www.gusucode.com > citySHOP B2C商城系统 进销存 2.0.6码程序 > upload/admincp.php
<?php define('IN_ADMINCP', true); define('NOROBOT', true); include './include/common.inc.php'; include './include/admin.func.php'; include APP_ROOT . './include/adminsetting.inc.php'; include_once APP_ROOT . './include/cache.func.php'; @set_time_limit(0); $adminid = isset($adminid) ? intval($adminid) : 0; $action = isset($action) && is_string($action) ? trim($action) : 'menus'; $do = isset($do) ? trim($do) : ''; $headlinks = showlinks('css','style'); $jslinks = showlinks('js','index'); if ($adminid <= 0) { $cpaccess = 0; } else { if ($adminipaccess && $adminid == 1 && !ipaccess($onlineip, $adminipaccess)) { $cpaccess = 2; } else { $addonlineip = $admincheckip ? "AND ip='$onlineip'" : ''; $query = $db->query("SELECT errorcount FROM {$tablepre}adminsessions WHERE uid='$mall_uid' $addonlineip AND dateline+1800>'$timestamp'",'SILENT'); if ($db->error()) { $db->query("DROP TABLE IF EXISTS {$tablepre}adminsessions"); $db->query("CREATE TABLE {$tablepre}adminsessions (uid mediumint(8) UNSIGNED NOT NULL default '0', ip char(15) NOT NULL default '', dateline int(10) unsigned NOT NULL default '0', errorcount tinyint(1) NOT NULL default '0')"); $cpaccess = 1; } else { if ($session = $db->fetch_array($query)) { if ($session['errorcount'] == -1) { $db->query("UPDATE {$tablepre}adminsessions SET dateline='$timestamp' WHERE uid='$mall_uid'", 'UNBUFFERED'); $cpaccess = 3; } elseif ($session['errorcount'] <= 3) { $cpaccess = 1; } else { $cpaccess = 0; } } else { $db->query("DELETE FROM {$tablepre}adminsessions WHERE uid='$mall_uid' OR dateline+1800<'$timestamp'"); $db->query("INSERT INTO {$tablepre}adminsessions (uid, ip, dateline, errorcount) VALUES ('$mall_uid', '$onlineip', '$timestamp', '0')"); $cpaccess = 1; } } } } $username = !empty($username) ? dhtmlspecialchars($username) : ''; $page = isset($page) ? intval((max(1, $page))) : 0; if ($action == 'login' && $cpaccess < 3) { include (APP_ROOT . './app/admin/logging.inc.php'); exit; } if ($cpaccess == 0) { clearcookies(); showmessage('noaccess'); } elseif ($cpaccess == 1) { $admin_password = isset($admin_password) ? $admin_password : 0; if (!$admin_password || md5(md5($admin_password)) != $mall_pw) { if ($admin_password) { $db->query("UPDATE {$tablepre}adminsessions SET errorcount=errorcount+1 WHERE uid='$mall_uid'"); exit('<script language="javascript">window.parent.location.href="admincp.php?action=login";</script>'); }else{ exit('<script language="javascript">window.parent.location.href="admincp.php?action=login";</script>'); } } else { $db->query("UPDATE {$tablepre}adminsessions SET errorcount='-1' WHERE uid='$mall_uid'"); exit('<script language="javascript">window.parent.location.href="admincp.php";</script>'); } } elseif ($cpaccess == 2) { showmessage('noaccess'); } if ($action == 'logout') { $db->query("DELETE FROM {$tablepre}adminsessions WHERE uid='$mall_uid'"); include (APP_ROOT . './app/admin/logging.inc.php'); exit; } $query = $db->query("SELECT * FROM {$tablepre}usergroups WHERE groupid='$groupid'"); $group = $db->fetch_array($query); /** * 提示新咨询 */ $newasks = $db->result_first("SELECT rid FROM {$tablepre}goodsreplys WHERE type='1' AND reply=''"); /** * 提示新咨询 */ $permissions = unserialize($group['permissions']); $menus = $menusindex = array(); $menus['main']['dashboard'] = '常用'; $menus['main']['sale'] = '销售'; $menus['main']['goods'] = '商品'; $menus['main']['support'] = '商家'; $menus['main']['member'] = '用户'; $menus['main']['article'] = '文章'; $menus['main']['count'] = '统计'; $menus['main']['setting'] = '设置'; $menusindex['dashboard'] = 'orders'; $menusindex['sale'] = 'orders'; $menusindex['goods'] = 'goodslist'; $menusindex['support'] = 'suppliers'; $menusindex['member'] = 'edituser'; $menusindex['article'] = 'articlelist'; $menusindex['count'] = 'buyers'; $menusindex['setting'] = 'basesetting'; $menus['dashboard']['orders'] = '订单中心'; $menus['dashboard']['edituser'] = '用户管理'; $menus['dashboard']['addgoods'] = '添加商品'; $menus['dashboard']['editarticle'] = '添加文章'; $menus['dashboard']['advertisment'] = '广告管理'; $menus['dashboard']['dashboard'] = 'hide常用'; $menus['sale']['orders'] = '订单中心'; $menus['sale']['remind'] = '缺货预订信息'; $menus['sale']['payments'] = '支付记录'; $menus['sale']['ordersdel'] = '订单回收站'; $menus['sale']['chart_data'] = 'hide图表数据'; $menus['goods']['addgoods'] = '添加商品'; $menus['goods']['goodslist'] = '商品编辑/移动/上架'; $menus['goods']['packages'] = '促销/搭配/关联'; $menus['goods']['goodstype'] = '商品分类'; $menus['goods']['goodsreplies'] = '商品评价'; $menus['goods']['goodsasks'] = '商品咨询'; $menus['goods']['editgoods'] = 'hide编辑商品'; $menus['support']['addsupply'] = '添加'; $menus['support']['suppliers'] = '商家/供货商列表'; $menus['member']['adduser'] = '添加用户'; $menus['member']['edituser'] = '用户管理'; $menus['member']['managegroups'] = '管理组'; $menus['member']['usergroups'] = '用户组'; $menus['member']['advcode'] = '优惠码设置'; $menus['article']['editarticle'] = '添加文章'; $menus['article']['articlelist'] = '文章管理'; $menus['article']['articletype'] = '文章分类'; $menus['count']['buyers'] = '用户购买记录'; $menus['count']['customers'] = '客户关系'; $menus['count']['sellcount'] = '销售统计'; $menus['count']['caiwu'] = '现金流管理'; $menus['setting']['basesetting'] = '站点信息'; $menus['setting']['seo'] = '优化设置'; $menus['setting']['display'] = '显示设置'; $menus['setting']['mainmenus'] = '栏目设置'; $menus['setting']['credits'] = '积分设置'; $menus['setting']['times'] = '时间设置'; $menus['setting']['attach'] = '附件设置'; $menus['setting']['safeset'] = '功能/安全设置'; $menus['setting']['timingdo'] = '计划任务'; $menus['setting']['paysend'] = '支付及配送方式'; $menus['setting']['advertisment'] = '广告管理'; $menus['setting']['places'] = '地区设置'; $menus['setting']['links'] = '友情链接'; //$menus['setting']['database'] = '数据库管理'; $menus['setting']['ucenter'] = 'UCenter设置'; if($mall_uid != $administratorids){ foreach($menus['main'] as $s=>$v){ if(!in_array($s,$permissions)){ unset($menus['main'][$s]); }else{ foreach($menus[$s] as $ss => $vv){ if(!in_array($ss,$permissions)){ unset($menus[$s][$ss]); } } } } } $actions = array('editgoods'); foreach ($menus as $s => $v) { $actions = array_merge($actions, array_keys($menus[$s])); } if (!empty($action) && in_array($action, $actions)) { include (APP_ROOT . '/app/admin/header.inc.php'); if($mall_uid != $administratorids && !in_array($action,$permissions)){ mallmsg('对不起,你没有权限。','admincp.php?action=orders'); } include (APP_ROOT . '/app/admin/' . $action . '.inc.php'); include (APP_ROOT . '/app/admin/footer.inc.php'); } else { include (APP_ROOT . '/app/admin/menus.inc.php'); } ?>