www.gusucode.com > 网猫影视系统NetMao Movie 4.6.6 开源版源码程序 > upload/admin/part9.inc.php
<?php
/*
*######################################
* Netmao Movie 4.x - NetMao Movie System
* Copyright (c) 2007-2008 NetMao.cn
* For further information go to http://www.netmao.cn/
* This copyright notice must stay intact for use.
*######################################
*/
if(!defined('IN_NetMao') || !isset($PHP_SELF) || !preg_match("/[\/\\\\]nmadmin\.php$/", $PHP_SELF)) exit('Access Denied');
switch($action){
case 'code_manage' :
$perpage='200';
$page=$page ? $page : 1;
$mpurl = "?action=code_manage&isok=$isok&type=$type&keyword=$keyword";
$offset=$page ? ($page-1)*$perpage : 0;
switch($isok){
case 'no' : $WHERE ='WHERE isok=0'; break;
case 'y1' : $WHERE ='WHERE isok=1'; break;
case 'y2' : $WHERE ='WHERE isok=2'; break;
default : $WHERE='WHERE 1'; break;
}
if($keyword!=''){
switch($type){
case 'url' : $ANDWHERE = "and url like '%$keyword%'"; break;
case 'code' : $ANDWHERE = "and code like '%$keyword%'"; break;
case 'urlid' : $ANDWHERE = "and urlid='$keyword'"; break;
default : $ANDWHERE =""; break;
}
}else{
$ANDWHERE='';
}
$query1="SELECT count(*) AS num FROM {$tablepre}codes $WHERE $ANDWHERE";
$result1=$db->query($query1);
$r1=$db->fetch_array($result1);
$num=$r1["num"];
$pages=phppage($num,$perpage,$page,$mpurl);
$query2="SELECT * FROM {$tablepre}codes $WHERE $ANDWHERE ORDER BY urlid DESC LIMIT $offset,$perpage";
$result2=$db->query($query2);
while($nmcode=$db->fetch_array($result2)){
$nmcodes[]=$nmcode;
}
nmcptpl('code');
break;
case 'code_mod' :
if(!$submit) {
$result=$db->query("SELECT * FROM {$tablepre}codes WHERE urlid='$urlid'");
$code=$db->fetch_array($result);
nmcptpl('code');
}else{
$db->query("UPDATE {$tablepre}codes set url='$urlnew',code='$codenew',isok='$isoknew' where urlid='$urlid'");
nmsg('operate_succeed',"?action=code_manage&isok=$isok&type=$type&keyword=$keyword&page=$page");
}
break;
case 'code_del' :
if(!$confirmed) {
nmsg('operate_duplicate', "?action=code_del&urlid=$urlid&isok=$isok&type=$type&keyword=$keyword", 'form');
}else{
$db->query("DELETE FROM {$tablepre}codes WHERE urlid='$urlid'");
nmsg('operate_succeed',"?action=code_manage&isok=$isok&type=$type&keyword=$keyword");
}
break;
case 'code_from' :
if($cscsubmit){
$comma = '';
if(!$urlid){nmsg('operate_invalid','?action=code_manage'); }
if(is_array($urlid)){foreach($urlid as $url_id){$urlids .= $comma.$url_id; $comma = '_';}}else{$urlids = $urlid;}
nmsg('operate_duplicate',"?action=code_to&urlids=$urlids&cscsubmit=yes",'form');
}elseif($cy0submit){
$comma = '';
if(!$urlid){nmsg('operate_invalid','?action=code_manage'); }
if(is_array($urlid)){foreach($urlid as $url_id){$urlids .= $comma.$url_id; $comma = '_';}}else{$urlids = $urlid;}
nmsg('operate_duplicate',"?action=code_to&urlids=$urlids&cy0submit=yes",'form');
}elseif($cy1submit){
$comma = '';
if(!$urlid){nmsg('operate_invalid','?action=code_manage'); }
if(is_array($urlid)){foreach($urlid as $url_id){$urlids .= $comma.$url_id; $comma = '_';}}else{$urlids = $urlid;}
nmsg('operate_duplicate',"?action=code_to&urlids=$urlids&cy1submit=yes",'form');
}elseif($cy2submit){
$comma = '';
if(!$urlid){nmsg('operate_invalid','?action=code_manage'); }
if(is_array($urlid)){foreach($urlid as $url_id){$urlids .= $comma.$url_id; $comma = '_';}}else{$urlids = $urlid;}
nmsg('operate_duplicate',"?action=code_to&urlids=$urlids&csy2ubmit=yes",'form');
}elseif($cicsubmit){
$comma = '';
if(!$urlid){nmsg('operate_invalid','?action=code_manage'); }
if(is_array($urlid)){foreach($urlid as $url_id){$urlids .= $comma.$url_id; $comma = '_';}}else{$urlids = $urlid;}
nmsg('operate_duplicate',"?action=code_to&urlids=$urlids&cicsubmit=yes",'form');
}
break;
case 'code_to' :
if($cscsubmit){
if(!$urlids){nmsg('operate_invalid','?action=code_manage'); }
$urlids=str_replace('_',',',$urlids);
$db->query("DELETE FROM {$tablepre}codes WHERE urlid in ($urlids)");
nmsg('operate_succeed','?action=code_manage');
}elseif($cy0submit){
if(!$urlids){nmsg('operate_invalid','?action=code_manage'); }
$urlids=str_replace('_',',',$urlids);
$db->query("UPDATE {$tablepre}codes SET isok='0' WHERE urlid in ($urlids)");
nmsg('operate_succeed','?action=code_manage');
}elseif($cy1submit){
if(!$urlids){nmsg('operate_invalid','?action=code_manage'); }
$urlids=str_replace('_',',',$urlids);
$db->query("UPDATE {$tablepre}codes SET isok='1' WHERE urlid in ($urlids)");
nmsg('operate_succeed','?action=code_manage');
}elseif($cy2submit){
if(!$urlids){nmsg('operate_invalid','?action=code_manage'); }
$urlids=str_replace('_',',',$urlids);
$db->query("UPDATE {$tablepre}codes SET isok='2' WHERE urlid in ($urlids)");
nmsg('operate_succeed','?action=code_manage');
}elseif($cicsubmit){
if(!$urlids){nmsg('operate_invalid','?action=code_manage'); }
$urlids=explode('_',$urlids);
foreach($urlids as $urlid){
$result1=$db->query("select * from {$tablepre}codes where urlid='$urlid'");
$r1=$db->fetch_array($result1);
$netmaocode=$r1[code];
runnetmaocode($netmaocode,'3');
}
nmsg('operate_succeed','?action=code_manage');
}
break;
case 'code_run' :
$result1=$db->query("SELECT * FROM {$tablepre}codes WHERE urlid='$urlid'");
$r1=$db->fetch_array($result1);
$netmaocode=$r1[code];
runnetmaocode($netmaocode,'2');
nmsg('operate_succeed',"?action=code_manage");
break;
case 'code_runquery' :
if(!$codesubmit){
nmcptpl('code');
}else{
runnetmaocode($netmaocode,'1');
nmsg('operate_succeed',"?action=code_runquery");
}
break;
}
function runnetmaocode($netmaocode,$netmaotype='1'){
global $db,$tablepre,$timestamp,$urlid;
preg_match_all("/<nm:([^>]+)>([\s\S]*?)<\/nm>/",$netmaocode,$matchs);
for($i=0;$i<count($matchs[1]);$i++){
$labels[$matchs[1][$i]]=$matchs[2][$i];
}
unset($matchs);
$author='spider';
$addtime=intval($labels[addtime]);
$addtime=$addtime ? $addtime : $timestamp;
$cid=intval($labels[cid]);
$picture=daddslashes($labels[picture]);
$name=daddslashes($labels[name]);
$area=daddslashes($labels[area]);
$language=daddslashes($labels[language]);
$actor=daddslashes($labels[actor]);
$director=daddslashes($labels[director]);
$content=daddslashes(trim($labels[content]));
$adsense=daddslashes($labels[adsense]);
$description=daddslashes($labels[description]);
$keyword=daddslashes($labels[keyword]);
$isrun=intval($labels[isrun]);
$isindex=intval($labels[isindex]);
$ismlist=intval($labels[ismlist]);
$isshow=intval($labels[isshow]);
$hits=intval($labels[hits]);
$filecontent=trim($labels[filecontent]);
if($netmaotype<'3'){
if(!$name || strlen($name) > 50 || strlen($language) > 50 || strlen($area) > 50 || strlen($actor) > 255 || strlen($director) > 255 || strlen($picture) > 255 || strlen($keyword) > 255 || strlen($description) > 255) {nmsg('info_invalid','','back');}
}
if($name && strlen($name) < 50 && strlen($language) < 50 && strlen($area) < 50 && strlen($actor) < 255 && strlen($director) < 255 && strlen($picture) < 255 && strlen($keyword) < 255 && strlen($description) < 255) {
$db->query("INSERT INTO {$tablepre}movies(author,addtime,name,cid,area,language,actor,director,picture,content,adsense,description,keyword,isrun,isindex,ismlist,isshow,hits) VALUES('$author','$addtime','$name','$cid','$area','$language','$actor','$director','$picture','$content','$adsense','$description','$keyword','$isrun','$isindex','$ismlist','$isshow','$hits')");
$mid=$db->insert_id();
if($filecontent!=''){
$xfilecontents=explode("\r",$filecontent);
foreach($xfilecontents as $i=>$xfilecontent){
if($xfilecontent!=''){
$xfiles=explode("|",trim($xfilecontent));
$fcontent=$xfiles[0]; $fname=$xfiles[1]; $fserver=$xfiles[2]; $fplayer=$xfiles[3];
$db->query("INSERT INTO {$tablepre}files(mid,name,content,server,player) VALUES('$mid','$fname','$fcontent','$fserver','$fplayer')");
}
}
}
if($netmaotype>'1'){
$db->query("UPDATE {$tablepre}codes set isok='2' WHERE urlid='$urlid'");
}
}
}
?>