www.gusucode.com > ShopEx481 & PHPWind 整合版码程序 > bbs/hack/colony/require/adminset.php
<?php !function_exists('readover') && exit('Forbidden'); !$admindb[$winduid] && $groupid!=3 && Showmsg('colony_nocheck'); if ($job == 'set') { !$admindb[$winduid] && $groupid!=3 && Showmsg('colony_adminright'); if ($_POST['step']!=2) { require_once PrintHack('home'); @include_once(D_P.'data/bbscache/cn_class.php'); $options = ''; if (is_array($cnclassdb)) { foreach ($cnclassdb as $key => $value) { $select = ($key == $alldb['classid']) ? 'SELECTED' : ''; $options .= "<option value=\"$key\" $select>$value[cname]</option>"; } } ifcheck(array('ifcheck' => $alldb['ifcheck'],'ifopen' => $alldb['ifopen'],'albumopen' => $alldb['albumopen'])); } else { InitGP(array('cname','attachment','annouce','descrip'),'P',1); !$cname && Showmsg('colony_emptyname'); strlen($cname) > 20 && Showmsg('colony_cnamelimit'); (!$descrip || strlen($descrip) > 255) && Showmsg('colony_descriplimit'); strlen($annouce) > 255 && Showmsg('colony_annoucelimit'); if ($alldb['cname'] != $cname){ $rt = $db->get_one("SELECT id FROM pw_colonys WHERE cname='$cname'"); $rt['id'] && Showmsg('colony_samename'); } InitGP(array('classid','ifcheck','ifopen','albumopen','intomoney'),'P'); $classid = (int)$classid; $ifcheck = (int)$ifcheck; $ifopen = (int)$ifopen; $albumopen = (int)$albumopen; (int)$intomoney < 0 && $intomoney = 0; if($cn_joinmoney && $intomoney < $cn_joinmoney){ $intomoney = $cn_joinmoney; } require_once(R_P.'require/postfunc.php'); !$cn_imgsize && $cn_imgsize = 100; $db_uploadfiletype = array(); $db_uploadfiletype['gif'] = $db_uploadfiletype['jpg'] = $db_uploadfiletype['jpeg'] = $db_uploadfiletype['bmp'] = $db_uploadfiletype['png'] = $cn_imgsize; $ftp = null; if ($db_ifftp) { require_once(R_P.'require/ftp.php'); $ftp = new FTP($ftp_server,$ftp_port,$ftp_user,$ftp_pass,$ftp_dir); } $uploaddb = UploadFile($cyid,'cnlogo'); if ($ftp) { $ftp->close(); unset($ftp); } $cnimg = $uploaddb[0]['attachurl'] ? ",cnimg='".substr(strrchr($uploaddb[0]['attachurl'],'/'),1)."'" : ''; $db->update("UPDATE pw_colonys SET cname='$cname',classid='$classid',ifcheck='$ifcheck',albumopen='$albumopen' $cnimg,intomoney='$intomoney',annouce='$annouce',ifopen='$ifopen',descrip='$descrip' WHERE id='$cyid'"); refreshto("$basename&cyid=$cyid&job=view",'colony_setsuccess'); } } elseif ($job=='joinlog') { !$admindb[$winduid] && $groupid!=3 && Showmsg('colony_adminright'); require_once PrintHack('home'); (int)$page < 1 && $page = 1; $pageid = ($page-1)*$db_perpage; $limit = "LIMIT $pageid,$db_perpage"; $logdb = array(); $query = $db->query("SELECT username1,username2,timestamp,descrip FROM pw_forumlog WHERE field2='$cyid' AND type='cy_join' ORDER BY id DESC $limit"); while ($rt = $db->fetch_array($query)) { $rt['timestamp'] = get_date($rt['timestamp']); $rt['descrip'] = str_replace(array('[b]','[/b]'),array('<b>','</b>'),$rt['descrip']); $logdb[] = $rt; } $db->free_result($query); @extract($db->get_one("SELECT COUNT(*) AS count FROM pw_forumlog WHERE field2='$cyid' AND type='cy_join'")); if ($count > $db_perpage) { require_once(R_P.'require/forum.php'); $pages = numofpage($count,$page,ceil($count/$db_perpage),"$basename&cyid=$cyid&job=joinlog&"); } } elseif ($job=='currency') { $windid != $alldb['admin'] && Showmsg('colony_currency_right'); !$cn_virement && Showmsg('colony_currency'); if ($_POST['step'] != 2) { require_once PrintHack('home'); } else { InitGP(array('pwuser','pwpwd','currency')); @extract($db->get_one("SELECT uid as touid FROM pw_cmembers WHERE colonyid='$cyid' AND username='$pwuser'")); !$touid && Showmsg('no_colony_member'); (!is_numeric($currency) || $currency < 0) && Showmsg('illegal_nums'); if ($pwpwd) { $rt = $db->get_one("SELECT password FROM pw_members WHERE uid='$winduid'"); $rt['password'] != md5($pwpwd) && Showmsg('password_error'); } else { Showmsg('empty_password'); } $tax = round($currency*$cn_rate/100); $needcurrency = $currency + $tax; $alldb['cmoney'] < $needcurrency && Showmsg('colony_noenough_currency'); $db->update("UPDATE pw_colonys SET cmoney=cmoney-'$needcurrency' WHERE id='$cyid'"); if (in_array($cn_moneytype,array('money','rvrc','credit','currency'))) { $currencys = $cn_moneytype == 'rvrc' ? $currency*10 : $currency; $db->update("UPDATE pw_memberdata SET $cn_moneytype=$cn_moneytype+'$currencys' WHERE uid='$touid'"); } elseif (is_numeric($cn_moneytype) && isset($_CREDITDB[$cn_moneytype])) { $db->update("UPDATE pw_membercredit SET value=value+'$currency' WHERE uid='$touid' AND cid='$cn_moneytype'"); } if ($cn_moneytype == 'currency') { require_once(R_P.'require/tool.php'); $logdata = array( 'type' => 'vire', 'nums' => 0, 'money' => 0, 'descrip' => 'cyvire_descrip', 'uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'time' => $timestamp, 'currency' => $currency, 'toname' => $pwuser, 'tax' => $tax ); writetoollog($logdata); } $log = array( 'type' => 'cy_vire', 'username1' => Char_cv($pwuser), 'username2' => Char_cv($windid), 'field1' => $currency, 'field2' => $cyid, 'field3' => Char_cv($alldb['cname']), 'timestamp' => $timestamp, 'ip' => $onlineip, 'cname' => $alldb['cname'], 'tax' => $tax ); require GetLang('log'); $log['descrip'] = Char_cv($lang['cy_vire_descrip']); $db->update("INSERT INTO pw_forumlog (type,username1,username2,field1,field2,field3,descrip,timestamp,ip) VALUES('$log[type]','$log[username1]','$log[username2]','$log[field1]','$log[field2]','$log[field3]','$log[descrip]','$log[timestamp]','$log[ip]')"); require_once(R_P.'require/msg.php'); writenewmsg(array($pwuser,$winduid,'cyvire_title',$timestamp,'cyvire_content','',$windid),1); Showmsg('virement_success'); } } elseif ($job=='currencylog') { require_once PrintHack('home'); @extract($db->get_one("SELECT COUNT(*) AS count FROM pw_forumlog WHERE field2='$cyid' AND type='cy_vire'")); if ($count > $db_perpage) { (int)$page < 1 && $page = 1; require_once(R_P.'require/forum.php'); $pages = numofpage($count,$page,ceil($count/$db_perpage),"$basename&job=donatelog&cyid=$cyid&"); } else { $page = 1; } $logdb = array(); $query = $db->query("SELECT username1,username2,descrip,timestamp FROM pw_forumlog WHERE field2='$cyid' AND type='cy_vire' ORDER BY id DESC LIMIT ".($page-1)*$db_perpage.",$db_perpage"); while ($rt = $db->fetch_array($query)) { $rt['timestamp'] = get_date($rt['timestamp'],"Y-m-d H:i"); $rt['descrip'] = str_replace(array('[b]','[/b]'),array('<b>','</b>'),$rt['descrip']); $logdb[] = $rt; } $db->free_result($query); } elseif ($job=='update') { $alldb['level']>0 && Showmsg('colony_update'); if ($_POST['step']!=2) { require_once PrintHack('home'); } else { $alldb['cmoney'] < $cn_updatemoney && Showmsg('colony_updatemoney'); $db->update("UPDATE pw_colonys SET level=1,cmoney=cmoney-'$cn_updatemoney' WHERE id='$cyid'"); refreshto("$basename&job=view&cyid=$cyid",'operate_success'); } } elseif ($job=='cancel') { !$cn_remove && Showmsg('colony_cancelclose'); if($alldb['admin']!=$windid){ Showmsg('colony_cancel'); } else { $alldb['members']>1 && Showmsg('colony_del_members'); @extract($db->get_one("SELECT COUNT(*) as count FROM pw_cnalbum WHERE cyid='$cyid'")); $count > 0 && Showmsg('colony_del_photo'); } if ($db_ifftp && $alldb['tmpimgtype'] == 'Ftp') { require_once(R_P.'require/ftp.php'); $ftp = new FTP($ftp_server,$ftp_port,$ftp_user,$ftp_pass,$ftp_dir); $ftp->delete("cn_img/$alldb[tmpimg]"); $ftp->close(); } else { P_unlink("$attachdir/cn_img/$alldb[tmpimg]"); } $db->update("DELETE FROM pw_cmembers WHERE colonyid='$cyid'"); $db->update("DELETE FROM pw_colonys WHERE id='$cyid'"); $db->update("UPDATE pw_cnclass SET cnsum=cnsum-1 WHERE cid='$alldb[classid]' AND cnsum>0"); updatecache_cnc(); refreshto($basename,'colony_cancelsuccess'); } elseif ($job == 'transfer'){ require_once(R_P.'require/credit.php'); $windid != $alldb['admin'] && Showmsg('colony_adminright'); $moneyname = CreditName($cn_moneytype); $cn_transfer > UserCredit($winduid,$cn_moneytype) && Showmsg('colony_transferfailed'); if ($_POST['step'] != 2){ require_once PrintHack('home'); } else { InitGP(array('username','ttype')); $ismanager == false && Showmsg('colony_transferright'); empty($username) && Showmsg('colony_username_empty'); $username == $windid && Showmsg('colony_transfer_same'); if($username){ $rt = $db->get_one("SELECT uid FROM pw_members WHERE username='$username'"); if(!$rt){ $errorname = Char_cv($pwuser); Showmsg('user_not_exists'); } } $ck_in_colony = $db->get_value("SELECT uid FROM pw_cmembers WHERE username='$username' AND colonyid='$cyid'"); empty($ck_in_colony) && Showmsg('colony_user_notin'); UserCredit($winduid,$cn_moneytype,'set',"-$cn_transfer"); $db->update("UPDATE pw_colonys SET admin='$username',iftransfer='1' WHERE id='$cyid'"); if($ttype == '2'){ $db->update("UPDATE pw_cmembers SET ifadmin='0' WHERE colonyid='$cyid' AND uid='$winduid'"); }elseif($ttype == '3'){ $db->update("UPDATE pw_colonys SET members=members-1 WHERE id='$cyid'"); $db->update("DELETE FROM pw_cmembers WHERE colonyid='$cyid' AND uid='$winduid'"); } $db->update("UPDATE pw_cmembers SET ifadmin='1' WHERE colonyid='$cyid' AND username='$username'"); refreshto("$basename&job=view&cyid=$cyid",'operate_success'); } } function ifcheck($array,$yn = 'Y_N'){ !is_array($array) && adminmsg('undefined_actions'); list($y,$n) = explode('_',$yn); foreach ($array as $key => $value) { global ${$key.'_'.$y},${$key.'_'.$n}; if ($value) { ${$key.'_'.$y} = 'CHECKED'; ${$key.'_'.$n} = ''; } else { ${$key.'_'.$y} = ''; ${$key.'_'.$n} = 'CHECKED'; } } } function updatecache_cnc(){ global $db; $cnclassdb = array(); $query = $db->query('SELECT cid,cname,cnsum FROM pw_cnclass ORDER BY cid'); while ($rt = $db->fetch_array($query)) { $cnclassdb[$rt['cid']] = array('cname' => $rt['cname'],'cnsum' => $rt['cnsum']); } writeover(D_P."data/bbscache/cn_class.php","<?php\r\n\$cnclassdb=".pw_var_export($cnclassdb).";\r\n?>"); } ?>