www.gusucode.com > citySHOP B2C商城系统 进销存 2.0.6码程序 > upload/admincp.php
<?php
define('IN_ADMINCP', true);
define('NOROBOT', true);
include './include/common.inc.php';
include './include/admin.func.php';
include APP_ROOT . './include/adminsetting.inc.php';
include_once APP_ROOT . './include/cache.func.php';
@set_time_limit(0);
$adminid = isset($adminid) ? intval($adminid) : 0;
$action = isset($action) && is_string($action) ? trim($action) : 'menus';
$do = isset($do) ? trim($do) : '';
$headlinks = showlinks('css','style');
$jslinks = showlinks('js','index');
if ($adminid <= 0) {
$cpaccess = 0;
} else {
if ($adminipaccess && $adminid == 1 && !ipaccess($onlineip, $adminipaccess)) {
$cpaccess = 2;
} else {
$addonlineip = $admincheckip ? "AND ip='$onlineip'" : '';
$query = $db->query("SELECT errorcount FROM {$tablepre}adminsessions WHERE uid='$mall_uid' $addonlineip AND dateline+1800>'$timestamp'",'SILENT');
if ($db->error()) {
$db->query("DROP TABLE IF EXISTS {$tablepre}adminsessions");
$db->query("CREATE TABLE {$tablepre}adminsessions (uid mediumint(8) UNSIGNED NOT NULL default '0', ip char(15) NOT NULL default '', dateline int(10) unsigned NOT NULL default '0', errorcount tinyint(1) NOT NULL default '0')");
$cpaccess = 1;
} else {
if ($session = $db->fetch_array($query)) {
if ($session['errorcount'] == -1) {
$db->query("UPDATE {$tablepre}adminsessions SET dateline='$timestamp' WHERE uid='$mall_uid'",
'UNBUFFERED');
$cpaccess = 3;
} elseif ($session['errorcount'] <= 3) {
$cpaccess = 1;
} else {
$cpaccess = 0;
}
} else {
$db->query("DELETE FROM {$tablepre}adminsessions WHERE uid='$mall_uid' OR dateline+1800<'$timestamp'");
$db->query("INSERT INTO {$tablepre}adminsessions (uid, ip, dateline, errorcount)
VALUES ('$mall_uid', '$onlineip', '$timestamp', '0')");
$cpaccess = 1;
}
}
}
}
$username = !empty($username) ? dhtmlspecialchars($username) : '';
$page = isset($page) ? intval((max(1, $page))) : 0;
if ($action == 'login' && $cpaccess < 3) {
include (APP_ROOT . './app/admin/logging.inc.php');
exit;
}
if ($cpaccess == 0) {
clearcookies();
showmessage('noaccess');
} elseif ($cpaccess == 1) {
$admin_password = isset($admin_password) ? $admin_password : 0;
if (!$admin_password || md5(md5($admin_password)) != $mall_pw) {
if ($admin_password) {
$db->query("UPDATE {$tablepre}adminsessions SET errorcount=errorcount+1 WHERE uid='$mall_uid'");
exit('<script language="javascript">window.parent.location.href="admincp.php?action=login";</script>');
}else{
exit('<script language="javascript">window.parent.location.href="admincp.php?action=login";</script>');
}
} else {
$db->query("UPDATE {$tablepre}adminsessions SET errorcount='-1' WHERE uid='$mall_uid'");
exit('<script language="javascript">window.parent.location.href="admincp.php";</script>');
}
} elseif ($cpaccess == 2) {
showmessage('noaccess');
}
if ($action == 'logout') {
$db->query("DELETE FROM {$tablepre}adminsessions WHERE uid='$mall_uid'");
include (APP_ROOT . './app/admin/logging.inc.php');
exit;
}
$query = $db->query("SELECT * FROM {$tablepre}usergroups WHERE groupid='$groupid'");
$group = $db->fetch_array($query);
/**
* 提示新咨询
*/
$newasks = $db->result_first("SELECT rid FROM {$tablepre}goodsreplys WHERE type='1' AND reply=''");
/**
* 提示新咨询
*/
$permissions = unserialize($group['permissions']);
$menus = $menusindex = array();
$menus['main']['dashboard'] = '常用';
$menus['main']['sale'] = '销售';
$menus['main']['goods'] = '商品';
$menus['main']['support'] = '商家';
$menus['main']['member'] = '用户';
$menus['main']['article'] = '文章';
$menus['main']['count'] = '统计';
$menus['main']['setting'] = '设置';
$menusindex['dashboard'] = 'orders';
$menusindex['sale'] = 'orders';
$menusindex['goods'] = 'goodslist';
$menusindex['support'] = 'suppliers';
$menusindex['member'] = 'edituser';
$menusindex['article'] = 'articlelist';
$menusindex['count'] = 'buyers';
$menusindex['setting'] = 'basesetting';
$menus['dashboard']['orders'] = '订单中心';
$menus['dashboard']['edituser'] = '用户管理';
$menus['dashboard']['addgoods'] = '添加商品';
$menus['dashboard']['editarticle'] = '添加文章';
$menus['dashboard']['advertisment'] = '广告管理';
$menus['dashboard']['dashboard'] = 'hide常用';
$menus['sale']['orders'] = '订单中心';
$menus['sale']['remind'] = '缺货预订信息';
$menus['sale']['payments'] = '支付记录';
$menus['sale']['ordersdel'] = '订单回收站';
$menus['sale']['chart_data'] = 'hide图表数据';
$menus['goods']['addgoods'] = '添加商品';
$menus['goods']['goodslist'] = '商品编辑/移动/上架';
$menus['goods']['packages'] = '促销/搭配/关联';
$menus['goods']['goodstype'] = '商品分类';
$menus['goods']['goodsreplies'] = '商品评价';
$menus['goods']['goodsasks'] = '商品咨询';
$menus['goods']['editgoods'] = 'hide编辑商品';
$menus['support']['addsupply'] = '添加';
$menus['support']['suppliers'] = '商家/供货商列表';
$menus['member']['adduser'] = '添加用户';
$menus['member']['edituser'] = '用户管理';
$menus['member']['managegroups'] = '管理组';
$menus['member']['usergroups'] = '用户组';
$menus['member']['advcode'] = '优惠码设置';
$menus['article']['editarticle'] = '添加文章';
$menus['article']['articlelist'] = '文章管理';
$menus['article']['articletype'] = '文章分类';
$menus['count']['buyers'] = '用户购买记录';
$menus['count']['customers'] = '客户关系';
$menus['count']['sellcount'] = '销售统计';
$menus['count']['caiwu'] = '现金流管理';
$menus['setting']['basesetting'] = '站点信息';
$menus['setting']['seo'] = '优化设置';
$menus['setting']['display'] = '显示设置';
$menus['setting']['mainmenus'] = '栏目设置';
$menus['setting']['credits'] = '积分设置';
$menus['setting']['times'] = '时间设置';
$menus['setting']['attach'] = '附件设置';
$menus['setting']['safeset'] = '功能/安全设置';
$menus['setting']['timingdo'] = '计划任务';
$menus['setting']['paysend'] = '支付及配送方式';
$menus['setting']['advertisment'] = '广告管理';
$menus['setting']['places'] = '地区设置';
$menus['setting']['links'] = '友情链接';
//$menus['setting']['database'] = '数据库管理';
$menus['setting']['ucenter'] = 'UCenter设置';
if($mall_uid != $administratorids){
foreach($menus['main'] as $s=>$v){
if(!in_array($s,$permissions)){
unset($menus['main'][$s]);
}else{
foreach($menus[$s] as $ss => $vv){
if(!in_array($ss,$permissions)){
unset($menus[$s][$ss]);
}
}
}
}
}
$actions = array('editgoods');
foreach ($menus as $s => $v) {
$actions = array_merge($actions, array_keys($menus[$s]));
}
if (!empty($action) && in_array($action, $actions)) {
include (APP_ROOT . '/app/admin/header.inc.php');
if($mall_uid != $administratorids && !in_array($action,$permissions)){
mallmsg('对不起,你没有权限。','admincp.php?action=orders');
}
include (APP_ROOT . '/app/admin/' . $action . '.inc.php');
include (APP_ROOT . '/app/admin/footer.inc.php');
} else {
include (APP_ROOT . '/app/admin/menus.inc.php');
}
?>