isset($_POST['new_upass']) ? $_POST['new_upass'] : '';
$_POST['re_upass'] = isset($_POST['re_upass']) ? $_POST['re_upass'] : '';
$verify = verify::verify_upass($_POST['new_upass']);
if ($rs['list'][0]['apass'] != helper::password_encrypt($_POST['upassnew'])) {
die('{"code":"1","msg":"原密码输入不正确","id":"upassnew"}');
}
if ($verify != '') {
die('{"code":"1","msg":"' . $verify . '","id":"new_upass"}');
}
if ($_POST['new_upass'] != $_POST['re_upass']) {
die('{"code":"1","msg":"新密码输入不一致","id":"new_upass"}');
}
$fields['apass'] = helper::password_encrypt($_POST['new_upass']);
$dbm->single_update(TB_PREFIX . "admin_list", $fields, "admin_id='{$_SESSION['admin']['admin_id']}'");
die('{"code":"0","msg":"密码修改成功"}');
}
function m__set_level()
{
global $dbm;
$_POST = helper::sqlxss($_POST);
$aid = isset($_POST['aid']) ? intval($_POST['aid']) : 0;
$gid = isset($_POST['gid']) ? intval($_POST['gid']) : 0;
$_POST['level'] = isset($_POST['level']) ? $_POST['level'] : array();
if ($aid < 0 && $gid < 0) {
die('{"code":"1","msg":"请选择权限设置对象,无法设置"}');
}
if ($gid > 0) {
if ($gid == 1) {
die('{"code":"100","msg":"超级管理组权限无需设置"}');
}
check_level("B0301");
$fields['g_urank'] = implode(',', $_POST['level']);
$rs = $dbm->single_update(TB_PREFIX . 'admin_group', $fields, "group_id='{$gid}'");
logs("设置组权限成功:" . $fields['g_urank']);
die('{"code":"0","msg":"设置用户组权限成功"}');
}
if ($aid > 0) {
check_level("B0302");
//die(print_r($_POST));
$fields['alevel'] = implode(',', $_POST['level']);
$rs = $dbm->single_update(TB_PREFIX . 'admin_list', $fields, "admin_id='{$aid}'");
logs("设置组权限成功:" . $fields['alevel']);
die('{"code":"0","msg":"设置用户权限成功"}');
}
}
function m__show_rewrite()
{
global $dbm;
$_POST = helper::sqlxss($_POST);
$_POST['url_id'] = isset($_POST['url_id']) ? intval($_POST['url_id']) : 0;
$rs = $dbm->query("select * from " . TB_PREFIX . "url_rewrite where url_id='{$_POST['url_id']}' limit 1");
if (count($rs['list']) == 0) {
die('{"code":1,"msg":"' . $_POST['url_id'] . ' 伪静态规则不存在"}');
}
die('{"code":0,"msg":"伪静态规则读取成功","data":' . json_encode($rs['list'][0]) . '}');
}
function m__login()
{
global $dbm;
$_POST = helper::sqlxss($_POST);
$_POST['uname'] = isset($_POST['uname']) ? $_POST['uname'] : '';
$verify = verify::verify_length($_POST['uname'], 1, 20);
if ($verify != '') {
die('{"code":"1","msg":"账号' . $verify . '","id":"uname"}');
}
$_POST['upass'] = isset($_POST['upass']) ? $_POST['upass'] : '';
$verify = verify::verify_upass($_POST['upass']);
if ($verify != '') {
die('{"code":"1","msg":"' . $verify . '","id":"uname","id":"upass"}');
}
$_POST['code'] = isset($_POST['code']) ? $_POST['code'] : '';
$_POST['safecode'] = isset($_POST['safecode']) ? $_POST['safecode'] : '';
if ($_POST['safecode'] != SAFE_CODE) {
die('{"code":"1","msg":"安全码错误","id":"safecode"}');
}
if ($_SESSION['login'] != md5(strtoupper($_POST['code']))) {
die('{"code":"1","msg":"验证码错误","id":"code"}');
}
$sql = "select a.*,b.g_urank,b.g_name from " . TB_PREFIX . "admin_list a left join " . TB_PREFIX . "admin_group b on a.group_id=b.group_id where aname='" . $_POST['uname'] . "' limit 1";
$rs = $dbm->query($sql);
//print_r($rs);
if (count($rs['list']) == 0) {
die('{"code":"1","msg":"账号不存在","id":"uname"}');
}
if ($rs['list'][0]['apass'] != helper::password_encrypt($_POST['upass'])) {
die('{"code":"1","msg":"密码错误","id":"upass"}');
}
if ($rs['list'][0]['astate'] != 0) {
die('{"code":"1","msg":"账号异常","id":"uname"}');
}
// 登陆成功
$_SESSION['admin']["admin_id"] = $rs['list'][0]['admin_id'];
$_SESSION['admin']["aname"] = $rs['list'][0]['aname'];
$_SESSION['admin']["aname_true"] = $rs['list'][0]['aname_true'];
$_SESSION['admin']["group_id"] = $rs['list'][0]['group_id'];
$_SESSION['admin']['group_level'] = $rs['list'][0]['g_urank'];
$_SESSION['admin']['gname'] = $rs['list'][0]['g_name'];
$_SESSION['admin']["alevel"] = $_SESSION['admin']['group_level'] . ',|,' . $rs['list'][0]['alevel'];
logs($_SESSION['admin']["aname"] . "登陆成功");
die('{"code":"0","msg":"登录成功"}');
}
function m__set_auth()
{
check_level("A0501");
$config = '../core/config.php';
$cf = file_get_contents($config);
$_POST = helper::sqlxss($_POST);
$code = isset($_POST['auth']) ? $_POST['auth'] : '';
if (!preg_match('~^[a-z_A-Z0-9=]{1,64}~', $code)) {
die('{"code":"1","msg":"授权码格式错误' . $code . '"}');
}
if (AUTH_CODE != $code) {
set_config('AUTH_CODE', $code, $cf);
if (helper::getChmod($config) != '0777') {
die('{"code":"1","msg":"/core/config.php 配置文件没有写权限"}');
}
file_put_contents($config, $cf);
}
die('{"code":"0","msg":"成功设置授权码"}');
}
<?php
// ******************************************************************************************************************************
// MCMS Copyright (c) 2012-2013 ZhangYiYeTai Inc.
// The program developed by loyjers core architecture, individual all rights reserved, if you have any questions please contact loyjers@126.com
// ******************************************************************************************************************************
//加载共用代码
require_once dirname(__FILE__) . "/inc_common.php";
$_GET = helper::sqlxss($_GET);
$_POST = helper::sqlxss($_POST);
//判断操作权限
check_level("E03");
// ******************************************************************************************************************************
// 页面动作函数载入
// ******************************************************************************************************************************
call_mfunc();
// ******************************************************************************************************************************
// 模板载入
// ******************************************************************************************************************************
$tpl = assign_tpl_admin(basename(__FILE__));
$template = $tpl[0];
require_once $tpl[1];
//
// ******************************************************************************************************************************
// 页面动作函数方法,必须以 m__ 开头
// ******************************************************************************************************************************
/*
* 获取内链词列表,支持分页
* 初始化页面时调用数据并且显示
*/
function m__list()
function m__get_keyword()
{
global $dbm;
$_GET = helper::sqlxss($_GET);
$keyword_id = $_GET['keyword_id'];
$sql = " select * from " . TB_PREFIX . "keyword where keyword_id=" . intval($keyword_id);
$res = $dbm->query($sql);
if (count($res['list']) > 0) {
$keyword = $res['list'][0];
die(json_encode($keyword));
}
die('{"code":"100","msg":"获取修改数据失败","data":"null"}');
}
<?php
/**
* 页面全局变量:
*
* @param $ => $dbm 数据库对象
* @param $ => $c 核心方法类对象
* @param $ => $plugins_path 当前插件目录
*/
define('CRANE_CMS', true);
require_once dirname(__FILE__) . "/core/init.php";
require_once ROOT_PATH . "/model/user.model.php";
helper::sqlxss();
//初始化对象
$time_start = helper::getmicrotime();
$dbm = new db_mysql();
$c = new common($dbm);
$u_obj = new User();
//获取当前URL路径
$plugins_path = dirname(__FILE__);
$plugins_path = str_replace('\\', '/', $plugins_path);
$plugins_path = substr($plugins_path, strpos($plugins_path, 'plugins/'), strlen($plugins_path));
$p = isset($_GET['p']) ? $_GET['p'] : 1;
//分页页码
if (!is_numeric($p)) {
$p = 1;
}
//页面动作 model 分支选择,动作函数写在文件末尾,全部以前缀 m__ 开头
$_GET['m'] = isset($_GET['m']) ? $_GET['m'] : 'login';
if (function_exists("m__" . $_GET['m'])) {
call_user_func("m__" . $_GET['m']);
/**
*
*获取分组下的关键字
*/
function m__get_keyword()
{
global $dbm;
$_GET = helper::sqlxss($_GET);
if (isset($_GET['qgroup']) && $_GET['qgroup'] != '') {
$sql = "select keyword_id,keyword from " . TB_PREFIX . "keyword where qgroup='{$qgroup}'";
$rs = $dbm->query($sql);
if (count($rs['list']) > 0) {
die(json_encode($rs['list']));
}
}
}
function m__del()
{
global $page, $dbm;
check_level("E0202");
$_POST = helper::sqlxss($_POST);
// 直接传过来的删除动作
if (isset($_POST['flink_id'])) {
//单个删除值传递
$_POST['params'] = array($_POST['flink_id']);
}
//循环删除数据
foreach ($_POST['params'] as $id) {
$id = intval($id);
$where = " flink_id = '" . $id . "'";
$sql = "select * from " . TB_PREFIX . "flink where flink_id=" . $id;
$rs = $dbm->query($sql);
if ($rs['error'] == '' && $rs['list'] == '') {
continue;
} elseif ($rs['list'][0]['flink_type'] == 1) {
//是云链接 告知服务器此链接已被删除
$path = AUTH_URL;
$last_char = substr($path, -1);
if ($last_char == '/') {
$path = substr($path, 0, -1);
}
$url = $path . '/api/yunflink.php?m=del_url&auth_code=' . AUTH_CODE . '&flink_url=' . $rs['list'][0]['flink_url'];
$data = helper::get_contents($url);
}
$dbm->single_del(TB_PREFIX . "flink", $where);
}
logs("成功删除了友情链接");
die('{"code":"0","msg":"删除成功"}');
}
/**
* 清理缓存
* 若成功则 code 为1 失败 code 为0
*/
function m__clearcache()
{
//判断操作权限
check_level("A04");
$_POST = helper::sqlxss($_POST);
if (isset($_POST['act']) && $_POST['act'] != '') {
$act = $_POST['act'];
$return = true;
//清空全部缓存
if ($act == 'whole') {
$return = del_dir("../" . CACHE_NAME);
if ($return) {
logs('成功清空了全部缓存');
}
}
//清空列表缓存
if ($act == 'list') {
$return = del_dir("../" . CACHE_NAME . "/list");
if ($return) {
logs('成功清空了列表缓存');
}
}
//清空内容缓存
if ($act == 'content') {
$return = del_dir("../" . CACHE_NAME . "/content");
if ($return) {
logs('成功清空了内容缓存');
}
}
//清空统计缓存
if ($act == 'count') {
$return = del_dir("../" . CACHE_NAME . "/count");
if ($return) {
logs('成功清空了统计缓存');
}
}
$host = $_SERVER['HTTP_HOST'];
//清空分类缓存
if ($act == 'category') {
$return = del_dir("../" . CACHE_NAME . "/" . $host . '_' . CACHE_PREFIX . "categories");
if ($return) {
logs('成功清空了分类缓存');
}
}
//清空伪静态缓存
if ($act == 'url_rewrite') {
$return = del_dir("../" . CACHE_NAME . "/" . $host . '_' . CACHE_PREFIX . "url_config");
if ($return) {
logs('成功清空了伪静态缓存');
}
}
//清空模型缓存
if ($act == 'externs') {
$return = del_dir("../" . CACHE_NAME . "/" . $host . '_' . CACHE_PREFIX . "externs");
if ($return) {
logs('成功清空了模型缓存');
}
}
//清空正文内链接缓存
if ($act == 'nlink') {
$return = del_dir("../" . CACHE_NAME . "/" . CACHE_PREFIX . "nlink");
if ($return) {
logs('成功清空了内链缓存');
}
}
sleep(1);
if ($return) {
die('{"code":"1","msg":"缓存清除成功"}');
} else {
die('{"code":"0","msg":"缓存清除失败,可能是 ' . CACHE_NAME . ' 文件目录没有读写权限!"}');
}
}
}
function m__edit()
{
global $dbm;
check_level("B0202");
$params = array();
foreach ($_POST as $k => $v) {
if (strpos($k, 'pass') > 0) {
} else {
$_POST[$k] = helper::sqlxss($v);
}
}
$fields['aname'] = isset($_POST['aname']) ? $_POST['aname'] : '';
$verify = verify::verify_uname($fields['aname']);
if ($verify != '') {
die('{"code":"1","msg":"' . $verify . '","id":"aname"}');
}
$_POST['apass'] = isset($_POST['apass']) ? $_POST['apass'] : '';
$_POST['re_pass'] = isset($_POST['re_pass']) ? $_POST['re_pass'] : '';
$fields['aname_true'] = isset($_POST['aname_true']) ? $_POST['aname_true'] : '';
$fields['aemail'] = isset($_POST['aemail']) ? $_POST['aemail'] : '';
$fields['aphone'] = isset($_POST['aphone']) ? $_POST['aphone'] : '';
$fields['group_id'] = isset($_POST['group_id']) ? intval($_POST['group_id']) : 0;
$_POST['admin_id'] = isset($_POST['admin_id']) ? intval($_POST['admin_id']) : 0;
if ($fields['group_id'] == 0) {
die('{"code":"1","msg":"请选择管理组","id":"group_id"}');
}
if ($_POST['admin_id'] > 0) {
if ($_POST['apass'] != '') {
$verify = verify::verify_upass($_POST['apass']);
if ($verify != '') {
die('{"code":"1","msg":"' . $verify . '","id":"apass"}');
}
if ($_POST['apass'] != $_POST['re_pass']) {
die('{"code":"1","msg":"两次密码输入不一致","id":"apass"}');
}
$fields['apass'] = helper::password_encrypt($_POST['apass']);
}
$where = " admin_id ='" . $_POST['admin_id'] . "'";
$rs = $dbm->single_update(TB_PREFIX . "admin_list", $fields, $where);
if ($rs['error'] == '') {
logs("编辑CMS账号资料成功:{$_POST['aname']}");
die('{"code":"0","msg":"编辑账号成功"}');
}
die('{"code":"1","msg":"编辑账号失败,请核实后再编辑"}');
} else {
// 添加账号
$verify = verify::verify_upass($_POST['apass']);
if ($verify != '') {
die('{"code":"1","msg":"' . $verify . '","id":"apass"}');
}
if ($_POST['apass'] != $_POST['re_pass']) {
die('{"code":"1","msg":"两次密码输入不一致","id":"apass"}');
}
$fields['apass'] = helper::password_encrypt($_POST['apass']);
$where = " aname='" . $_POST['aname'] . "'";
$a = $dbm->single_query(array('where' => $where, 'table_name' => TB_PREFIX . "admin_list"));
if (count($a['list']) > 0) {
die('{"code":"1","msg":"账号名不能重复","id":"aname"}');
}
$fields['reg_date'] = time();
$fields['astate'] = 0;
$rs = $dbm->single_insert(TB_PREFIX . "admin_list", $fields);
if ($rs['error'] == '') {
logs("添加账号成功:{$_POST['aname']}");
die('{"code":"0","msg":"添加账号成功"}');
}
die('{"code":"1","msg":"添加账号失败,请核实后再添加"}');
}
}
function m__save_attr()
{
global $dbm;
//判断操作权限
check_level("E0403");
$area_id = isset($_GET['area_id']) ? intval($_GET['area_id']) : 0;
if ($area_id == 0) {
die('{"code":1,"msg":"广告位不存在"}');
}
$a = $dbm->query("select * from " . TB_PREFIX . "recommend_area where area_id='{$area_id}'");
if (count($a['list']) < 1) {
die('{"code":1,"msg":"广告位不存在"}');
}
$area = $a['list'][0];
//模型
$attr = unserialize($area['area_html']);
// 初始化数据
foreach ($_POST as $a => $b) {
$_POST[$a] = helper::sqlxss($b, 1);
$_POST[$a] = preg_replace('~"~', '"', $_POST[$a]);
$_POST[$a] = helper::escape_stripslashes($_POST[$a]);
if ($a == 'tag' && $b == '') {
die('{"code":1,"msg":"标识不能为空,并且不可重复"}');
}
//if($a=='img' && $b=='') die('{"code":1,"msg":"图片不能为空"}');
}
unset($_POST['hashtoken']);
//去掉不必要的参数
if (isset($_POST['flash_file'])) {
unset($_POST['flash_file']);
}
// 如果是代码广告
if (isset($_POST['area_html'])) {
$attr['list'] = $_POST['area_html'];
} else {
// 判断属性是否存在
$attr_has = '-1';
foreach ($attr['list'] as $k => $v) {
if (!isset($attr['list'][$k]['tag'])) {
$attr['list'][$k]['tag'] = $attr['list'][$k]['title'];
}
if ($attr['list'][$k]['tag'] == $_POST['tag']) {
$attr_has = $k;
break;
}
}
if ($attr_has == '-1') {
array_push($attr['list'], $_POST);
//新增
} else {
$attr['list'][$attr_has] = $_POST;
//修改
}
}
$attr_content = serialize($attr);
$attr_content = preg_replace("~'~", "\\'", $attr_content);
// 写入数据库
$res = $dbm->query_update("update " . TB_PREFIX . "recommend_area set area_html='{$attr_content}' where area_id='{$area_id}'");
logs("修改管理广告位ID为:" . $area_id . "下面的广告成功" . $attr_content);
die('{"code":0,"msg":"保存成功"}');
}
function m__del()
{
global $dbm;
$_POST = helper::sqlxss($_POST);
//验证权限 由于这里关系到推荐位和专题两个权限。所以要根据$_GET['type'] 来区别判断
if ($_GET['type'] == 1) {
//判断推荐位权限 1=推荐位
check_level("E0502");
} else {
//判断专题权限
check_level("E0602");
}
// 直接传过来的删除动作
if (isset($_POST['area_id'])) {
$_POST['params'] = array($_POST['area_id']);
}
if (empty($_POST['params'])) {
die('{"code":"100","msg":"没有选中要删除的友链"}');
}
foreach ($_POST['params'] as $id) {
$id = intval($id);
$where = " area_id = '" . $id . "'";
$res = $dbm->single_del(TB_PREFIX . "recommend_area", $where);
if (!empty($res['error'])) {
continue;
}
}
logs("删除成功,ID为:" . json_encode($_POST['params']));
die('{"code":"0","msg":"删除成功"}');
}
public static function sqlxss($input)
{
if (is_array($input)) {
foreach ($input as $k => $v) {
$input[$k] = helper::sqlxss($v);
}
} else {
$input = helper::escape($input, 1);
$input = htmlspecialchars($input, ENT_QUOTES);
}
return $input;
}