www.gusucode.com > 网猫影视系统NetMao Movie 4.6.6 开源版源码程序 > upload/nmadmin.php
<?php
/*
*######################################
* Netmao Movie 4.x - NetMao Movie System
* Copyright (c) 2007-2008 NetMao.cn
* For further information go to http://www.netmao.cn/
* This copyright notice must stay intact for use.
*######################################
*/
require_once './inc/common.php';
@session_start();
require_once NetMao_ROOT.'./admin/global.func.php';
$phpreferer = $_SERVER['HTTP_REFERER'];
$referer = $forward ? $forward : ($phpreferer ? $phpreferer : 'nmadmin.php');
if($loginsubmit){
if(preg_replace("/https?:\/\/([^\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) != $_SERVER['HTTP_HOST']){nmsg('profile_username_tooshort1','','back');}
$username=addslashes($username);
$password=addslashes($password);
$password=MD5($password);
$result=$db->query("SELECT * FROM {$tablepre}admins WHERE user='$username' AND pwd='$password'");
if($db->num_rows($result)==1){
$r=$db->fetch_array($result);
$_SESSION[aid]=$r[id];
$_SESSION[auser]=$r[user];
$_SESSION[apwd]=$r[pwd];
if($r[priv]=='3'){$_SESSION[apriv]=3;}
if($r[priv]=='2'){$_SESSION[apriv]=2;}
if($r[priv]=='1'){$_SESSION[apriv]=1;}
nmsg('login_succeed',$referer);
}else{
session_destroy();
nmsg('login_access_invalid',$referer);
}
}
if(!$loginsubmit){
if(!session_is_registered("apriv")){ adminlogin(); }
admincheck();
$cpscript = $cpscript ? $cpscript : 'part1';
switch($_SESSION[apriv]){
case 3 :
if($action == 'menu' || $action == 'top' || $action == 'main' || $action == 'logout' || $action == 'upload') {
$cpscript = 'part1';
}elseif($action == 'html_tohtml' || $action == 'html_createsystemdir' || $action == 'html_plugin' || $action == 'html_category' || $action == 'html_catemov' || $action == 'html_movie' || $action == 'html_movietohtml') {
$cpscript = 'part2';
}elseif($action == 'config' || $action == 'friend' || $action == 'admin_manage' || $action == 'admin_mod' || $action == 'admin_del' || $action == 'cat_manage' || $action == 'cat_add' || $action == 'cat_mod' || $action == 'cat_del' || $action == 'cat_order' || $action=='plugin_manage' || $action=='plugin_add' || $action=='plugin_mod' || $action=='plugin_del' || $action=='plugin_order' || $action=='player_manage' || $action=='player_add' || $action=='player_mod' || $action=='player_del' || $action=='player_order' || $action=='server_manage' || $action=='server_add' || $action=='server_mod' || $action=='server_del' || $action=='server_order' || $action == 'announce_manage' || $action == 'announce_mod' || $action == 'announce_del' || $action == 'announce_order') {
$cpscript = 'part3';
}elseif($action == 'movie_p_add' || $action == 'movie_p_mod' || $action == 'movie_p_del' || $action == 'movie_add' || $action == 'movie_manage' || $action == 'movie_mod' || $action == 'movie_del' || $action == 'movie_delfile' || $action == 'movie_from' || $action == 'movie_to') {
$cpscript = 'part4';
}elseif($action == 'file_manage' || $action == 'file_from' || $action == 'file_to') {
$cpscript = 'part5';
}elseif($action == 'database_export' || $action == 'database_import' || $action == 'database_runquery' || $action == 'database_optimize' || $action == 'database_getfields' || $action == 'database_replace') {
$cpscript = 'part6';
}elseif($action == 'templates' || $action == 'tpledit' || $action == 'tpladd') {
$cpscript = 'part7';
}elseif($action == 'styles') {
$cpscript = 'part8';
}elseif($action == 'code_runquery' || $action == 'code_manage' || $action == 'code_mod' || $action == 'code_del' || $action == 'code_run' || $action == 'code_from' || $action == 'code_to') {
$cpscript = 'part9';
}elseif($action == 'spider' || $action == 'spider_multi' || $action == 'spider_insert') {
$cpscript = 'part10';
}
break;
default :
adminlogin();
break;
}
$netmao_cp_file = NetMao_ROOT.'./admin/'.$cpscript.'.inc.php';
if(!file_exists($netmao_cp_file)){ nmsg('cp_file_invalid','','back'); }
require_once $netmao_cp_file;
}
function admincheck(){
extract($GLOBALS, EXTR_SKIP);
$check=$db->query("select * from {$tablepre}admins where user='$_SESSION[auser]' and pwd='$_SESSION[apwd]' and priv='$_SESSION[apriv]'");
if($db->num_rows($check) < 1){ adminlogin(); }
}
function adminlogin(){
extract($GLOBALS, EXTR_SKIP);
?>
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=<?=$charset?>"><link rel="stylesheet" type="text/css" href="./images/admin/style.css"><title>NetMao Administrator's Control Panel</title></head>
<table cellpadding="0" cellspacing="0" border="0" width="100%" height="50">
<tr>
<td ></td>
</tr>
</table>
<table cellpadding="0" cellspacing="0" border="0" width="500" align='center'>
<tr>
<td >
<table cellpadding="2" cellspacing="1" class="tableborder">
<tr>
<th colspan=2>NetMao Administrator's Control Panel</th>
</tr>
<form name="myform" method="post" action="nmadmin.php?">
<tr>
<td align="right" class="tablerow" width="40%"><?=$cplang[username]?></td>
<td class="tablerow"><input name="username" type="text" size="20"></td>
</tr>
<tr>
<td align="right" class="tablerow"><input name="forward" type="hidden" value="nmadmin.php"><?=$cplang[password]?></td>
<td class="tablerow"><input name="password" type="password" size="20"></td>
</tr>
<tr>
<td align="center" class="tablerow"></td>
<td class="tablerow"> <input type="submit" name="loginsubmit" value="<?=$cplang[ok]?>"> <input type="reset" name="Reset" value="<?=$cplang[cancel]?>"></td>
</tr>
</form>
</table></td>
</tr>
<tr>
<td height="50" align="center"></td>
</tr>
</table>
<br>
<?=NetMao_CP_CopyRight?>
</BODY>
</HTML>
<?
exit();
}
?>