www.gusucode.com > weenCompany闻名企业网站系统 4.0.0 繁体中英文 UTF8源码程序 > admin/adminfunctions.php
<?php
// +---------------------------------------------+
// | Copyright2003-2005 weenCompany |
// | http://www.weentech.com |
// | This file may not be redistributed. |
// +---------------------------------------------+
if(!defined('IN_WEENCOMPANY'))
die('File not found!');
// include global functions
include($rootpath . 'includes/globalfunctions.php');
$enablewysiwyg = '';
// ############################### PRINT HEADER ################################
function PrintHeader($pagetitle, $includetinymce = 0)
{
global $DB, $stylepath, $weenurl, $enablewysiwyg;
SetPageCharacterSet();
echo '<html>
<head>
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
<link rel=stylesheet href="'.$stylepath.'style.css" />
<script type="text/javascript" src="javascript/admin_functions.js"></script>
<SCRIPT LANGUAGE="JAVASCRIPT" TYPE="TEXT/JAVASCRIPT">
<!--
if(top.location == self.location)
{
top.location.replace("index.php");
}
-->
</SCRIPT>';
if($includetinymce AND $enablewysiwyg = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "mainsettings WHERE varname = 'enablewysiwyg' AND value = 1"))
{
// is gzip enabled?
if($gzip = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "mainsettings WHERE varname = 'gzipcompress' AND value = 1"))
{
echo '<script language="javascript" type="text/javascript" src="./tiny_mce/tiny_mce_gzip.js"></script>';
echo '<script type="text/javascript">
tinyMCE_GZ.init({
disk_cache : true,
debug : false
});
</script>
';
}
else
{
echo '<script language="javascript" type="text/javascript" src="./tiny_mce/tiny_mce.js"></script>';
}
echo '<script type="text/javascript">
tinyMCE.init({
// General options
theme : "advanced",
document_base_url : "' . $weenurl . '",
language: "zh",
mode : "specific_textareas",
force_p_newlines : false,
force_br_newlines : true,
forced_root_block : "",
editor_selector : "mceEditor",';
if($simpleTinyMce = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "mainsettings WHERE varname = 'simpletingymce' AND value = 1"))
{
echo 'plugins : "imagemanager,save,preview,table,fullscreen,advimage,inlinepopups",
// Theme options
theme_advanced_buttons1 : "code,|,bold,italic,underline,strikethrough,|,justifyleft,justifycenter,justifyright,justifyfull,bullist,numlist,formatselect,fontselect,fontsizeselect,forecolor,backcolor,|,removeformat,cleanup,visualaid,|,fullscreen,preview",
theme_advanced_buttons2 : "newdocument,save,|,cut,copy,paste,|,undo,redo,|,outdent,indent,|,hr,sub,sup,charmap,|,link,unlink,image,imagemanager,|,tablecontrols",
theme_advanced_buttons3 : "",';
}
else
{
echo 'plugins : "safari,imagemanager,pagebreak,style,layer,table,save,advhr,advimage,advlink,emotions,inlinepopups,insertdatetime,preview,media,searchreplace,print,contextmenu,paste,directionality,fullscreen,noneditable,visualchars,nonbreaking,xhtmlxtras,template",
// Theme options
theme_advanced_buttons1 : "code,|,save,newdocument,|,bold,italic,underline,strikethrough,|,justifyleft,justifycenter,justifyright,justifyfull,styleselect,formatselect,fontselect,fontsizeselect",
theme_advanced_buttons2 : "cut,copy,paste,pastetext,pasteword,|,search,replace,|,bullist,numlist,|,outdent,indent,blockquote,|,undo,redo,|,link,unlink,anchor,image,imagemanager,cleanup,help,|,insertdate,inserttime,preview,|,forecolor,backcolor",
theme_advanced_buttons3 : "tablecontrols,|,hr,removeformat,visualaid,|,sub,sup,|,charmap,emotions,media,advhr,|,print,|,ltr,rtl,|,fullscreen",
theme_advanced_buttons4 : "insertlayer,moveforward,movebackward,absolute,|,styleprops,|,cite,abbr,acronym,del,ins,attribs,|,visualchars,nonbreaking,template,pagebreak",';
}
echo '
theme_advanced_toolbar_location : "top",
theme_advanced_toolbar_align : "left",
theme_advanced_statusbar_location : "bottom",
theme_advanced_resizing : true,
template_replace_values : {
username : "WeenCompany",
staffid : "556688"
}
});
</script>';
}
if($_SESSION['lang'] == 'en')
{
$thislang = '__<font style="color: #66FFFF; font:bold; ">English</font>';
}
else
{
$thislang = '__<font style="color: #66FFFF; font:bold; ">繁體中文</font>';
}
echo '</head>
<body>
<table width=100%" border="0" cellpadding="0" cellspacing="0" class="header">
<tr>
<td align="center"><p class="pagetitle">'.$pagetitle.$thislang.'</p></td>
</tr>
</table>
<br /><br />';
}
// ############################### PRINT SUBMIT ################################
function PrintSubmit($name, $value)
{
echo '<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align="center">
<input type="hidden" name="'.$name.'" value="'.$value.'" />
<input type="submit" value="'.$value.'" />
</td>
</tr>
</table>';
}
// ############################### PRINT SECTION ###############################
function PrintSection($sectionname)
{
global $stylepath;
echo '<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="15" height="30"><img src="'.$stylepath.'images/section/section_top_left.gif" /></td>
<td width="100%" background="'.$stylepath.'images/section/section_top_bg.gif" valign="bottom" align="center">
<div style="font-family:verdana;font-size:10pt;color:#5D729B"><b>'.$sectionname.'</b></div>
</td>
<td width="1" height="30"><img src="'.$stylepath.'images/section/section_top_right.gif" /></td>
</tr>
<tr>
<td width="15" height="4"><img src="'.$stylepath.'images/section/section_top_left2.gif" /></td>
<td background="'.$stylepath.'images/section/section_top_bg2.gif"></td>
<td width="15" height="4"><img src="'.$stylepath.'images/section/section_top_right2.gif" /></td>
</tr>
<tr>
<td colspan="3">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="7" background="'.$stylepath.'images/section/section_middle_left.gif"></td>
<td>';
}
// ################################ END SECTION ################################
function EndSection()
{
global $stylepath;
echo ' </td>
<td width="7" background="'.$stylepath.'images/section/section_middle_right.gif"></td>
</tr>
</table>
</td>
</tr>
</table>
<br /><br />';
}
// ############################### PAGE REDIRECT ###############################
function PrintRedirect($gotopage, $timeout = 0)
{
$gotopage = str_replace('&', '&', $gotopage);
PrintSection('完成更新!');
echo '<table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td class="tdrow1" colspan="2">跳轉中...</td>
</tr>
<tr>
<td class="tdrow2" width="70%">';
echo '<a href="'.$gotopage.'" onclick="javascript:clearTimeout(timerID);">
完成更新! 如果網頁沒有跳轉,請點擊這裏.</a>';
echo ' </font>
</td>
</tr>
</table>';
echo '<script type="text/javascript">';
if($timeout == 0)
{
echo 'window.location="'.$gotopage.'"';
}
else
{
echo 'timeout = '.($timeout*10).';
function Refresh()
{
timerID = setTimeout("Refresh();", 100);
if (timeout > 0)
{
timeout -= 1;
}
else
{
clearTimeout(timerID);
window.location="'.$gotopage.'";
}
}
Refresh();';
}
echo '</script>';
EndSection();
PrintFooter();
exit();
}
// ############################### PRINT FOOTER ################################
function PrintFooter()
{
global $DB;
global $stylepath;
$getversion = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "mainsettings WHERE title = 'version'");
$version = $getversion['value'];
echo '<br /><br />
<table width="48%" border="0" cellpadding="0" cellspacing="0" align="center">
<tr><td align="center"><p class="copyright">© 2006-'.date("Y").' 聞泰網絡. weenCompany' . $version . ' CWS</p><br><a href="http://www.weentech.com" target="_blank"><img src="'.$stylepath.'images/wenlo.gif" alt="闻泰网络" /></a><br></td></tr>
</table>
</body>
</html>';
}
// ########################### PRINT MODULE SETTINGS ###########################
function PrintModuleSettings($moduleid, $groupname = 'Options', $refreshpage)
{
global $DB;
$modulesettings = $DB->query("SELECT * FROM " . TABLE_PREFIX . "modulesettings
WHERE moduleid = '$moduleid' AND groupname = '$groupname'
ORDER BY displayorder");
$modulesettingrows = $DB->get_num_rows($modulesettings);
PrintSection($groupname);
if($modulesettingrows)
{
echo '<form method="post" action="'.$refreshpage.'">
<table width="100%" border="0" cellpadding="5" cellspacing="0">
<input type="hidden" name="refreshpage" value="'.$refreshpage.'" />';
while($setting = $DB->fetch_array($modulesettings))
{
if(strlen($setting['title']))
{
echo '<tr>
<td class="tdrow1" colspan="2">' . $setting['title'] . '</td>
</tr>';
}
echo '<tr>
<td class="tdrow2" width="70%">'.$setting['description'].'</td>
<td class="tdrow3" valign="top">';
if($setting['input']=="text")
{
echo '<input type="text" size="40" name="settings['.$setting['settingid'].']" value="'.htmlspecialchars($setting['value']).'">';
}
elseif($setting['input']=="yesno")
{
echo "是<input type=\"radio\" name=\"settings[$setting[settingid]]\" ".iif($setting['value']==1,"checked","")." value=\"1\"> 否 <input type=\"radio\" name=\"settings[$setting[settingid]]\" ".iif($setting['value']==0,"checked","")." value=\"0\">";
}
elseif($setting['input']=="textarea")
{
echo "<textarea name=\"settings[$setting[settingid]]\" rows=\"4\" cols=\"30\">".$setting['value']."</textarea>";
}
elseif($setting['input']=="wysiwyg")
{
echo "<textarea name=\"settings[$setting[settingid]]\" rows=\"4\" cols=\"30\" style=\"width:100%;\" class=\"mceEditor\">".$setting['value']."</textarea>";
}
else
{
eval("echo \"$setting[input]\";");
}
echo '</td></tr>';
}
echo '<tr>
<td class="tdrow1" bgcolor="#FCFCFC" colspan="2" align="center">
<input type="hidden" name="updatesettings" value="Save Settings" />
<input type="submit" value=" 保存設置 " />
</td>
</tr>
</table>
</form>';
}
else
{
echo '<table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td class="tdrow1"> </td>
</tr>
<tr>
<td class="tdrow2" align="center">此模塊無任何可設置選項.</td>
</tr>
</table>';
}
EndSection();
}
// ########################## UPDATE MODULE SETTINGS ###########################
function UpdateModuleSettings($settings, $refreshpage)
{
global $DB;
while(list($key,$val) = each($settings))
{
$DB->query("UPDATE " . TABLE_PREFIX . "modulesettings SET value='". trim($val) . "' WHERE settingid='$key'");
}
PrintRedirect($refreshpage, 1);
}
// ########################## DELETE MODULE COMMENTS ###########################
function DeleteModuleComments($moduleid, $objectid)
{
global $DB;
$DB->query("DELETE FROM " . TABLE_PREFIX . "comments WHERE moduleid = '$moduleid' AND objectid = '$objectid'");
}
// ############################### PRINT ERROR #################################
function PrintErrors($errors, $errortitle = '運行錯誤')
{
echo '<table width="100%" border="0" cellpadding="5" cellspacing="6">
<tr>
<td style="border: 1px solid #FF0000; font-size: 12px;" bgcolor="#FFE1E1"><u>' . $errortitle . '</u><br /><br />系統運行過程中發現如下錯誤:<br /><br />';
if(is_array($errors))
{
for($i = 0; $i < count($errors); $i++)
echo '<b>' . ($i + 1) . ') ' . $errors[$i] . '</b><br /><br />';
}
else
echo '<b>1) ' . $errors . '</b><br /><br />';
echo ' </td>
</tr>
</table><br /><br />';
}
// ######################## DISPLAY CATEGORY SELECTION #########################
function DisplayCategorySelection($categoryid = 0, $showzerovalue = 0, $parentid = 0, $sublevelmarker = '', $selectname = 'parentid')
{
global $DB;
// start selection box
if($parentid == 0)
{
echo '<select name="' . $selectname . '">';
if($showzerovalue)
{
echo '<option value="0"></option>';
}
}
else
{
$sublevelmarker .= '- ';
}
$getcategories = $DB->query("SELECT categoryid, parentid, name FROM " . TABLE_PREFIX . "categories WHERE parentid = $parentid ORDER BY displayorder");
while($category = $DB->fetch_array($getcategories))
{
echo '<option value="' . $category['categoryid'] . '" ' . iif($categoryid == $category['categoryid'], 'SELECTED', '') . '>' . $sublevelmarker . $category['name'] . '</option>';
DisplayCategorySelection($categoryid, $showzerovalue, $category['categoryid'], $sublevelmarker);
}
// end the selection box
if($parentid == 0)
{
echo '</select>';
}
}
// ############################## CONFIRM DELETE ###############################
function ConfirmDelete($description = '<b>請確認刪除:</b>', $hiddenvalues = '', $formredirect = '')
{
PrintSection('確認刪除');
echo '<form method="post" action="' . $formredirect . '">
' . $hiddenvalues . '
<table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td class="tdrow2" style="padding: 25px;">' . $description . '</td>
</tr>
<tr>
<td class="tdrow1" colspan="2" align="center"><input type="submit" name="confirmdelete" value=" 確定 " /> <input type="submit" name="confirmdelete" value=" 取消 " /></td>
</table>
</form>';
EndSection();
}
// ############################## CLEAN FORM VALUE #############################
// this is an interesting function that needs a bit of explaining.
// basically any frontend submitted information goes through htmlspecialchars
// so in the admin panel this information will not break a form (<input value=""e;test", instead of value=""test"
// however when submitting information from the admin panel, admins should have the
// option of submitting HTML, but if they do then forms will break <input type value=""test"
// Now, the solution seems simple, just htmlspecialchars($value) of all admin html forms,
// but the problem is doing that with information that was submitted from the frontend
// becuase htmlspecialchars("e;) = &quote;
// So the real solution is to first UNhtmlespecialchars the information, and then
// htmlspecilachars the information.
// this only needs to be done on <input type="text" forms in the admin panel
// that ALSO receive frontend information (like the chatterbox, news, guestbook, etc..)
function CleanFormValue($value)
{
return htmlspecialchars(unhtmlspecialchars($value), ENT_QUOTES);
}
// ########################### SET PAGE CHARACTER SET ##############################
function SetPageCharacterSet()
{
global $DB;
// Get the correct characterset
$language = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "mainsettings WHERE varname = 'language'");
$language = explode('|', $language[0]);
header("Content-Type: text/html; charset=" . $language[2]);
}
// ########################### Short TITLES ##############################
function ShortTitle($string, $length=50)
{
if(strlen($string) == 0){
$string = '(無標題)';
return $string;
}
if(strlen($string) <= $length) {
return $string;
}
$charset = 'utf-8';
$dot = ' ...';
$string = str_replace(array('&', '"', '<', '>'), array('&', '"', '<', '>'), $string);
$strcut = '';
if($charset == 'utf-8') {
$n = $tn = $noc = 0;
while($n < strlen($string)) {
$t = ord($string[$n]);
if($t == 9 || $t == 10 || (32 <= $t && $t <= 126)) {
$tn = 1; $n++; $noc++;
} elseif(194 <= $t && $t <= 223) {
$tn = 2; $n += 2; $noc += 2;
} elseif(224 <= $t && $t < 239) {
$tn = 3; $n += 3; $noc += 2;
} elseif(240 <= $t && $t <= 247) {
$tn = 4; $n += 4; $noc += 2;
} elseif(248 <= $t && $t <= 251) {
$tn = 5; $n += 5; $noc += 2;
} elseif($t == 252 || $t == 253) {
$tn = 6; $n += 6; $noc += 2;
} else {
$n++;
}
if($noc >= $length) {
break;
}
}
if($noc > $length) {
$n -= $tn;
}
$strcut = substr($string, 0, $n);
} else {
for($i = 0; $i < $length; $i++) {
$strcut .= ord($string[$i]) > 127 ? $string[$i].$string[++$i] : $string[$i];
}
}
$strcut = str_replace(array('&', '"', '<', '>'), array('&', '"', '<', '>'), $strcut);
return $strcut.$dot;
}
// ########################### Show Error Message ##############################
function Errmsg($string) {
echo "<script> alert('$string'); history.back(); </script> "; exit;
}
?>