www.gusucode.com > XerCMS 携云PHP企业建站程序 v2015PHP源码程序 > XerCMS 携云PHP企业建站程序 v2015/XerCMS_v20150724/XerCMS_v20150724/XerCMS/Services/admin/index.php
<?php
/**
* @name XERCMS
* @author Arno <XerCMS@163.com> [QQ:1328013]
* @version 1.0.0
* @link http://www.XerCMS.com
*/
!defined('XERCMS') && exit('Access Denied');
libs('#XerCMS_base');
class Service_admin_index extends admin
{
function xercms() {
$this->index();
}
function domains() {
Act('domains')->parent = $this;
Act('domains')->load();
}
function vote() {
Act('vote')->parent = $this;
Act('vote')->load();
}
function logout() {
session_destroy();
$this->tips('退出成功',X::$G['urlpath'].'index.php?s=admin');
}
function sql() {
$sql = p('sql');X::$G['do'] = g('d');
if(X::$G['do'] == 'query') {
$sql = stripcslashes($sql);
$sql = explode(";\r\n",$sql);$result = '';
foreach($sql as $val) {
if(empty($val)) {
continue;
}
DB::$debug = true;
$res = DB::query($val);
$result .= '语句:'.$val.'<br/>执行结果:'.($res ? 'OK (影响了 <font style="color:red;font-weight:800">'.DB::affected_rows().'</font> 行)' : mysql_error()).'<br>';
$resultSet = DB::fetch($res);
if(is_array($resultSet)) {
$result .= '<table cellspacing="1" cellpadding="0" class="tab" style="color:#666" ><tbody>';
$result .= '<tr>';
foreach($resultSet as $k=>$v) {
$result .= '<th>'.$k.'</th>';
}
$result .= '</tr>';
$result .= '<tr>';
foreach($resultSet as $k=>$v) {
$result .= '<td>'.$v.'</td>';
}
$result .= '</tr>';$max = 15;$count = 1;
while($res && $resultSet = DB::fetch($res)) {
$result .= '<tr>';
foreach($resultSet as $k=>$v) {
$result .= '<td>'.$v.'</td>';
}
$result .= '</tr>'; $count++;
if($count >= $max)break;
}
$result .= '</tbody></table>';
$result .= '注:最多显示15条结果数。';
}
}
$sql = implode(";\r\n",$sql);X::$G['do'] = '';
}
include_once($this->tpl('xercms.htm'));
}
function player() {
X::$G['do'] = g('d');
if(X::$G['do'] == 'update') {
$id = g('id');
$data[$id] = p('player');
if(!is_numeric($data[$id][2]) || !is_numeric($data[$id][3])) {
$this->tips('请正确填写宽高!');
}
ini('player',$data);
$script = dfile('Assets/player/'.$id.'.default.js');
$player = '';
foreach($data[$id] as $k=>$v) {
$player .= 'xercmsplayer['.$k.'] = \''.strtr($v,array('\\'=>'\\\\','\''=>'\\\'')).'\';'."\r\n";
}
dfile('Assets/player/'.$id.'.config.js',strtr($script,array('{xercms$player}'=>$player)));
$this->tips(11,'?s=admin&a=player&player='.$id);
} else {
$player = g('player','video');
$data = ini('player');
include_once($this->tpl('xercms.htm'));
}
}
function slides() {
$page = (int)g('page');$number = (int)g('number');
$page = $page < 1 ? 1 : $page;$number = ($number < 1 || $number > 30) ? 20 : $number;
$slides = DB::fetch_all('SELECT * FROM xercms_slides ORDER BY mtime DESC LIMIT '.(($page - 1)*$number).','.$number);
include_once($this->tpl('xercms.htm'));
}
function insertSlides() {
$data = p('data');
$data['title'] = strfilter($data['title']);
$data['img'] = strfilter($data['img']);
$data['sign'] = strfilter($data['sign']);
$data['url'] = strtr($data['url'],array('\''=>''));
DB::insert('xercms_slides',array('uid'=>X::$G['uid'],'ctime'=>X::$G['time'],'mtime'=>X::$G['time'],'title'=>$data['title'],'url'=>$data['url'],'img'=>$data['img'],'sign'=>$data['sign']));
$this->tips('操作成功',dreferer());
}
function delSlides() {
$id = (int)g('id');
if($id) {
DB::delete('xercms_slides',array('id'=>$id));
$this->tips('操作成功',dreferer());
} else $this->tips('错误的ID!');
}
function updateSlides() {
$id = (int)g('id');$data = p('data');
$data['title'] = strfilter($data['title']);
$data['img'] = strfilter($data['img']);
$data['extra'] = strfilter($data['extra']);
$data['mtime'] = X::$G['time'];
$data['url'] = strtr($data['url'],array('\''=>''));
DB::update('xercms_slides',$data,'id = '.$id);
$this->tips('操作成功',dreferer());
}
function bakloading() {
$tables = BAK::tables();
$total = 0;
foreach($tables as $v) {
$total += $v['count'];
}
foreach($_POST['bak'] as $k=>$v) {
$bak[] = array('name'=>$k,'count'=>$v);
}
$bak = json_encode($bak);
$time = time();
include_once($this->tpl('xercms.htm'));
}
function bakrestoring() {
$tables = BAK::tables();
$time = (int)$_GET['time'];
$total = 0;
$log = BAK::log($time);
foreach($log as $k=>$v) {
$bak[] = array('name'=>$k,'count'=>$v);
$total += $v;
}
$total += count($bak);
$bak = json_encode($bak);
include_once($this->tpl('xercms.htm'));
}
function bakrestore() {
$name = g('name');$id = g('start');
$dir = (int)$_GET['time'];
$result['msg'] = BAK::restore($name,$id,$dir)? 'OK' : DB::$error;
$result['state'] = 1;
exit(json_encode($result));
}
function bakdel() {
$dir = (int)$_GET['time'];
DIR::del('XerCMS/Data/backup/'.$dir.'/');
$this->tips(11,'?s=admin&a=baklist');
}
function bakload() {
$name = g('name');$start = g('start');
$dir = (int)$_GET['time'];
$result['count'] = BAK::table($name,$start,$dir);
$result['state'] = 1;
exit(json_encode($result));
}
function bak() {
$tables = BAK::tables();
include_once($this->tpl('xercms.htm'));
}
function baklist() {
$baklist = DIR::read('XerCMS/Data/backup');
include_once($this->tpl('xercms.htm'));
}
function nav(){
$act = g('act');
$page = g('page',0);
switch($act) {
case 'del':
$id = (int)g('id');
$nav = DB::result('SELECT * FROM xercms_nav WHERE id = '.$id);
if($nav['parent']) {
$nav['son'] = $nav['son'] < 1 ? 0 : $nav['son'] - 1;
DB::update('xercms_nav',array('son'=>$nav['son']),array('id'=>$nav['parent']));
}
DB::query('DELETE FROM xercms_nav WHERE id = '.$id);
$this->tips(11,'?s=admin&a=nav');
break;
case 'editnavname':
$nav = p('nav');
foreach($nav as $k=>$v) {
if(!empty($v['name'])) {
DB::update('xercms_nav',array('name'=>$v['name'],'url'=>$v['url']),'id = '.$k);
}
}
$this->tips(11,'?s=admin&a=nav&parent='.$nav['parent']);
break;
case 'editnav':
$id = (int)g('id');
$parent_nav = DB::select('xercms_nav',array('parent'=>'0'));
$nav = DB::select_first('xercms_nav',array('id'=>$id));
break;
case 'hidenav':
$id = g('id');
DB::update('xercms_nav',array('display'=>0),'id = '.$id);
$this->tips(11);
break;
case 'shownav':
$id = g('id');
DB::update('xercms_nav',array('display'=>1),'id = '.$id);
$this->tips(11);
break;
case 'editsave':
$id = g('id');
$nav = p('nav');
if($id) {
DB::update('xercms_nav',$nav,'id = '.$id);
} else {
DB::insert('xercms_nav',$nav);
if($nav['parent']) {
DB::query('UPDATE xercms_nav SET son = son + 1 WHERE id = \''.$nav['parent'].'\'');
}
}
$this->tips(11,'?s=admin&a=nav&parent='.$nav['parent']);
break;
default:
$parent = (int)g('parent');$parentParent = 0;
if($parent) {
$parentParent = DB::result_first('SELECT parent FROM xercms_nav WHERE id = \''.$parent.'\'');
}
$nav = DB::select('xercms_nav',array('parent'=>$parent));;
break;
}
include_once($this->tpl('xercms.htm'));
}
function xer() {
$sum = DB::result_first('SELECT count(*) FROM xercms_archives WHERE uid = \''.X::$G['uid'].'\'');
$my['publish'] = $sum;
$sum = DB::result_first('SELECT count(*) FROM xercms_archives WHERE uid = \''.X::$G['uid'].'\' AND ctime >= \''.date('Y-m-d',time()).'\'');
$my['today'] = $sum;
include_once($this->tpl('xercms.htm'));
}
function modules() {
$act = g('act');
if($act == 'update') {
$data = p('module');$id = int1(g('id'));
rs('module')->where(array('id'=>$id))->update(array('state'=>$data['state']));
$modules = rs('module')->where(array('state'=>1))->select(0);
$data = '';
foreach($modules as $k=>$v) {
$data[] = $v['path'];
}
ini('kernel',array('modules'=>$data));
$this->tips('11',dreferer());
} else {
$modules = rs('module')->select(0);;
include($this->tpl('module.htm'));
}
}
function upload()
{
X::$G['do'] = g('d');
$html = g('html');
switch(X::$G['do']) {
case 'del':
$id = int1(g('id'));
$upload = rs('upload')->read($id);
if($upload['internal'] == 1) {
$this->tips('internal_no_del');
}
rs('upload')->del($id);
unlink(INC.'Data/member/upload/'.$id);
$this->tips(11);
break;
case 'add':
$config = p('config');
if(preg_match('/\.asp|\.aspx|\.php|\.vbs|\.ocx/i',$config['ext'])) {
$this->tips('upload_dev_limit','?s=admin&a=upload');
}
$config['path'] = strpos($config['path'],'upfiles/') === 0 ? $config['path'] : 'upfiles/'.$config['path'];
$config['path'] = substr($config['path'],-1,1) != '/' ? $config['path'].'/' : $config['path'];
$id = rs('upload')->add($config);
$config['ext'] = explode(',',$config['ext']);
$data[$id] = $config;
ini('member/upload/'.$id,$config);
$this->tips(11,'?s=admin&a=upload');
break;
case 'update':
$config = p('config');$id = int1(g('id'));
if(preg_match('/\.asp|\.aspx|\.php|\.vbs|\.ocx/i',$config['ext'])) {
$this->tips('upload_dev_limit','?s=admin&a=upload');
}
$config['path'] = strpos($config['path'],'Upfiles/') === 0 ? $config['path'] : 'Upfiles/'.$config['path'];
$config['path'] = substr($config['path'],-1,1) != '/' ? $config['path'].'/' : $config['path'];
rs('upload')->where(array('id'=>$id))->update($config);
$config['ext'] = explode(',',$config['ext']);
$data[$id] = $config;
ini('member/upload/'.$id,$config);
$this->tips(11);
break;
default:
switch($html) {
case 'edit':
$id = g('id');
$config = ini('member/upload/'.$id);
//print_r($config);exit;
//$config = $config[$id];
$config['id'] = $id;
$config['ext'] = implode(',',$config['ext']);
break;
default:
$page = int1(g('page'));
$config = rs('upload')->limit((($page-1)*20).',20')->select(0);
$total = rs('upload')->count();
$multipage = multi(($total/20),$page);
break;
}
include($this->tpl('upload.htm'));
//$config = ini($ini);
break;
}
}
function guestbook() {
X::$G['do'] = g('d');
$state = (int)g('state',0);
switch(X::$G['do']) {
case 'del':
$id = int1(g('id'));
DB::query('DELETE FROM xercms_guestbook WHERE id = '.$id);
$this->tips('11','?s=admin&a=guestbook');
break;
case 'state':
$ids = g('ids');$ids = explode(',',$ids);$safe_ids = array();
foreach($ids as $v) {
$safe_ids[] = (int)$v;
}
if(empty($safe_ids)) {
return;
} else {
DB::update('xercms_guestbook',array('state'=>1),'id in ('.implode(',',$safe_ids).')');exit('ok');
}
break;
default:
$page = int1(g('page'));$number = 20;
$guestbook = DB::fetch_all('SELECT * FROM xercms_guestbook WHERE state = \''.$state.'\' LIMIT '.(($page-1)*20).',20');
$total = DB::result_first('SELECT count(*) FROM xercms_guestbook WHERE state = \''.$state.'\'');
$ids = array();
foreach($guestbook as $v) {
$ids[] = $v['id'];
}
$ids = implode(',',$ids);
$multipage = multi(($total/$number),$page);
//print_r(X::$Guestbook);
break;
}
include($this->tpl('xercms.htm'));
}
function announce() {
X::$G['do'] = g('d');
$html = g('html');
switch(X::$G['do']) {
case 'del':
$id = int1(g('id'));
DB::delete('xercms_announce',array('id'=>$id));
//unlink(INC.'caches/announce/'.$id.'.php');
$this->tips(11,'?s=admin&a=announce');
break;
case 'update':
$announce = p('announce');
$announce['time'] = X::$G['time'];
$announce['uid'] = X::$G['uid'];
$id = g('id');
if(empty($id)) {
$id = DB::insert('xercms_announce',$announce);
} else {
DB::update('xercms_announce',$announce,'id = '.$id);
}
$this->tips(11,'?s=admin&a=announce');
break;
default:
if($html == 'edit') {
$id = g('id');
$announce = empty($id) ? array() : DB::result('SELECT * FROM xercms_announce WHERE id = '.$id);
} else {
$page = int1(g('page'));$group = g('group');
$announce = DB::fetch_all('SELECT * FROM xercms_announce LIMIT '.(($page-1)*20).',20');
$total = DB::result_first('SELECT count(*) FROM xercms_announce');
$multipage = multi(($total/20),$page);
}
//$config = ini($ini);
break;
}
include($this->tpl('announce.htm'));
}
function links() {
X::$G['do'] = g('d');
$html = g('html');
switch(X::$G['do']) {
case 'del':
$id = int1(g('id'));
DB::query('DELETE FROM xercms_links WHERE id = '.$id);
//unlink(INC.'caches/links/'.$id.'.php');
$this->tips(11,'?s=admin&a=links');
break;
case 'update':
$link = p('link');
$link['time'] = X::$G['time'];
$id = g('id');
if(empty($id)) {
$id = DB::insert('xercms_links',$link);
} else {
DB::update('xercms_links',$link,'id = '.$id);
}
$this->tips(11,'?s=admin&a=links');
break;
default:
if($html == 'edit') {
$id = g('id');
$links = empty($id) ? array() : DB::result('SELECT * FROM xercms_links WHERE id = '.$id);
} else {
$page = int1(g('page'));$Group = g('group');
$links = DB::fetch_all('SELECT * FROM xercms_links LIMIT '.(($page-1)*20).',20');
$total = DB::result_first('SELECT count(*) FROM xercms_links');
$multipage = multi(($total/20),$page);
}
//$config = ini($ini);
break;
}
include($this->tpl('links.htm'));
}
function adsSet($id,$data) {
dfile('XerCMS/Caches/ads/'.$id.'.php','<?php !defined(\'CUPCMS\') && exit(\'Access Denied\'); return '.AtoS($data).';?>');
}
function ads() {
X::$G['do'] = g('d');
$html = g('html');
switch(X::$G['do']) {
case 'del':
$id = int1(g('id'));
rs('ads')->del($id);
if(file_exists(INC.'Caches/ads/'.$id.'.php'))
unlink(INC.'Caches/ads/'.$id.'.php');
$this->tips(11);
break;
case 'add':
$ad = p('ad');$ad['time'] = X::$G['time'];
if(empty($ad['name'])) {
$this->tips('请填写广告名称!');
}
$ad['stime'] = strtotime($ad['stime']);
$ad['etime'] = strtotime($ad['etime']);
if($ad['etime'] <= $ad['stime']) {
$this->tips('广告结束时间须大于广告开始时间!');
}
$id = rs('ads')->add($ad);
//$data[$config['tag']] = $config['content'];
$this->adsSet($id,$ad);
$this->tips(11,'?s=admin&a=ads');
break;
case 'update':
$ad = p('ad');$id = int1(g('id'));
if(empty($ad['name'])) {
$this->tips('请填写广告名称!');
}
$ad['time'] = X::$G['time'];
$ad['stime'] = strtotime($ad['stime']);
$ad['etime'] = strtotime($ad['etime']);
if($ad['etime'] <= $ad['stime']) {
$this->tips('广告结束时间须大于广告开始时间!');
}
rs('ads')->where(array('id'=>$id))->update($ad);
$this->adsSet($id,$ad);
$this->tips(11,'?s=admin&a=ads');
break;
default:
if($html == 'edit')
{
$id = int1(g('id'));
$ads = rs('ads')->read($id);
} else
{
$page = int1(g('page'));$group = g('group');
$ads = rs('ads')->select(0);
$total = rs('ads')->count();
$multipage = multi(($total/20),$page);
}
include($this->tpl('ads.htm'));
break;
}
}
function template() {
$d = g('d');
if($d == 'install') {
$name = g('id');
ini('kernel',array('tplname'=>$name));
install::template($name);
$this->tips(11);
} else {
$templateDir = DIR::read('Template/');$template = array();
foreach($templateDir as $v) {
if(file_exists(XERCMS.'Template/'.$v.'/xercms.xml')) {
xml::template($v);//print_r(xml::$dxml['Template']);
if(isset(xml::$dxml['Template']['Id'])) {
$template[] = array(
'id'=>xml::$dxml['Template']['Id'],
'developer'=>xml::$dxml['Template']['Developer'],
'link'=>xml::$dxml['Template']['Link'],
'logo'=>xml::$dxml['Template']['Logo'],
'des'=>xml::$dxml['Template']['Language:zh-cn']['Description'],
'contact'=>xml::$dxml['Template']['Contact'],
'language'=>xml::$dxml['Template']['Language'],
'version'=>xml::$dxml['Template']['Version'],
'admin'=>xml::$dxml['Template']['Admin'],
'name'=>xml::$dxml['Template']['Language:zh-cn']['Name'],
);
}
}
}
include($this->tpl('xercms.htm'));
}
}
function safe() {
$d = g('d');
if($d == 'update') {
$safe = p('safe');$safe['admins'] = explode(',',$safe['admins']);
$codes = explode(',',strfilter($safe['codes']));$safe['codes'] = array();
foreach($codes as $v) {
$v = trim($v);
if(!empty($v)) {$safe['codes'][] = $v;}
}
if(!valid('safe')->check($safe)) {
$this->tips(valid('safe')->getError());
}
ini('admin',$safe);
$this->tips(11);
} else {
$safe = ini('admin');
include($this->tpl('xercms.htm'));
}
}
function cache() {
DIR::deldir(INC.'Caches/template',false);
DIR::deldir(INC.'Caches/fetchSql',false);
$this->tips('update_cache','?s=admin&a=xer');
}
function config() {
$file = g('file');$act = g('act');//print_r(X::$G);exit;
$tag = g('tag');
if($act == 'del') {
$ids = g('ids');$ids = explode(',',$ids);
foreach($ids as $id) {
rs('config')->del($id);
if($ret == -1) {
$this->tips('developer_data',dreferer());
}
}
$this->tips('11',dreferer());
} else if($act == 'set') {
$configs = p('configs');$file = isset($_GET['file']) ? $_GET['file'] : '';//print_r($configs);exit;
if(empty($file))
$this->tips('no_config_file',dreferer());
foreach($configs as $config) {
$config['file'] = isset($config['file']) ? $config['file'] : $file;
if(!valid('config')->check($config)) {
$this->tips(valid('config')->getError());
}
$ret = rs('config')->set($config);
if($ret == -1) {
$this->tips('developer_data',dreferer());
} else if ($ret == -2){
$this->tips('empty_name',dreferer());
}
$data = array();
if($config['format'] == 2) {
if(empty($config['content'])) {
$config['content'] = array();
} else {
$config['content'] = explode("\r\n",$config['content']);
$temp = array();
foreach($config['content'] as $k=>$v) {
if(strpos($v,'=') !== false) {
$v = explode('=',$v,2);
$temp[$v[0]] = trim($v[1]);
} else {
$temp[$v] = '';
}
}
$config['content'] = $temp;
}
} else if ($config['format'] == 3) {
if(empty($config['content'])) {
$config['content'] = array();
} else {
$config['content'] = explode("\r\n",$config['content']);
foreach($config['content'] as $k=>$v) {
$config['content'][$k] = trim($v);
}
}
}
$data[$config['tag']] = slashes($config['content'],true);
ini(strtr($config['file'],array(':'=>'/')),$data);
}
$this->tips('11',dreferer());
} else {
$file = isset($_GET['file']) ? $_GET['file'] : '';
if(empty($file))
$this->tips('no_config_file',dreferer());
if($tag) {
$configs = rs('config')->search(array('file'=>$file,'tag'=>$tag));//print_r($configs);exit;
//$configs = $configs['content'];
} else $configs = rs('config')->configs($file);
//print_r($file);exit;
include($this->tpl('config.htm'));
}
}
function data() {
$page = int1(g('page'));
X::$G['do'] = g('d');
if(X::$G['do'] == 'edit') {
$id = (int)$_GET['id'];
$data = DB::result('SELECT * FROM xercms_select_data LIMIT '.(($page-1)*30).',30');
} else if(X::$G['do'] == 'del') {
$id = (int)$_GET['id'];
DB::query('DELETE FROM xercms_select_data WHERE id = \''.$id.'\'');
$this->tips(11,X::$G['urlpath'].'index.php?s=admin&a=data');
} else if(X::$G['do'] == 'save') {
$id = (int)$_GET['id'];$data = p('data');
if(empty($id)) {
DB::insert('xercms_select_data',$data);
} else {
DB::update('xercms_select_data',$data,array('id'=>$id));
}
$this->tips(11,X::$G['urlpath'].'index.php?s=admin&a=data');
} else {
$data = DB::fetch_all('SELECT * FROM xercms_select_data LIMIT '.(($page-1)*30).',30');
}
include($this->tpl('xercms.htm'));
}
function upfiles() {
setformat('json');
$id = (int)g('id');
c('upload')->load($id);
if(empty(c('upload')->config)) {
c('upload')->conf($id,array('maxsize'=>'0','local'=>'1','path'=>'Upfiles/xercms/'));
}
c('upload')->files();
c('upload')->show();
}
function controls() {
$result = '';
$res = DB::query('SELECT * FROM xercms_control WHERE disabled = 0 AND parent = 0');
while($res && $data = DB::fetch($res)) {
$result .= '<div class="hidden" id="_show'.$data['id'].'">'."\r\n";
$res2 = DB::query('SELECT * FROM xercms_control WHERE disabled = 0 AND parent = \''.$data['id'].'\'');
while($res2 && $data2 = DB::fetch($res2)) {
$count = DB::result_first('SELECT count(*) FROM xercms_control WHERE parent = '.$data2['id']);
if($count == 0) {
$result .= '<ul id="_list'.$data2['id'].'">'."\r\n";
$result .= '<li><a href="'.X::$G['urlpath'].$data2['url'].'" '.(empty($data2['extra']) ? '' : $data2['extra']).' target="xercms">'.$data2['title'].'</a></li>';
$result .= '</ul>'."\r\n";
continue;
}
$result .= '<div class="nav" id="nav_'.$data2['id'].'" onclick="slist('.$data2['id'].')">'.$data2['title'].' <span id="list_state_'.$data2['id'].'">≡</span></div>';
$result .= '<ul id="_list'.$data2['id'].'" style="display:block;">'."\r\n";
$res3 = DB::query('SELECT * FROM xercms_control WHERE disabled = 0 AND parent = \''.$data2['id'].'\'');
while($res3 && $data3 = DB::fetch($res3)) {
$result .= '<li><a href="'.$data3['url'].'" '.(empty($data3['extra']) ? '' : $data3['extra']).' target="xercms">◇ '.$data3['title'].'</a></li>';
}
$result .= '</ul>'."\r\n";
}
$result .= '</div>'."\r\n";
}
return $result;
}
function consume() {
$page = int1(g('page'));//print_r(X::$G);exit;
$logs = DB::fetch_all('SELECT l.*,c.name as classname,d.note,d.data,p.nick FROM xercms_funds_record l
LEFT JOIN xercms_consume_class c ON c.id = l.`class`
LEFT JOIN xercms_member_profile p ON p.uid = l.`uid`
LEFT JOIN xercms_funds_detail d ON d.idstr = l.idstr
LIMIT '.(($page-1)*30).',30');
include($this->tpl('xercms.htm'));
}
function payment() {
X::$G['do'] = g('d');
if(X::$G['do'] == 'edit') {
$pid = (int)g('pid');
$payment = DB::result('SELECT * FROM xercms_payment WHERE pid = \''.$pid.'\'');
} else if (X::$G['do'] == 'use') {
$pid = (int)g('pid');
DB::update('xercms_payment',array('state'=>1),array('pid'=>$pid));
$this->tips(11);
} else if (X::$G['do'] == 'save') {
$pid = (int)g('pid');
$payment = p('payment');
if(empty($pid)) {
DB::insert('xercms_payment',$payment);
if(empty($payment['extra'])) {
$payment['extra'] = null;
} else {
$payment['extra'] = explode("\r\n",$payment['extra']);$extra = array();
foreach($payment['extra'] as $k=>$v) {
$v = explode('=',$v,2);
if(!empty($v[0])) {
$extra[$v[0]] = isset($v[1]) ? $v[1] : '';
}
}
$payment['extra'] = $extra;
}
$data[$payment['ename']] = $payment;
ini('pay',$data);
$this->tips(11,X::$G['urlpath'].'index.php?s=admin&a=payment');
}
$extraStr = $payment['extra'];
if(empty($payment['extra'])) {
$payment['extra'] = null;
} else {
$payment['extra'] = explode("\r\n",$payment['extra']);$extra = array();
foreach($payment['extra'] as $k=>$v) {
$v = explode('=',$v,2);
if(!empty($v[0])) {
$extra[$v[0]] = isset($v[1]) ? $v[1] : '';
}
}
$payment['extra'] = $extra;
}
$data[$payment['ename']] = $payment;
ini('pay',$data);
$payment['extra'] = $extraStr;
DB::update('xercms_payment',$payment,array('pid'=>$pid));
$this->tips(11);
} else if (X::$G['do'] == 'stop') {
$pid = (int)g('pid');
DB::update('xercms_payment',array('state'=>0),array('pid'=>$pid));
$this->tips(11);
} else {
$payments = DB::fetch_all('SELECT * FROM xercms_payment');
}
include($this->tpl('xercms.htm'));
}
function shortcutAdd() {
$data['name'] = g('name');
$data['url'] = g('url');
$data['time'] = X::$G['time'];
$data['uid'] = X::$G['uid'];
$id = DB::insert('xercms_shortcut',$data);
exit('ok');
}
function index() {
$topControl = rs('xercms_control')->where(array('disabled'=>0,'parent'=>0))->select(0);
$controls = $this->controls();
//header('content-type:text/html;charset=utf-8');
//print_r($controls);exit;
$Plugin = rs('xercms_plugin')->select(0);;
$Setting = rs('member')->setting(X::$G['uid']);
//$Setting = json_decode($Setting,true);
$shortcut = DB::fetch_all('SELECT * FROM xercms_shortcut WHERE uid = '.X::$G['uid'].' ORDER BY id ASC');
$shortcut[] = array('id'=>'0','name'=>'设置快捷','url'=>'?s=admin&a=shortcut');
$listquick = '';
foreach($shortcut as $k=>$v) {
if(!empty($v['name']) && !empty($v['url'])) {
$listquick .= '<li><a target="xercms" href="'.$v['url'].'">'.$v['name'].'</a></li>';
} else unset($shortcut[$k]);
}
include($this->tpl('index.htm'));
}
function extend() {
libs('#XerCMS_extend');
$page = int1(g('page'));X::$G['do'] = g('d');$type = $_GET['type'];
$ext = new Extend($type);
switch(X::$G['do']) {
case 'del':
$id = (int)g('id');
$ext->del($id);
$ext->cache();
$this->tips(11,'?s=admin&a=extend&d=list&type='.$_GET['type']);
break;
case 'add':
$data = P('extend');
$ext->add($data);
$ext->cache();
$this->tips(11,'?s=admin&a=extend&d=list&type='.$_GET['type']);
break;
case 'update':
$data = P('extend');$id = (int)G('id');
$ext->update($data,$id);
$ext->cache();
$this->tips(11,'?s=admin&a=extend&d=list&type='.$_GET['type']);
break;
case 'edit':
$id = (int)G('id');
$extend = $ext->data($id);
break;
case 'list':
$extend = $ext->select($page,20);
break;
default:
$extend = $ext->index();
break;
}
include_once($this->tpl('xercms.htm'));
}
function shortcut() {
X::$G['do'] = g('d');
switch(X::$G['do']) {
case 'insert':
$id = g('id');$data['name'] = p('name');$data['url'] = p('url');$data['time'] = X::$G['time'];
$data['uid'] = X::$G['uid'];
DB::insert('xercms_shortcut',$data);
$this->tips('11','?s=admin&a=shortcut');
break;
case 'update':
$id = g('id');
if($id == 0) {
$this->tips('此链接无法操作!');
}
$data['name'] = p('name');$data['url'] = p('url');$data['time'] = X::$G['time'];
DB::update('xercms_shortcut',$data,'uid = '.X::$G['uid'].' AND id = '.$id);
$this->tips('11','?s=admin&a=shortcut');
break;
case 'delete':
$id = g('id');
if($id == 0) {
$this->tips('此链接无法删除!');
}
DB::query('DELETE FROM xercms_shortcut WHERE uid = '.X::$G['uid'].' AND id = '.$id);
$this->tips('11','?s=admin&a=shortcut');
break;
default:
$shortcut = DB::fetch_all('SELECT * FROM xercms_shortcut WHERE uid = \''.X::$G['uid'].'\'');
$shortcut[] = array('id'=>'0','name'=>'捷键管理','url'=>'?s=admin&e=shortcut');
break;
}
include($this->tpl('xercms.htm'));
}
function password() {
X::$G['do'] = g('d');
if(X::$G['do'] == 'update') {
$data = p('member');
$info = DB::select_first('xercms_member',array('uid'=>X::$G['uid']));
if(empty($data['password1']) || $data['password1'] != $data['password2']) {
$this->tips('no_common_pass',X::$G['urlpath'].'?s=admin&a=password');
}
if(!empty($data['oldpassword']) && $info['pass'] == md5($data['oldpassword'])) {
DB::update('xercms_member',array('pass'=>md5($data['password1'])),'uid = '.X::$G['uid']);
$this->tips('password_update',X::$G['urlpath'].'?s=admin&a=password');
} else $this->tips('password_old_error',X::$G['urlpath'].'?s=admin&a=password');
}
include($this->tpl('xercms.htm'));
}
function plugin() {
$id = (string)g('id');
X::$G['do'] = g('d');
if(empty($id)) {
$plugins = rs('plugin')->select(0);
$pluginDir = DIR::read('XerCMS/Plugins/');$idleplugins = array();
foreach($pluginDir as $v) {
if(file_exists(INC.'Plugins/'.$v.'/xercms.xml')) {
xml::plugin($v);
if(isset(xml::$dxml['Plugin']['Id'])) {
$state = -1;
foreach($plugins as $p) {
if(xml::$dxml['Plugin']['Id'] == $p['pid']) {
$state = $p['state'];
}
}
if($state == -1) {
$idleplugins[] = array(
'developer'=>xml::$dxml['Plugin']['Developer'],
'link'=>xml::$dxml['Plugin']['Link'],
'logo'=>xml::$dxml['Plugin']['Logo'],
'des'=>xml::$dxml['Plugin']['Language:zh-cn']['Description'],
'contact'=>xml::$dxml['Plugin']['Contact'],
'language'=>xml::$dxml['Plugin']['Language'],
'version'=>xml::$dxml['Plugin']['Version'],
'admin'=>xml::$dxml['Plugin']['Admin'],
'name'=>xml::$dxml['Plugin']['Language:zh-cn']['Name'],
'pid'=>xml::$dxml['Plugin']['Id']
);
}
}
}
}
include($this->tpl('plugin.htm'));
} else {
if(X::$G['do'] != 'install') {
if(preg_match('/([^0-9a-z\_]+)/i',$id) == 0 && strlen($id) < 32 && file_exists(INC.'Data/plugins/'.$id.'.php')) {
$config = ini('plugins/'.$id);
} else $this->tips('No_Plugin','');
}
switch(X::$G['do']) {
case 'install':
install::plugin($id);
echo '<script>parent.addPlugin(\''.xml::$dxml['Plugin']['Id'].'\',\''.xml::$dxml['Plugin']['Language:zh-cn']['Name'].'\',\'?s=admin&a=plugin&id='.xml::$dxml['Plugin']['Id'].'&cp='.xml::$dxml['Plugin']['Admin'].'\');</script>';
$this->tips(11,'?s=admin&a=plugin');
break;
case 'uninstall':
rs('plugin')->where(array('pid'=>$id))->delete();
$config = ini('plugins/'.$id);
rs('control')->where(array('parent'=>6,'title'=>$config['Name']))->delete();
if(file_exists(INC.'Data/plugins/'.$id.'.php'))
@unlink(INC.'Data/plugins/'.$id.'.php');
if(isset($config['Uninstall']) && file_exists(INC.'Plugins/'.$id.'/'.$config['Uninstall'].'.php')) {
include(INC.'Plugins/'.$id.'/'.$config['Uninstall'].'.php');
}
CACHE::template();
echo '<script>parent.reMovePlugin(\''.$id.'\');</script>';
$this->tips(11,'?s=admin&a=plugin');
break;
case 'stop':
rs('xercms_plugin')->where(array('pid'=>$id))->update(array('state'=>0));
ini('plugins/'.$id, array('STATE'=>0));
$this->tips(11,'?s=admin&a=plugin');
break;
case 'run':
rs('xercms_plugin')->where(array('pid'=>$id))->update(array('state'=>1));
ini('plugins/'.$id, array('STATE'=>1));
$this->tips(11,'?s=admin&a=plugin');
break;
default:
$cp = g('cp');
if(X::$G['do'] == 'cp') {
$cp = $config['Admin'];
}
define('DIR',XERCMS.'XerCMS/Plugins/'.$id.'/libs');
utils('form');
$lang = include(INC.'Language/plugin/'.$id.'/'.X::$CONFIG['language'].'.php');
if(preg_match('/([^0-9a-z\_]+)/i',$cp) == 0 && strlen($cp) < 32 && file_exists(INC.'Plugins/'.$id.'/'.$cp.'.php')) {
!defined('NOCHARSET') && header('content-type:text/html;charset=utf-8');
include(INC.'Plugins/'.$id.'/'.$cp.'.php');
} else $this->tips('No_Plugin_Enter','');
break;
}
}
}
}
?>