www.gusucode.com > 网猫影视系统NetMao Movie 4.6.6 开源版源码程序 > upload/admin/part9.inc.php
<?php /* *###################################### * Netmao Movie 4.x - NetMao Movie System * Copyright (c) 2007-2008 NetMao.cn * For further information go to http://www.netmao.cn/ * This copyright notice must stay intact for use. *###################################### */ if(!defined('IN_NetMao') || !isset($PHP_SELF) || !preg_match("/[\/\\\\]nmadmin\.php$/", $PHP_SELF)) exit('Access Denied'); switch($action){ case 'code_manage' : $perpage='200'; $page=$page ? $page : 1; $mpurl = "?action=code_manage&isok=$isok&type=$type&keyword=$keyword"; $offset=$page ? ($page-1)*$perpage : 0; switch($isok){ case 'no' : $WHERE ='WHERE isok=0'; break; case 'y1' : $WHERE ='WHERE isok=1'; break; case 'y2' : $WHERE ='WHERE isok=2'; break; default : $WHERE='WHERE 1'; break; } if($keyword!=''){ switch($type){ case 'url' : $ANDWHERE = "and url like '%$keyword%'"; break; case 'code' : $ANDWHERE = "and code like '%$keyword%'"; break; case 'urlid' : $ANDWHERE = "and urlid='$keyword'"; break; default : $ANDWHERE =""; break; } }else{ $ANDWHERE=''; } $query1="SELECT count(*) AS num FROM {$tablepre}codes $WHERE $ANDWHERE"; $result1=$db->query($query1); $r1=$db->fetch_array($result1); $num=$r1["num"]; $pages=phppage($num,$perpage,$page,$mpurl); $query2="SELECT * FROM {$tablepre}codes $WHERE $ANDWHERE ORDER BY urlid DESC LIMIT $offset,$perpage"; $result2=$db->query($query2); while($nmcode=$db->fetch_array($result2)){ $nmcodes[]=$nmcode; } nmcptpl('code'); break; case 'code_mod' : if(!$submit) { $result=$db->query("SELECT * FROM {$tablepre}codes WHERE urlid='$urlid'"); $code=$db->fetch_array($result); nmcptpl('code'); }else{ $db->query("UPDATE {$tablepre}codes set url='$urlnew',code='$codenew',isok='$isoknew' where urlid='$urlid'"); nmsg('operate_succeed',"?action=code_manage&isok=$isok&type=$type&keyword=$keyword&page=$page"); } break; case 'code_del' : if(!$confirmed) { nmsg('operate_duplicate', "?action=code_del&urlid=$urlid&isok=$isok&type=$type&keyword=$keyword", 'form'); }else{ $db->query("DELETE FROM {$tablepre}codes WHERE urlid='$urlid'"); nmsg('operate_succeed',"?action=code_manage&isok=$isok&type=$type&keyword=$keyword"); } break; case 'code_from' : if($cscsubmit){ $comma = ''; if(!$urlid){nmsg('operate_invalid','?action=code_manage'); } if(is_array($urlid)){foreach($urlid as $url_id){$urlids .= $comma.$url_id; $comma = '_';}}else{$urlids = $urlid;} nmsg('operate_duplicate',"?action=code_to&urlids=$urlids&cscsubmit=yes",'form'); }elseif($cy0submit){ $comma = ''; if(!$urlid){nmsg('operate_invalid','?action=code_manage'); } if(is_array($urlid)){foreach($urlid as $url_id){$urlids .= $comma.$url_id; $comma = '_';}}else{$urlids = $urlid;} nmsg('operate_duplicate',"?action=code_to&urlids=$urlids&cy0submit=yes",'form'); }elseif($cy1submit){ $comma = ''; if(!$urlid){nmsg('operate_invalid','?action=code_manage'); } if(is_array($urlid)){foreach($urlid as $url_id){$urlids .= $comma.$url_id; $comma = '_';}}else{$urlids = $urlid;} nmsg('operate_duplicate',"?action=code_to&urlids=$urlids&cy1submit=yes",'form'); }elseif($cy2submit){ $comma = ''; if(!$urlid){nmsg('operate_invalid','?action=code_manage'); } if(is_array($urlid)){foreach($urlid as $url_id){$urlids .= $comma.$url_id; $comma = '_';}}else{$urlids = $urlid;} nmsg('operate_duplicate',"?action=code_to&urlids=$urlids&csy2ubmit=yes",'form'); }elseif($cicsubmit){ $comma = ''; if(!$urlid){nmsg('operate_invalid','?action=code_manage'); } if(is_array($urlid)){foreach($urlid as $url_id){$urlids .= $comma.$url_id; $comma = '_';}}else{$urlids = $urlid;} nmsg('operate_duplicate',"?action=code_to&urlids=$urlids&cicsubmit=yes",'form'); } break; case 'code_to' : if($cscsubmit){ if(!$urlids){nmsg('operate_invalid','?action=code_manage'); } $urlids=str_replace('_',',',$urlids); $db->query("DELETE FROM {$tablepre}codes WHERE urlid in ($urlids)"); nmsg('operate_succeed','?action=code_manage'); }elseif($cy0submit){ if(!$urlids){nmsg('operate_invalid','?action=code_manage'); } $urlids=str_replace('_',',',$urlids); $db->query("UPDATE {$tablepre}codes SET isok='0' WHERE urlid in ($urlids)"); nmsg('operate_succeed','?action=code_manage'); }elseif($cy1submit){ if(!$urlids){nmsg('operate_invalid','?action=code_manage'); } $urlids=str_replace('_',',',$urlids); $db->query("UPDATE {$tablepre}codes SET isok='1' WHERE urlid in ($urlids)"); nmsg('operate_succeed','?action=code_manage'); }elseif($cy2submit){ if(!$urlids){nmsg('operate_invalid','?action=code_manage'); } $urlids=str_replace('_',',',$urlids); $db->query("UPDATE {$tablepre}codes SET isok='2' WHERE urlid in ($urlids)"); nmsg('operate_succeed','?action=code_manage'); }elseif($cicsubmit){ if(!$urlids){nmsg('operate_invalid','?action=code_manage'); } $urlids=explode('_',$urlids); foreach($urlids as $urlid){ $result1=$db->query("select * from {$tablepre}codes where urlid='$urlid'"); $r1=$db->fetch_array($result1); $netmaocode=$r1[code]; runnetmaocode($netmaocode,'3'); } nmsg('operate_succeed','?action=code_manage'); } break; case 'code_run' : $result1=$db->query("SELECT * FROM {$tablepre}codes WHERE urlid='$urlid'"); $r1=$db->fetch_array($result1); $netmaocode=$r1[code]; runnetmaocode($netmaocode,'2'); nmsg('operate_succeed',"?action=code_manage"); break; case 'code_runquery' : if(!$codesubmit){ nmcptpl('code'); }else{ runnetmaocode($netmaocode,'1'); nmsg('operate_succeed',"?action=code_runquery"); } break; } function runnetmaocode($netmaocode,$netmaotype='1'){ global $db,$tablepre,$timestamp,$urlid; preg_match_all("/<nm:([^>]+)>([\s\S]*?)<\/nm>/",$netmaocode,$matchs); for($i=0;$i<count($matchs[1]);$i++){ $labels[$matchs[1][$i]]=$matchs[2][$i]; } unset($matchs); $author='spider'; $addtime=intval($labels[addtime]); $addtime=$addtime ? $addtime : $timestamp; $cid=intval($labels[cid]); $picture=daddslashes($labels[picture]); $name=daddslashes($labels[name]); $area=daddslashes($labels[area]); $language=daddslashes($labels[language]); $actor=daddslashes($labels[actor]); $director=daddslashes($labels[director]); $content=daddslashes(trim($labels[content])); $adsense=daddslashes($labels[adsense]); $description=daddslashes($labels[description]); $keyword=daddslashes($labels[keyword]); $isrun=intval($labels[isrun]); $isindex=intval($labels[isindex]); $ismlist=intval($labels[ismlist]); $isshow=intval($labels[isshow]); $hits=intval($labels[hits]); $filecontent=trim($labels[filecontent]); if($netmaotype<'3'){ if(!$name || strlen($name) > 50 || strlen($language) > 50 || strlen($area) > 50 || strlen($actor) > 255 || strlen($director) > 255 || strlen($picture) > 255 || strlen($keyword) > 255 || strlen($description) > 255) {nmsg('info_invalid','','back');} } if($name && strlen($name) < 50 && strlen($language) < 50 && strlen($area) < 50 && strlen($actor) < 255 && strlen($director) < 255 && strlen($picture) < 255 && strlen($keyword) < 255 && strlen($description) < 255) { $db->query("INSERT INTO {$tablepre}movies(author,addtime,name,cid,area,language,actor,director,picture,content,adsense,description,keyword,isrun,isindex,ismlist,isshow,hits) VALUES('$author','$addtime','$name','$cid','$area','$language','$actor','$director','$picture','$content','$adsense','$description','$keyword','$isrun','$isindex','$ismlist','$isshow','$hits')"); $mid=$db->insert_id(); if($filecontent!=''){ $xfilecontents=explode("\r",$filecontent); foreach($xfilecontents as $i=>$xfilecontent){ if($xfilecontent!=''){ $xfiles=explode("|",trim($xfilecontent)); $fcontent=$xfiles[0]; $fname=$xfiles[1]; $fserver=$xfiles[2]; $fplayer=$xfiles[3]; $db->query("INSERT INTO {$tablepre}files(mid,name,content,server,player) VALUES('$mid','$fname','$fcontent','$fserver','$fplayer')"); } } } if($netmaotype>'1'){ $db->query("UPDATE {$tablepre}codes set isok='2' WHERE urlid='$urlid'"); } } } ?>