www.gusucode.com > ShopEx481 & PHPWind 整合版码程序 > bbs/hack/colony/admin.php
<?php
!function_exists('readover') && exit('Forbidden');
@include_once(D_P.'data/bbscache/cn_config.php');
if (!$action) {
require_once(R_P.'require/credit.php');
$credittype = GetCreditType();
ifcheck($cn_open,'open');
ifcheck($cn_remove,'remove');
ifcheck($cn_newcolony,'newcolony');
ifcheck($cn_virement,'virement');
$creategroup = ''; $num = 0;
foreach ($ltitle as $key => $value) {
if ($key!=1 && $key!=2) {
$num++;
$htm_tr = $num % 4 == 0 ? '</tr><tr>' : '';
$g_checked = strpos($cn_groups,",$key,")!==false ? 'checked' : '';
$creategroup .= "<td><input type=\"checkbox\" name=\"groups[]\" value=\"$key\" $g_checked>$value</td>$htm_tr";
}
}
$creategroup && $creategroup = "<table cellspacing=\"0\" cellpadding=\"0\" border=\"0\" width=\"100%\" align=\"center\"><tr>$creategroup</tr></table>";
require_once PrintHack('admin');
} elseif ($action=='setting') {
@include_once(D_P.'data/bbscache/cn_config.php');
!is_array($config = $_POST['config']) && $config = array();
foreach ($config as $key => $value) {
if ($value) {
$isint = false;
if ($_POST['step']=='basic') {
if ($key=='name' || $key=='moneytype') {
$config[$key] = Char_cv($value);
} elseif ($key=='rate') {
$config[$key] = (double)$value;
} else {
$isint = true;
}
} else {
$isint = true;
}
$isint && $config[$key] = (int)$value;
}
}
if ($_POST['step']=='basic') {
!is_array($groups = $_POST['groups']) && $groups = array();
$config['groups'] = ','.implode(',',$groups).',';
}
$updatecache = false;
foreach ($config as $key => $value) {
if (${'cn_'.$key}!=$value) {
$db->pw_update(
"SELECT hk_name FROM pw_hack WHERE hk_name='cn_$key'",
"UPDATE pw_hack SET hk_value='$value' WHERE hk_name='cn_$key'",
"INSERT INTO pw_hack(hk_name,hk_value) VALUES ('cn_$key','$value')"
);
$updatecache = true;
}
}
$j_url = '';
if ($_POST['step']=='updatecache') {
$updatecache = true;
$j_url = "$basename&action=cache";
} elseif ($_POST['step']=='photo') {
$j_url = "$basename&action=photo";
}
$updatecache && updatecache_cy();
adminmsg('operate_success',$j_url);
} elseif ($action=='photo') {
@include_once(D_P.'data/bbscache/cn_config.php');
require_once(R_P.'require/credit.php');
list($credittype,$creditunit) = GetCreditValue($cn_moneytype);
!in_array($cn_mkdir,array(1,2,3)) && $cn_mkdir = 1;
${'mkdir'.$cn_mkdir} = 'checked';
ifcheck($cn_phopen,'phopen');
require_once PrintHack('admin');
} elseif ($action=='class') {
@include_once(D_P.'data/bbscache/cn_config.php');
$cnclassdb = array();
$query = $db->query('SELECT * FROM pw_cnclass ORDER BY cid');
while ($rt = $db->fetch_array($query)) {
$rt['cnsum'] = (int)$rt['cnsum'];
$cnclassdb[] = $rt;
}
$db->free_result($query);
require_once PrintHack('admin');
} elseif ($action=='update_cl') {
$updatecache = false;
$j_url = "$basename&action=class";
$step = Char_cv(GetGP('step'));
if ($step=='add') {
!is_array($cname = $_POST['cname']) && $cname = array();
$insert = $cnames = '';
foreach ($cname as $key => $value) {
if (is_numeric($key)) {
$value = Char_cv(trim($value));
if ($value) {
$cnames .= ",'$value'";
$insert .= ",('$value')";
}
}
}
if ($cnames) {
$query = $db->query("SELECT cname FROM pw_cnclass WHERE cname IN (".substr($cnames,1).")");
while ($rt = $db->fetch_array($query,MYSQL_NUM)) {
$rt[0] = addslashes($rt[0]);
$insert = str_replace(",('$rt[0]')",'',$insert);
}
}
if ($insert) {
$updatecache = true;
$db->update('INSERT INTO pw_cnclass (cname) VALUES '.substr($insert,1));
}
} elseif ($step=='edit') {
!is_array($selid = $_POST['selid']) && $selid = array();
foreach ($selid as $key => $value) {
if (is_numeric($key)) {
$value = Char_cv(trim($value));
if ($value && !$db->get_value("SELECT cid FROM pw_cnclass WHERE cname='$value' AND cid!='$key'")) {
$updatecache = true;
$db->update("UPDATE pw_cnclass SET cname='$value' WHERE cid='$key'");
}
}
}
} elseif ($step=='del') {
$id = (int)$_GET['id'];
if ($id) {
$updatecache = true;
$db->update("UPDATE pw_colonys SET classid='' WHERE classid='$id'");
$db->update("DELETE FROM pw_cnclass WHERE cid='$id'");
}
} elseif ($step=='updatecache') {
$db->update("UPDATE pw_cnclass SET cnsum='0'");
$query = $db->query("SELECT id,classid,COUNT(*) FROM pw_colonys WHERE classid>0 GROUP BY classid");
while ($rt = $db->fetch_array($query,MYSQL_NUM)) {
if (!$db->get_value("SELECT COUNT(*) FROM pw_cnclass WHERE cid='$rt[1]'")) {
$db->update("UPDATE pw_colonys SET classid='0' WHERE id='$rt[0]'");
} else {
$db->update("UPDATE pw_cnclass SET cnsum='$rt[2]' WHERE cid='$rt[1]'");
}
}
$updatecache = true;
$j_url = "$basename&action=cache";
}
$updatecache && updatecache_cnc();
adminmsg('operate_success',$j_url);
} elseif ($action=='colony') {
@include_once(D_P.'data/bbscache/cn_config.php');
@include_once(D_P.'data/bbscache/cn_class.php');
!is_array($cnclassdb) && $cnclassdb = array();
$pages = '';
$db_perpage = 20;
$colonys = array();
$page = GetGP('page');
(int)$page<1 && $page = 1;
$id = ($page-1)*$db_perpage;
$query = $db->query("SELECT id,cname,classid FROM pw_colonys LIMIT $id,$db_perpage");
while ($rt = $db->fetch_array($query)) {
$rt['cname'] = trim($rt['cname']);
$rt['classname'] = $rt['classid'] ? $cnclassdb[$rt['classid']] : '';
$colonys[] = $rt;
}
$db->free_result($query);
$count = $db->get_value('SELECT COUNT(*) FROM pw_colonys');
if ($count > $db_perpage) {
require_once(R_P.'require/forum.php');
$pages = numofpage($count,$page,ceil($count/$db_perpage),"$basename&action=colony&");
}
require_once PrintHack('admin');
} elseif ($action=='update_c') {
$step = Char_cv(GetGP('step'));
if ($step=='edit') {
!is_array($cid = $_POST['cid']) && $cid = array();
!is_array($cname = $_POST['cname']) && $cname = array();
$sleep = 0;
foreach ($cname as $key => $value) {
$value = Char_cv(trim($value));
if (is_numeric($key) && $value && !$db->get_value("SELECT COUNT(*) FROM pw_colonys WHERE cname='$value' AND id!='$key'")) {
$newcid = (int)$cid[$key];
$oldcid = $db->get_value("SELECT classid FROM pw_colonys WHERE id='$key'");
if ($newcid!=$oldcid) {
$sleep%20==0 && sleep(1);
$sleep++;
$db->update("UPDATE pw_cnclass SET cnsum=cnsum-1 WHERE cid='$oldcid'");
$db->update("UPDATE pw_cnclass SET cnsum=cnsum+1 WHERE cid='$newcid'");
}
$db->update("UPDATE pw_colonys SET cname='$value',classid='$newcid' WHERE id='$key'");
}
}
} elseif ($step=='del') {
$id = (int)$_GET['id'];
$rt = $db->get_one("SELECT classid,cnimg FROM pw_colonys WHERE id='$id'");
if (!empty($rt)) {
$ftp = null;
if ($db_ifftp) {
require_once(R_P.'require/ftp.php');
$ftp = new FTP($ftp_server,$ftp_port,$ftp_user,$ftp_pass,$ftp_dir);
}
Delcnimg($rt['cnimg']);
$db->update("DELETE FROM pw_argument WHERE gid='$id'");
$db->update("DELETE FROM pw_cmembers WHERE colonyid='$id'");
$db->update("DELETE FROM pw_colonys WHERE id='$id'");
$db->update("UPDATE pw_cnclass SET cnsum=cnsum-1 WHERE cid='$rt[classid]'");
if ($ftp) {
$ftp->close(); unset($ftp);
}
}
}
updatecache_cnc();
adminmsg('operate_success',"$basename&action=colony");
} elseif ($action=='log') {
if ($_POST['step']!='del') {
@include_once(D_P.'data/bbscache/cn_config.php');
require_once GetLang('log');
InitGP(array('keyword','page'));
$db_perpage = 20;
$logdb = array();
$pages = $sqladd = $addpages = '';
if ($keyword) {
$sqladd = " AND descrip LIKE '%$keyword%'";
$addpages = "&keyword=".rawurlencode($keyword);
}
(int)$page<1 && $page = 1;
$id = ($page-1)*$db_perpage;
$query = $db->query("SELECT id,type,field2,field3,username1,timestamp,descrip FROM pw_forumlog WHERE type LIKE 'cy\_%'$sqladd LIMIT $id,$db_perpage");
while ($rt = $db->fetch_array($query)) {
$rt['timestamp'] = get_date($rt['timestamp']);
$rt['descrip'] = str_replace(array('[b]','[/b]'),array('<b>','</b>'),$rt['descrip']);
$logdb[] = $rt;
}
$db->free_result($query);
$count = $db->get_value("SELECT COUNT(*) FROM pw_forumlog WHERE type LIKE 'cy\_%'$sqladd");
if ($count > $db_perpage) {
require_once(R_P.'require/forum.php');
$pages = numofpage($count,$page,ceil($count/$db_perpage),"$basename&action=log$addpages&");
}
require_once PrintHack('admin');
} else {
if (!($selid = checkselid(GetGP('selid','P')))) {
$basename = 'javascript:history.go(-1);';
adminmsg('operate_error');
}
$db->update("DELETE FROM pw_forumlog WHERE type LIKE 'cy\_%' AND id IN($selid)");
adminmsg('operate_success',"$basename&action=log");
}
} elseif ($action=='cache') {
if ($_POST['step']=='delcolony') {
$ftp = null;
if ($db_ifftp) {
require_once(R_P.'require/ftp.php');
$ftp = new FTP($ftp_server,$ftp_port,$ftp_user,$ftp_pass,$ftp_dir);
}
$query = $db->query("SELECT id,cnimg FROM pw_colonys WHERE classid<1");
while ($rt = $db->fetch_array($query,MYSQL_NUM)) {
Delcnimg($rt[1]);
$db->update("DELETE FROM pw_argument WHERE gid='$rt[0]'");
$db->update("DELETE FROM pw_cmembers WHERE colonyid='$rt[0]'");
$db->update("DELETE FROM pw_colonys WHERE id='$rt[0]'");
}
if ($ftp) {
$ftp->close(); unset($ftp);
}
adminmsg('operate_success',"$basename&action=cache");
} else {
@include_once(D_P.'data/bbscache/cn_config.php');
require_once PrintHack('admin');
}
} elseif ($action=='argument'){
InitGP(array(step));
if($step == 'list'){
InitGP(array('page','cid','author','ckauthor','keyword','ktype','ttype','ckkeyword','postdate1','postdate2','topped','orderby','sc','perpage'));
if((int)$cid > 0){
$sql .= ($sql ? " AND" : "")." c.classid='$cid'";
$addpage .= "cid=$cid&";
}
if((int)$ttype > 0){
if($ttype == 1){
$sql .= ($sql ? " AND" : "")." a.tpcid='0'";
}elseif($ttype == 2){
$sql .= ($sql ? " AND" : "")." a.tpcid>'0'";
}
}
if(strlen($author) > 0){
if($ckauthor){
$sql .= ($sql ? " AND" : "")." a.author='$author'";
$addpage .="author=$author&ckauthor=$ckauthor&";
}else{
$sql .= ($sql ? " AND" : "")." a.author LIKE '%".str_replace('*','%',$author)."%'";
$addpage .="author=$author&";
}
}
if(strlen($keyword) > 0){
if($ktype == 'subject'){
if($ckkeyword){
$sql .= ($sql ? " AND" : "")." a.subject='$keyword'";
$addpage .="subject=$keyword&ckkeyword=$ckkeyword&";
}else{
$sql .= ($sql ? " AND" : "")." a.subject LIKE '%".str_replace('*','%',$keyword)."%'";
$addpage .="subject=$keyword&";
}
}elseif($ktype == 'content'){
if($ckkeyword){
$sql .= ($sql ? " AND" : "")." a.content='$keyword'";
$addpage .="content=$keyword&ckkeyword=$ckkeyword&";
}else{
$sql .= ($sql ? " AND" : "")." a.content LIKE '%".str_replace('*','%',$keyword)."%'";
$addpage .="content=$keyword&";
}
}
}
if (strlen($postdate1) > 0 || strlen($postdate2) > 0) {
if ($postdate1) {
!is_numeric($postdate1) && $postdate1 = PwStrtoTime($postdate1);
$sql .= ($sql ? ' AND' : '')." a.postdate>'$postdate1'";
$addpage .= "postdate1=$postdate1&";
}
if ($postdate2) {
!is_numeric($postdate2) && $postdate2 = PwStrtoTime($postdate2);
$sql .= ($sql ? ' AND' : '')." a.postdate<'$postdate2'";
$addpage .= "postdate2=$postdate2&";
}
}
if ($topped > 0){
$sql .= ($sql ? " AND" : "")." a.topped='$topped'";
$addpage .= "topped=$topped&";
}
$where = $sql ? "WHERE ".$sql : "";
$orderby = $orderby == 'postdate' ? 'ORDER BY a.postdate' : 'ORDER BY a.authorid';
$sc != 'ASC' && $sc = 'DESC';
!$perpage && $perpage = $db_perpage;
(int)$page<1 && $page = 1;
$limit = " LIMIT ".($page-1)*$perpage.",".$perpage;
$query = $db->query("SELECT a.tid,a.tpcid,a.gid,a.author,a.authorid,a.postdate,a.topped,a.subject,c.cname FROM pw_argument a LEFT JOIN pw_colonys c ON a.gid=c.id $where $orderby $sc $limit");
while($rt = $db->fetch_array($query)){
$rt['postdate'] = get_date($rt['postdate'],'Y-m-d');
$rt['baktid'] = $rt['tid'];
$rt['tpcid'] != 0 && $rt['baktid'] = $rt['tpcid'];
$argumentdb[] = $rt;
}
$db->free_result($query);
@extract($db->get_one("SELECT COUNT(*) AS count FROM pw_argument a LEFT JOIN pw_colonys c ON a.gid=c.id $where"));
if ($count > $perpage) {
require_once(R_P.'require/forum.php');
$pages = numofpage($count,$page,ceil($count/$perpage),"$basename&action=argument&step=list&$addpage");
}
}elseif($step == 'delete'){
$selids = '';
InitGP(array('selid'),'P',1);
if (is_array($selid)) {
foreach ($selid as $value) {
if (is_numeric($value)) {
$selids .= ($selids ? ',' : '')."'$value'";
}
}
}
!$selids && adminmsg('selid_illegal');
$selids = strpos($selids,',')!==false ? "IN ($selids)" : "= $selids";
$db->update("DELETE FROM pw_argument WHERE tid $selids");
$db->update("DELETE FROM pw_argument WHERE tpcid $selids");
adminmsg('operate_success',"$basename&action=argument&");
}else{
@include_once(D_P.'data/bbscache/cn_class.php');
empty($cnclassdb) && $cnclassdb = array();
foreach($cnclassdb as $key => $value){
$classoption .= '<option value="'.$key.'">'.$value[cname].'</option>';
}
}
require_once PrintHack('admin');
}
function Delcnimg($filename){
global $attachdir,$db_ftpweb,$ftp;
if (strpos($filename,'..')!==false) {
return false;
}
if (file_exists("$attachdir/cn_img/$filename")) {
P_unlink("$attachdir/cn_img/$filename");
} elseif ($db_ftpweb) {
$ftp->delete("cn_img/$filename");
}
}
function updatecache_cnc(){
global $db;
$cnclassdb = array();
$query = $db->query('SELECT cid,cname,cnsum FROM pw_cnclass ORDER BY cid');
while ($rt = $db->fetch_array($query)) {
$cnclassdb[$rt['cid']] = array('cname' => $rt['cname'],'cnsum' => $rt['cnsum']);
}
writeover(D_P."data/bbscache/cn_class.php","<?php\r\n\$cnclassdb=".pw_var_export($cnclassdb).";\r\n?>");
}
?>