www.gusucode.com > 网猫影视系统NetMao Movie 4.6.6 开源版源码程序 > upload/nmadmin.php
<?php /* *###################################### * Netmao Movie 4.x - NetMao Movie System * Copyright (c) 2007-2008 NetMao.cn * For further information go to http://www.netmao.cn/ * This copyright notice must stay intact for use. *###################################### */ require_once './inc/common.php'; @session_start(); require_once NetMao_ROOT.'./admin/global.func.php'; $phpreferer = $_SERVER['HTTP_REFERER']; $referer = $forward ? $forward : ($phpreferer ? $phpreferer : 'nmadmin.php'); if($loginsubmit){ if(preg_replace("/https?:\/\/([^\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) != $_SERVER['HTTP_HOST']){nmsg('profile_username_tooshort1','','back');} $username=addslashes($username); $password=addslashes($password); $password=MD5($password); $result=$db->query("SELECT * FROM {$tablepre}admins WHERE user='$username' AND pwd='$password'"); if($db->num_rows($result)==1){ $r=$db->fetch_array($result); $_SESSION[aid]=$r[id]; $_SESSION[auser]=$r[user]; $_SESSION[apwd]=$r[pwd]; if($r[priv]=='3'){$_SESSION[apriv]=3;} if($r[priv]=='2'){$_SESSION[apriv]=2;} if($r[priv]=='1'){$_SESSION[apriv]=1;} nmsg('login_succeed',$referer); }else{ session_destroy(); nmsg('login_access_invalid',$referer); } } if(!$loginsubmit){ if(!session_is_registered("apriv")){ adminlogin(); } admincheck(); $cpscript = $cpscript ? $cpscript : 'part1'; switch($_SESSION[apriv]){ case 3 : if($action == 'menu' || $action == 'top' || $action == 'main' || $action == 'logout' || $action == 'upload') { $cpscript = 'part1'; }elseif($action == 'html_tohtml' || $action == 'html_createsystemdir' || $action == 'html_plugin' || $action == 'html_category' || $action == 'html_catemov' || $action == 'html_movie' || $action == 'html_movietohtml') { $cpscript = 'part2'; }elseif($action == 'config' || $action == 'friend' || $action == 'admin_manage' || $action == 'admin_mod' || $action == 'admin_del' || $action == 'cat_manage' || $action == 'cat_add' || $action == 'cat_mod' || $action == 'cat_del' || $action == 'cat_order' || $action=='plugin_manage' || $action=='plugin_add' || $action=='plugin_mod' || $action=='plugin_del' || $action=='plugin_order' || $action=='player_manage' || $action=='player_add' || $action=='player_mod' || $action=='player_del' || $action=='player_order' || $action=='server_manage' || $action=='server_add' || $action=='server_mod' || $action=='server_del' || $action=='server_order' || $action == 'announce_manage' || $action == 'announce_mod' || $action == 'announce_del' || $action == 'announce_order') { $cpscript = 'part3'; }elseif($action == 'movie_p_add' || $action == 'movie_p_mod' || $action == 'movie_p_del' || $action == 'movie_add' || $action == 'movie_manage' || $action == 'movie_mod' || $action == 'movie_del' || $action == 'movie_delfile' || $action == 'movie_from' || $action == 'movie_to') { $cpscript = 'part4'; }elseif($action == 'file_manage' || $action == 'file_from' || $action == 'file_to') { $cpscript = 'part5'; }elseif($action == 'database_export' || $action == 'database_import' || $action == 'database_runquery' || $action == 'database_optimize' || $action == 'database_getfields' || $action == 'database_replace') { $cpscript = 'part6'; }elseif($action == 'templates' || $action == 'tpledit' || $action == 'tpladd') { $cpscript = 'part7'; }elseif($action == 'styles') { $cpscript = 'part8'; }elseif($action == 'code_runquery' || $action == 'code_manage' || $action == 'code_mod' || $action == 'code_del' || $action == 'code_run' || $action == 'code_from' || $action == 'code_to') { $cpscript = 'part9'; }elseif($action == 'spider' || $action == 'spider_multi' || $action == 'spider_insert') { $cpscript = 'part10'; } break; default : adminlogin(); break; } $netmao_cp_file = NetMao_ROOT.'./admin/'.$cpscript.'.inc.php'; if(!file_exists($netmao_cp_file)){ nmsg('cp_file_invalid','','back'); } require_once $netmao_cp_file; } function admincheck(){ extract($GLOBALS, EXTR_SKIP); $check=$db->query("select * from {$tablepre}admins where user='$_SESSION[auser]' and pwd='$_SESSION[apwd]' and priv='$_SESSION[apriv]'"); if($db->num_rows($check) < 1){ adminlogin(); } } function adminlogin(){ extract($GLOBALS, EXTR_SKIP); ?> <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=<?=$charset?>"><link rel="stylesheet" type="text/css" href="./images/admin/style.css"><title>NetMao Administrator's Control Panel</title></head> <table cellpadding="0" cellspacing="0" border="0" width="100%" height="50"> <tr> <td ></td> </tr> </table> <table cellpadding="0" cellspacing="0" border="0" width="500" align='center'> <tr> <td > <table cellpadding="2" cellspacing="1" class="tableborder"> <tr> <th colspan=2>NetMao Administrator's Control Panel</th> </tr> <form name="myform" method="post" action="nmadmin.php?"> <tr> <td align="right" class="tablerow" width="40%"><?=$cplang[username]?></td> <td class="tablerow"><input name="username" type="text" size="20"></td> </tr> <tr> <td align="right" class="tablerow"><input name="forward" type="hidden" value="nmadmin.php"><?=$cplang[password]?></td> <td class="tablerow"><input name="password" type="password" size="20"></td> </tr> <tr> <td align="center" class="tablerow"></td> <td class="tablerow"> <input type="submit" name="loginsubmit" value="<?=$cplang[ok]?>"> <input type="reset" name="Reset" value="<?=$cplang[cancel]?>"></td> </tr> </form> </table></td> </tr> <tr> <td height="50" align="center"></td> </tr> </table> <br> <?=NetMao_CP_CopyRight?> </BODY> </HTML> <? exit(); } ?>