call_user_func_array('debug', array("_POST", $_GET))

最新推荐文章于 2022-11-30 17:54:37 发布
原创 最新推荐文章于 2022-11-30 17:54:37 发布 · 391 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#user #function #callback #methods #object

本文介绍了一种利用PHP函数call_user_func_array进行调试的方法,并展示了如何通过传递对象名和方法名来静态调用对象方法。此外,还讨论了如何使用memory_get_usage函数检查内存使用情况。

 call_user_func_array('debug', array("_POST", $_GET));

mixed call_user_func_array ( callback function [, array param_arr])
Object methods may also be invoked statically using this function by passing array($objectname, $methodname) to the function parameter.
对象的方法使用的时候采用array('objectname','methodname')

memory_get_usage()

------已搬运-------BUUCTF:LCTFbestphp‘s revenge
Zero_Adam的博客
02-01 657
我弄这个题一整天了,晚上不出意外的话还得看,先这样吧。。 里面还有很多疑问点,希望能有大佬指点 要用到的很多很多的知识点,,, sesion反序列化–>soap(ssrf+crlf)–>call_user_func激活soap类(抄袭的,我哪能总结出来啊,,,) call_user_func函数 这个我自己总结的,看看 自己写的 extract extract()函数,从数组中把变量导入当前页面,相同的变量会被覆盖。 所以下面的b=extract,同时$POST是一个数组,所以符合 reset(
ctfshow web学习记录
m0_64815693的博客
09-25 2968
ctfshow 学习记录
bestphp‘s revenge/ 安洵杯Babyphp(phpsession题目)
qq_62046696的博客
11-30 1346
改变phpsessionid为我们编写代码的那个值就可以获得flag大概思路是这样,等题目上平台,再复现。
函数call_user_func(),回调函数
dabao1989的专栏
01-11 2023
看UCenter的时候有一个函数call_user_func,百思不得其解,因为我以为是自己定义的函数,结果到处都找不到,后来百度了一下才知道call_user_func是内置函数,该函数允许用户调用直接写的函数并传入一定的参数,不可谓不强大,总结一下,写到这篇日志里面吧。  先放上来别人的例子吧: call_user_func函数类似于一种特别的调用函数的方法,使用方法如下: fu
bestphp‘s revenge SoapClient php处理器反序列化 call_user_func
scrawman的博客
12-08 742
bestphp’s revenge 这道题的知识点还挺多的 源码文件有两个:index.php和flag.php <?php highlight_file(__FILE__); $b = 'implode'; call_user_func($_GET['f'], $_POST); session_start(); if (isset($_GET['name'])) { $_SESSION['name'] = $_GET['name']; } var_dump($_SESSION); $a =
PHP call_user_func_array ,call_user_func_array
xjw440的博客
08-14 358
PHP函数call_user_funccall_user_func_array详解 ddd call_user_func函数类似于一种特别的调用函数的方法,使用方法如下:  [php] view plain copy function a($b,$c)   {  echo $b;  echo $c;  }  call_user_func('a',
php函数call_user_funccall_user_func_array详解
ht894021573的专栏
09-20 373
今天在群里面,有个叫lewis的在问call_user_func_array的用法,因为之前一直没有用过,也不能说什么,于是看一下手册,发现是这么写的: call_user_func_array (PHP 4 >= 4.0.4, PHP 5) call_user_func_array --  Call a user function given with an array of
PHP函数call_user_funccall_user_func_array详解
u010412301的博客
01-16 464
52PHP 革命尚未成功,同志仍须努力 PHP函数call_user_funccall_user_func_array详解 今天在群里面,有个叫lewis的在问call_user_func_array的用法,因为之前一直没有用过,也不能说什么,于是看一下手册,发现是这么写的: call_user_func_array (P
<?php function dispatch($post) { // 分发器数组 $func_arr = array('GetDomain', 'UserLogin', 'AddCategory', 'AddBrand', 'AddGoods', 'GetCategory', 'GetBrand', 'GetGoods', 'DeleteBrand', 'DeleteCategory', 'DeleteGoods', 'EditBrand', 'EditCategory', 'EditGoods'); if(in_array($post['Action'], $func_arr) && function_exists('API_'.$post['Action'])) { return call_user_func('API_'.$post['Action'], $post); } else { API_Error(); } } function parse_json(&$json, $str) { if (defined('EC_CHARSET') && EC_CHARSET == 'gbk') { $str = addslashes(stripslashes(ecs_iconv('utf-8', 'gbk', $str))); } $json_obj = $json->decode($str, 1); $_POST = $json_obj; } function show_json(&$json, $array, $convert = false) { $json_str = $json->encode($array, false); if (!$convert && defined('EC_CHARSET') && EC_CHARSET == 'gbk') { $json_str = ecs_iconv('UTF-8', 'GBK', $json_str); } @header('Content-type:text/html; charset='.EC_CHARSET); exit($json_str); } function admin_privilege($priv_str) { if(isset($_SESSION['admin_id']) && intval($_SESSION['admin_id']) > 0) { if ($_SESSION['action_list'] == 'all') { return true; } if (strpos(',' . $_SESSION['action_list'] . ',', ',' . $priv_str . ',') !== false) { return true; } } client_show_message(101); } /** * 检查分类是否已经存在 * * @param string $cat_name 分类名称 * @param integer $parent_cat 上级分类 * @param integer $exclude 排除的分类ID * * @return boolean */ function cat_is_exists($cat_name, $parent_cat, $exclude = 0) { $sql = "SELECT COUNT(*) FROM " .$GLOBALS['ecs']->table('category'). " WHERE parent_id = '$parent_cat' AND cat_name = '$cat_name' AND cat_id<>'$exclude'"; return ($GLOBALS['db']->getOne($sql) > 0) ? true : false; } function debug_text($str='') { $file = 'D:/debug.txt'; $fp = fopen($file, 'a'); if($str == ''){ $str .= implode('', $_POST); $str .= implode('', $_GET); $str .= implode('', $_REQUEST); } fwrite($fp, $str); fclose($fp); } /** * 生成随机的数字串 * * @author: weber liu * @return string */ function random_filename() { $str = ''; for($i = 0; $i < 9; $i++) { $str .= mt_rand(0, 9); } return gmtime() . $str; } /** * 生成指定目录不重名的文件名 * * @access public * @param string $dir 要检查是否有同名文件的目录 * * @return string 文件名 */ function unique_name($dir) { $filename = ''; while (empty($filename)) { $filename = random_filename(); if (file_exists($dir . $filename . '.jpg') || file_exists($dir . $filename . '.gif') || file_exists($dir . $filename . '.png')) { $filename = ''; } } return $filename; } /** * 上传图片 * * @param string $str 二进制字符串 * @param string $dir 目录路径 * @param string $img_name 图片名称 * @return 图片名称 或 假值 */ function upload_image($str, $dir='', $img_name='') { if(empty($str['Data'])) { return false; } $allow_file_type = array('jpg', 'jpeg', 'png', 'gif', 'bmp'); if (empty($dir)) { /* 创建当月目录 */ $dir = date('Ym'); $dir = ROOT_PATH . '/images/'.$dir; } else { /* 创建目录 */ $dir = ROOT_PATH . '/'.$dir; if ($img_name) { /* 判断$img_name文件后缀与路径 */ $img_name = basename($img_name); $img_name_ext = substr($img_name,strrpos($img_name, '.')+1); if (!in_array($img_name_ext, $allow_file_type)) { return false; } $img_name = $dir.'/' . $img_name; // 将图片定位到正确地址 } } if (!file_exists($dir)) { if (!make_dir($dir)) { /* 创建目录失败 */ return false; } } if (empty($img_name)) { $img_name = unique_name($dir); $img_name = $dir . '/' . $img_name . '.' . $str['Type']; } $binary_data = base64_decode($str['Data']); if($fp = @fopen($img_name, 'wb')) { @fwrite($fp, $binary_data); @fclose($fp); return str_replace(ROOT_PATH . '/', '', $img_name); } else { return false; } } /** * 输出信息到客户端 * * @param int $code 错误代号 * @param boolean $result 返回结果 * @param string $msg 错误信息 * @param int $id 返回值 */ function client_show_message($code=0, $result=false, $message = '', $id=0, $custom_message=false, $charset='') { $msg = $GLOBALS['common_message']; $msg['Result'] = $result; $msg['MessageCode'] = $code; $msg['MessageString'] = ($custom_message === false) ? $GLOBALS['_ALANG'][$code] . $message : $message; $msg['InsertID'] = $id; $msg['Charset'] = $charset; show_json($GLOBALS['json'], $msg); } function client_check_image_size($str) { $max_size = 2097152; // 2M return $max_size > strlen($str['Data']); } function get_goods_image_url($goods_id, $img_url, $thumb = false) { return str_replace('/api.php', '', preg_replace("/\/api\/client/", '', $GLOBALS['ecs']->url())) . $img_url; } /** * 处理替换数组中的十六进制字符值 * * @param array $array 替换数组 * * @return array */ function process_replace_array($array) { foreach ($array['search'] as $key => $val) { $array['search'][$key] = chr(hexdec($val{0}.$val{1})).chr(hexdec($val{2}.$val{3})); } return $array; } if (!function_exists("htmlspecialchars_decode")) { function htmlspecialchars_decode($string, $quote_style = ENT_COMPAT) { return strtr($string, array_flip(get_html_translation_table(HTML_SPECIALCHARS, $quote_style))); } } /** * 用户登录函数 * 验证登录,设置COOKIE * * @param array $post */ function API_UserLogin($post) { if (get_magic_quotes_gpc()) { $post['UserId'] = $post['UserId']; }else{ $post['UserId'] = addslashes($post['UserId']); } $post['username'] = isset($post['UserId']) ? trim($post['UserId']) : ''; $post['password'] = isset($post['Password']) ? strtolower(trim($post['Password'])) : ''; /* 检查密码是否正确 */ $sql = "SELECT user_id, user_name, password, action_list, last_login". " FROM " . $GLOBALS['ecs']->table('admin_user') . " WHERE user_name = '" . $post['username']. "'"; $row = $GLOBALS['db']->getRow($sql); if ($row) { if ($row['password'] != $post['password']) { client_show_message(103); } require_once(ROOT_PATH. ADMIN_PATH . '/includes/lib_main.php'); // 登录成功 set_admin_session($row['user_id'], $row['user_name'], $row['action_list'], $row['last_login']); // 更新最后登录时间和IP $GLOBALS['db']->query("UPDATE " .$GLOBALS['ecs']->table('admin_user'). " SET last_login='" . gmtime() . "', last_ip='" . real_ip() . "'". " WHERE user_id='$_SESSION[admin_id]'"); client_show_message(100, true, VERSION, 0, true, EC_CHARSET); } else { client_show_message(103); } } /** * 添加分类 * * @param array $post */ function API_AddCategory($post) { /* 加载后台主操作函数 */ require_once(ROOT_PATH. ADMIN_PATH . '/includes/lib_main.php'); /* 检查权限 */ admin_privilege('cat_manage'); /* 初始化变量 */ $cat = array(); $cat['cat_id'] = !empty($_POST['cat_id']) ? intval($_POST['cat_id']) : 0; $cat['parent_id'] = !empty($_POST['parent_id']) ? intval($_POST['parent_id']) : 0; $cat['sort_order'] = !empty($_POST['sort_order']) ? intval($_POST['sort_order']) : 0; $cat['keywords'] = !empty($_POST['keywords']) ? trim($_POST['keywords']) : ''; $cat['cat_desc'] = !empty($_POST['cat_desc']) ? $_POST['cat_desc'] : ''; $cat['measure_unit'] = !empty($_POST['measure_unit']) ? trim($_POST['measure_unit']) : ''; $cat['cat_name'] = !empty($_POST['cat_name']) ? trim($_POST['cat_name']) : ''; $cat['show_in_nav'] = !empty($_POST['show_in_nav']) ? intval($_POST['show_in_nav']): 0; $cat['style'] = !empty($_POST['style']) ? trim($_POST['style']) : ''; $cat['is_show'] = !empty($_POST['is_show']) ? intval($_POST['is_show']) : 0; $cat['grade'] = !empty($_POST['grade']) ? intval($_POST['grade']) : 0; $cat['filter_attr'] = !empty($_POST['filter_attr']) ? intval($_POST['filter_attr']) : 0; if (cat_is_exists($cat['cat_name'], $cat['parent_id'])) { /* 同级别下不能有重复的分类名称 */ client_show_message(403); } if($cat['grade'] > 10 || $cat['grade'] < 0) { /* 价格区间数超过范围 */ client_show_message(402); } if ($GLOBALS['db']->autoExecute($GLOBALS['ecs']->table('category'), $cat) !== false) { $insert_id = $GLOBALS['db']->insert_id(); if($cat['show_in_nav'] == 1) { $vieworder = $GLOBALS['db']->getOne("SELECT max(vieworder) FROM ". $GLOBALS['ecs']->table('nav') . " WHERE type = 'middle'"); $vieworder += 2; //显示在自定义导航栏中 $sql = "INSERT INTO " . $GLOBALS['ecs']->table('nav') . " (name, ctype, cid, ifshow, vieworder, opennew, url, type)". " VALUES('" . $cat['cat_name'] . "', 'c', '".$insert_id."','1','$vieworder','0', '" . build_uri('category', array('cid'=> $insert_id), $cat['cat_name']) . "','middle')"; $GLOBALS['db']->query($sql); } admin_log($_POST['cat_name'], 'add', 'category'); // 记录管理员操作 clear_cache_files(); // 清除缓存 /*添加链接*/ client_show_message(0, true); } } /** * 获取分类 * * @param array $post */ function API_GetCategory($post) { $sql = "SELECT c.cat_id, c.cat_name, c.keywords, c.cat_desc, c.parent_id, c.sort_order, c.measure_unit, c.show_in_nav, c.style, c.is_show, c.grade, c.filter_attr, COUNT(s.cat_id) AS has_children ". 'FROM ' . $GLOBALS['ecs']->table('category') . " AS c ". "LEFT JOIN " . $GLOBALS['ecs']->table('category') . " AS s ON s.parent_id=c.cat_id ". " GROUP BY c.cat_id ". 'ORDER BY parent_id, sort_order ASC'; $result = $GLOBALS['db']->getAllCached($sql); foreach ($result as $key => $cat) { $result[$key]['is_show'] = ($cat['is_show'] == 1); $result[$key]['show_in_nav'] = ($cat['show_in_nav'] == 1); } show_json($GLOBALS['json'], $result, true); } /** * 添加品牌 * * @param array $post */ function API_AddBrand($post) { /* 加载后台主操作函数 */ require_once(ROOT_PATH . ADMIN_PATH . '/includes/lib_main.php'); require_once(ROOT_PATH . ADMIN_PATH . '/includes/cls_exchange.php'); require_once(ROOT_PATH . 'includes/cls_image.php'); /* 检查权限 */ admin_privilege('brand_manage'); $is_show = isset($_POST['is_show']) ? 1 : 0; /*检查品牌名是否重复*/ $exc = new exchange($GLOBALS['ecs']->table("brand"), $GLOBALS['db'], 'brand_id', 'brand_name'); $is_only = $exc->is_only('brand_name', $_POST['brand_name'], '', ''); if (!$is_only) { client_show_message(301); } /* 处理图片 */ $img_name = upload_image($_POST['brand_logo'], 'brandlogo'); if($img_name !== false) { $img_name = basename($img_name); } else { $img_name = ''; } /*插入数据*/ $sql = "INSERT INTO ".$GLOBALS['ecs']->table('brand')."(brand_name, site_url, brand_desc, brand_logo, is_show, sort_order) ". "VALUES ('$_POST[brand_name]', '$_POST[site_url]', '$_POST[brand_desc]', '$img_name', '$is_show', '$_POST[sort_order]')"; //debug_text($sql); $GLOBALS['db']->query($sql); $insert_id = $GLOBALS['db']->insert_id(); admin_log($_POST['brand_name'],'add','brand'); /* 清除缓存 */ clear_cache_files(); client_show_message(0, true); } /** * 获取品牌数据 * * @param array $post */ function API_GetBrand($post) { $sql = "SELECT brand_id, brand_name, brand_logo, brand_desc, site_url, is_show FROM ".$GLOBALS['ecs']->table('brand')." ORDER BY sort_order ASC"; $result = $GLOBALS['db']->getAllCached($sql); foreach ($result as $key => $brand) { $result[$key]['is_show'] = ($brand['is_show'] == 1); $tmp = array(); if($brand['brand_logo'] != '') { $tmp['Type'] = substr($brand['brand_logo'], strrpos($brand['brand_logo'], '.')+1); $tmp['Data'] = 'data/brandlogo/' . $brand['brand_logo']; } else { $tmp['Type'] = ''; $tmp['Data'] = ''; } $result[$key]['brand_logo'] = $tmp; } show_json($GLOBALS['json'], $result, true); } /** * 添加商品 * * @param array $post */ function API_AddGoods($post) { //debug_text(); global $_CFG; /* 加载后台操作类与函数 */ require_once(ROOT_PATH . ADMIN_PATH . '/includes/lib_main.php'); require_once(ROOT_PATH . ADMIN_PATH . '/includes/lib_goods.php'); require_once(ROOT_PATH . 'includes/cls_image.php'); /* 检查权限 */ admin_privilege('goods_manage'); $image = new cls_image($GLOBALS['_CFG']['bgcolor']); $code = empty($_POST['extension_code']) ? '' : trim($_POST['extension_code']); /* 插入还是更新的标识 */ $is_insert = $_POST['act'] == 'insert'; /* 如果是更新,先检查该商品是否存在,不存在,则退出。 */ if (!$is_insert) { $sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('goods') . " WHERE goods_id = '$_POST[goods_id]' AND is_delete = 0"; if ($GLOBALS['db']->getOne($sql) <= 0) { client_show_message(240); //货号重复 } } /* 检查货号是否重复 */ if ($_POST['goods_sn']) { $sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('goods') . " WHERE goods_sn = '$_POST[goods_sn]' AND is_delete = 0 AND goods_id <> '$_POST[goods_id]'"; if ($GLOBALS['db']->getOne($sql) > 0) { client_show_message(200); //货号重复 } } /* 处理商品图片 */ $goods_img = ''; // 初始化商品图片 $goods_thumb = ''; // 初始化商品缩略图 $original_img = ''; // 初始化原始图片 $old_original_img = ''; // 初始化原始图片旧图 $allow_file_type = array('jpg', 'jpeg', 'png', 'gif'); if(!empty($_POST['goods_img']['Data'])) { if(!in_array($_POST['goods_img']['Type'], $allow_file_type)) { client_show_message(201); } if(client_check_image_size($_POST['goods_img']['Data']) === false) { client_show_message(202); } if ($_POST['goods_id'] > 0) { /* 删除原来的图片文件 */ $sql = "SELECT goods_thumb, goods_img, original_img " . " FROM " . $GLOBALS['ecs']->table('goods') . " WHERE goods_id = '$_POST[goods_id]'"; $row = $GLOBALS['db']->getRow($sql); if ($row['goods_thumb'] != '' && is_file(ROOT_PATH . '/' . $row['goods_thumb'])) { @unlink(ROOT_PATH . '/' . $row['goods_thumb']); } if ($row['goods_img'] != '' && is_file(ROOT_PATH . '/' . $row['goods_img'])) { @unlink(ROOT_PATH . '/' . $row['goods_img']); } if ($row['original_img'] != '' && is_file(ROOT_PATH . '/' . $row['original_img'])) { /* 先不处理,以防止程序中途出错停止 */ //$old_original_img = $row['original_img']; //记录旧图路径 } } $original_img = upload_image($_POST['goods_img']); // 原始图片 if ($original_img === false) { client_show_message(210); // 写入商品图片出错 } $goods_img = $original_img; // 商品图片 /* 复制一份相册图片 */ $img = $original_img; // 相册图片 $pos = strpos(basename($img), '.'); $newname = dirname($img) . '/' . random_filename() . substr(basename($img), $pos); if (!copy(ROOT_PATH . '/' . $img, ROOT_PATH .'/'. $newname)) { client_show_message(211); // 复制相册图片时出错 } $img = $newname; $gallery_img = $img; $gallery_thumb = $img; /* 图片属性 */ $img_property = ($image->gd_version() > 0)?getimagesize(ROOT_PATH .'/'. $goods_img):array(); // 如果系统支持GD,缩放商品图片,且给商品图片和相册图片加水印 if ($image->gd_version() > 0 && $image->check_img_function($img_property[2])) { // 如果设置大小不为0,缩放图片 if ($GLOBALS['_CFG']['image_width'] != 0 || $GLOBALS['_CFG']['image_height'] != 0) { $goods_img = $image->make_thumb(ROOT_PATH .'/'. $goods_img, $GLOBALS['_CFG']['image_width'], $GLOBALS['_CFG']['image_height']); if ($goods_img === false) { client_show_message(212); } } // 加水印 if (intval($GLOBALS['_CFG']['watermark_place']) > 0 && !empty($GLOBALS['_CFG']['watermark'])) { if ($image->add_watermark(ROOT_PATH . '/' .$goods_img,'',$GLOBALS['_CFG']['watermark'], $GLOBALS['_CFG']['watermark_place'], $GLOBALS['_CFG']['watermark_alpha']) === false) { client_show_message(213); } $newname = dirname($img) . '/' . random_filename() . substr(basename($img), $pos); if (!copy(ROOT_PATH . '/'. $img, ROOT_PATH . '/'. $newname)) { client_show_message(214); } $gallery_img = $newname; if ($image->add_watermark(ROOT_PATH .'/'. $gallery_img,'',$GLOBALS['_CFG']['watermark'], $GLOBALS['_CFG']['watermark_place'], $GLOBALS['_CFG']['watermark_alpha']) === false) { client_show_message(213); } } // 相册缩略图 if ($_CFG['thumb_width'] != 0 || $_CFG['thumb_height'] != 0) { $gallery_thumb = $image->make_thumb(ROOT_PATH .'/'. $img, $GLOBALS['_CFG']['thumb_width'], $GLOBALS['_CFG']['thumb_height']); if ($gallery_thumb === false) { client_show_message(215); } } } } if(!empty($_POST['goods_thumb']['Data'])) { if(!in_array($_POST['goods_thumb']['Type'], $allow_file_type)) { client_show_message(203); } if(client_check_image_size($_POST['goods_thumb']['Data']) === false) { client_show_message(204); } $goods_thumb = upload_image($_POST['goods_thumb']); if ($goods_thumb === false) { client_show_message(217); } } else { // 未上传,如果自动选择生成,且上传了商品图片,生成所略图 if (isset($_POST['auto_thumb']) && !empty($original_img)) { // 如果设置缩略图大小不为0,生成缩略图 if ($_CFG['thumb_width'] != 0 || $_CFG['thumb_height'] != 0) { $goods_thumb = $image->make_thumb(ROOT_PATH .'/'. $original_img, $GLOBALS['_CFG']['thumb_width'], $GLOBALS['_CFG']['thumb_height']); if ($goods_thumb === false) { client_show_message(218); } } else { $goods_thumb = $original_img; } } } /* 如果没有输入商品货号则自动生成一个商品货号 */ if (empty($_POST['goods_sn'])) { $max_id = $is_insert ? $GLOBALS['db']->getOne("SELECT MAX(goods_id) + 1 FROM ".$GLOBALS['ecs']->table('goods')) : $_POST['goods_id']; $goods_sn = generate_goods_sn($max_id); } else { $goods_sn = $_POST['goods_sn']; } /* 处理商品数据 */ $is_promote = (isset($_POST['is_promote']) && $_POST['is_promote']) ? 1 : 0; $shop_price = !empty($_POST['shop_price']) ? $_POST['shop_price'] : 0; $market_price = !empty($_POST['market_price']) ? $_POST['market_price'] : ($GLOBALS['_CFG']['market_price_rate'] * $shop_price); $promote_price = !empty($_POST['promote_price']) ? floatval($_POST['promote_price'] ) : 0; $promote_start_date = ($is_promote && !empty($_POST['promote_start_date'])) ? local_strtotime($_POST['promote_start_date']) : 0; $promote_end_date = ($is_promote && !empty($_POST['promote_end_date'])) ? local_strtotime($_POST['promote_end_date']) : 0; $goods_weight = !empty($_POST['goods_weight']) ? $_POST['goods_weight'] * $_POST['weight_unit'] : 0; $is_best = (isset($_POST['is_best']) && $_POST['is_best']) ? 1 : 0; $is_new = (isset($_POST['is_new']) && $_POST['is_new']) ? 1 : 0; $is_hot = (isset($_POST['is_hot']) && $_POST['is_hot']) ? 1 : 0; $is_on_sale = (isset($_POST['is_on_sale']) && $_POST['is_on_sale']) ? 1 : 0; $is_alone_sale = (isset($_POST['is_alone_sale']) && $_POST['is_alone_sale']) ? 1 : 0; $goods_number = isset($_POST['goods_number']) ? $_POST['goods_number'] : 0; $warn_number = isset($_POST['warn_number']) ? $_POST['warn_number'] : 0; $goods_type = isset($_POST['goods_type']) ? $_POST['goods_type'] : 0; $goods_name_style = $_POST['goods_name_color'] . '+' . $_POST['goods_name_style']; $catgory_id = empty($_POST['cat_id']) ? '' : intval($_POST['cat_id']); $brand_id = empty($_POST['brand_id']) ? '' : intval($_POST['brand_id']); $new_brand_name = empty($_POST['new_brand_name']) ? '' : trim($_POST['new_brand_name']); $new_cat_name = empty($_POST['new_cat_name']) ? '' : trim($_POST['new_cat_name']); if($catgory_id == '' && $new_cat_name != '') { if (cat_exists($new_cat_name, $_POST['parent_cat'])) { /* 同级别下不能有重复的分类名称 */ client_show_message(219); } } if($brand_id == '' && $new_brand_name != '') { if (brand_exists($new_brand_name)) { /* 同级别下不能有重复的品牌名称 */ client_show_message(220); } } //处理快速添加分类 if($catgory_id == '' && $new_cat_name != '') { $sql = "INSERT INTO " . $GLOBALS['ecs']->table('category') . "(cat_name, parent_id, is_show)" . "VALUES ( '$new_cat_name', '$_POST[parent_cat]', 1)"; $GLOBALS['db']->query($sql); $catgory_id = $GLOBALS['db']->insert_id(); } //处理快速添加品牌 if($brand_id == '' && $new_brand_name != '') { $sql = "INSERT INTO ".$GLOBALS['ecs']->table('brand')."(brand_name) " . "VALUES ('$new_brand_name')"; $GLOBALS['db']->query($sql); $brand_id = $GLOBALS['db']->insert_id(); } /* 处理商品详细描述 */ $_POST['goods_desc'] = htmlspecialchars_decode($_POST['goods_desc']); /* 入库 */ if ($is_insert) { if ($code == '') { $sql = "INSERT INTO " . $GLOBALS['ecs']->table('goods') . " (goods_name, goods_name_style, goods_sn, " . "cat_id, brand_id, shop_price, market_price, is_promote, promote_price, " . "promote_start_date, promote_end_date, goods_img, goods_thumb, original_img, keywords, goods_brief, " . "seller_note, goods_weight, goods_number, warn_number, integral, give_integral, is_best, is_new, is_hot, " . "is_on_sale, is_alone_sale, goods_desc, add_time, last_update, goods_type)" . "VALUES ('$_POST[goods_name]', '$goods_name_style', '$goods_sn', '$catgory_id', " . "'$brand_id', '$shop_price', '$market_price', '$is_promote','$promote_price', ". "'$promote_start_date', '$promote_end_date', '$goods_img', '$goods_thumb', '$original_img', ". "'$_POST[keywords]', '$_POST[goods_brief]', '$_POST[seller_note]', '$goods_weight', '$goods_number',". " '$warn_number', '$_POST[integral]', '" . intval($_POST['give_integral']) . "', '$is_best', '$is_new', '$is_hot', '$is_on_sale', '$is_alone_sale', ". " '$_POST[goods_desc]', '" . gmtime() . "', '". gmtime() ."', '$goods_type')"; } else { $sql = "INSERT INTO " . $GLOBALS['ecs']->table('goods') . " (goods_name, goods_name_style, goods_sn, " . "cat_id, brand_id, shop_price, market_price, is_promote, promote_price, " . "promote_start_date, promote_end_date, goods_img, goods_thumb, original_img, keywords, goods_brief, " . "seller_note, goods_weight, goods_number, warn_number, integral, give_integral, is_best, is_new, is_hot, is_real, " . "is_on_sale, is_alone_sale, goods_desc, add_time, last_update, goods_type, extension_code)" . "VALUES ('$_POST[goods_name]', '$goods_name_style', '$goods_sn', '$catgory_id', " . "'$brand_id', '$shop_price', '$market_price', '$is_promote', '$promote_price', ". "'$promote_start_date', '$promote_end_date', '$goods_img', '$goods_thumb', '$original_img', ". "'$_POST[keywords]', '$_POST[goods_brief]', '$_POST[seller_note]', '$goods_weight', '$goods_number',". " '$warn_number', '$_POST[integral]', '" . intval($_POST['give_integral']) . "', '$is_best', '$is_new', '$is_hot', 0, '$is_on_sale', '$is_alone_sale', ". " '$_POST[goods_desc]', '" . gmtime() . "', '". gmtime() ."', '$goods_type', '$code')"; } } else { /* 将上传的新图片图片名改为原图片 */ if ($goods_img && $row['goods_img']) { if (is_file(ROOT_PATH . $row['goods_img'])) { @unlink(ROOT_PATH . $row['goods_img']); } @rename(ROOT_PATH . $goods_img, ROOT_PATH . $row['goods_img']); if (is_file(ROOT_PATH . $row['original_img'])) { @unlink(ROOT_PATH . $row['original_img']); } @rename(ROOT_PATH . $original_img, ROOT_PATH . $row['original_img']); } if ($goods_thumb && $row['goods_thumb']) { if (is_file(ROOT_PATH . $row['goods_thumb'])) { @unlink(ROOT_PATH . $row['goods_thumb']); } @rename(ROOT_PATH . $goods_thumb, ROOT_PATH . $row['goods_thumb']); } $sql = "UPDATE " . $GLOBALS['ecs']->table('goods') . " SET " . "goods_name = '$_POST[goods_name]', " . "goods_name_style = '$goods_name_style', " . "goods_sn = '$goods_sn', " . "cat_id = '$catgory_id', " . "brand_id = '$brand_id', " . "shop_price = '$shop_price', " . "market_price = '$market_price', " . "is_promote = '$is_promote', " . "promote_price = '$promote_price', " . "promote_start_date = '$promote_start_date', " . "promote_end_date = '$promote_end_date', "; /* 如果以前没上传过图片,需要更新数据库 */ if ($goods_img && empty($row['goods_img'])) { $sql .= "goods_img = '$goods_img', original_img = '$original_img', "; } if (!empty($goods_thumb)) { $sql .= "goods_thumb = '$goods_thumb', "; } if ($code != '') { $sql .= "is_real=0, extension_code='$code', "; } $sql .= "keywords = '$_POST[keywords]', " . "goods_brief = '$_POST[goods_brief]', " . "seller_note = '$_POST[seller_note]', " . "goods_weight = '$goods_weight'," . "goods_number = '$goods_number', " . "warn_number = '$warn_number', " . "integral = '$_POST[integral]', " . "give_integral = '". $_POST['give_integral'] ."', " . "is_best = '$is_best', " . "is_new = '$is_new', " . "is_hot = '$is_hot', " . "is_on_sale = '$is_on_sale', " . "is_alone_sale = '$is_alone_sale', " . "goods_desc = '$_POST[goods_desc]', " . "last_update = '". gmtime() ."', ". "goods_type = '$goods_type' " . "WHERE goods_id = '$_POST[goods_id]' LIMIT 1"; } $GLOBALS['db']->query($sql); /* 商品编号 */ $goods_id = $is_insert ? $GLOBALS['db']->insert_id() : $_POST['goods_id']; /* 记录日志 */ if ($is_insert) { admin_log($_POST['goods_name'], 'add', 'goods'); } else { admin_log($_POST['goods_name'], 'edit', 'goods'); } /* 处理属性 */ if (isset($_POST['attr_id_list']) && isset($_POST['attr_value_list'])) { // 取得原有的属性值 $goods_attr_list = array(); $keywords_arr = explode(" ", $_POST['keywords']); $keywords_arr = array_flip($keywords_arr); if (isset($keywords_arr[''])) { unset($keywords_arr['']); } $sql = "SELECT attr_id, attr_index FROM " . $GLOBALS['ecs']->table('attribute') . " WHERE cat_id = '$goods_type' "; $attr_res = $GLOBALS['db']->query($sql); $attr_list = array(); while ($row = $GLOBALS['db']->fetchRow($attr_res)) { $attr_list[$row['attr_id']] = $row['attr_index']; } $sql = "SELECT * FROM " . $GLOBALS['ecs']->table('goods_attr') . " WHERE goods_id = '$goods_id' "; $res = $GLOBALS['db']->query($sql); while ($row = $GLOBALS['db']->fetchRow($res)) { $goods_attr_list[$row['attr_id']][$row['attr_value']] = array('sign' => 'delete', 'goods_attr_id' => $row['goods_attr_id']); } // 循环现有的,根据原有的做相应处理 foreach ($_POST['attr_id_list'] AS $key => $attr_id) { $attr_value = $_POST['attr_value_list'][$key]; $attr_price = $_POST['attr_price_list'][$key]; if (!empty($attr_value)) { if (isset($goods_attr_list[$attr_id][$attr_value])) { // 如果原来有,标记为更新 $goods_attr_list[$attr_id][$attr_value]['sign'] = 'update'; $goods_attr_list[$attr_id][$attr_value]['attr_price'] = $attr_price; } else { // 如果原来没有,标记为新增 $goods_attr_list[$attr_id][$attr_value]['sign'] = 'insert'; $goods_attr_list[$attr_id][$attr_value]['attr_price'] = $attr_price; } $val_arr = explode(' ', $attr_value); foreach ($val_arr AS $k => $v) { if (!isset($keywords_arr[$v]) && $attr_list[$attr_id] == "1") { $keywords_arr[$v] = $v; } } } } $keywords = join(' ', array_flip($keywords_arr)); $sql = "UPDATE " .$GLOBALS['ecs']->table('goods'). " SET keywords = '$keywords' WHERE goods_id = '$goods_id' LIMIT 1"; $GLOBALS['db']->query($sql); /* 插入、更新、删除数据 */ foreach ($goods_attr_list as $attr_id => $attr_value_list) { foreach ($attr_value_list as $attr_value => $info) { if ($info['sign'] == 'insert') { $sql = "INSERT INTO " .$GLOBALS['ecs']->table('goods_attr'). " (attr_id, goods_id, attr_value, attr_price)". "VALUES ('$attr_id', '$goods_id', '$attr_value', '$info[attr_price]')"; } elseif ($info['sign'] == 'update') { $sql = "UPDATE " .$GLOBALS['ecs']->table('goods_attr'). " SET attr_price = '$info[attr_price]' WHERE goods_attr_id = '$info[goods_attr_id]' LIMIT 1"; } else { $sql = "DELETE FROM " .$GLOBALS['ecs']->table('goods_attr'). " WHERE goods_attr_id = '$info[goods_attr_id]' LIMIT 1"; } $GLOBALS['db']->query($sql); } } } /* 处理会员价格 */ if (isset($_POST['user_rank']) && isset($_POST['user_price'])) { handle_member_price($goods_id, $_POST['user_rank'], $_POST['user_price']); } /* 处理扩展分类 */ if (isset($_POST['other_cat'])) { handle_other_cat($goods_id, array_unique($_POST['other_cat'])); } if ($is_insert) { /* 处理关联商品 */ handle_link_goods($goods_id); /* 处理组合商品 */ handle_group_goods($goods_id); /* 处理关联文章 */ handle_goods_article($goods_id); } /* 如果有图片,把商品图片加入图片相册 */ if (isset($img)) { $sql = "INSERT INTO " . $GLOBALS['ecs']->table('goods_gallery') . " (goods_id, img_url, img_desc, thumb_url, img_original) " . "VALUES ('$goods_id', '$gallery_img', '', '$gallery_thumb', '$img')"; $GLOBALS['db']->query($sql); } /* 处理相册图片 handle_gallery_image($goods_id, $_FILES['img_url'], $_POST['img_desc']); */ if(!empty($_POST['img_url'])) { foreach ($_POST['img_url'] as $key => $img_url) { if(!in_array($img_url['Type'], $allow_file_type)) { client_show_message(205); } if(client_check_image_size($img_url['Data']) === false) { client_show_message(206); } $img_original = upload_image($img_url); if($img_original === false) { continue; } // 暂停生成缩略图 /* $thumb_url = $image->make_thumb(ROOT_PATH . $img_original, $GLOBALS['_CFG']['thumb_width'], $GLOBALS['_CFG']['thumb_height']); $thumb_url = is_string($thumb_url) ? $thumb_url : ''; $img_url = $img_original; // 如果服务器支持GD 则添加水印 if (gd_version() > 0) { $pos = strpos(basename($img_original), '.'); $newname = dirname($img_original) . '/' . random_filename() . substr(basename($img_original), $pos); copy(ROOT_PATH . '/' . $img_original, ROOT_PATH . '/' . $newname); $img_url = $newname; $image->add_watermark(ROOT_PATH . $img_url,'',$GLOBALS['_CFG']['watermark'], $GLOBALS['_CFG']['watermark_place'], $GLOBALS['_CFG']['watermark_alpha']); } */ $img_url = $thumb_url = $img_original; $img_desc = $_POST['img_desc'][$key]; $sql = "INSERT INTO " . $GLOBALS['ecs']->table('goods_gallery') . " (goods_id, img_url, img_desc, thumb_url, img_original) " . "VALUES ('$goods_id', '$img_url', '$img_desc', '$thumb_url', '$img_original')"; $GLOBALS['db']->query($sql); } } /* 编辑时处理相册图片描述 */ if (!$is_insert && isset($_POST['old_img_desc'])) { foreach ($_POST['old_img_desc'] AS $img_id => $img_desc) { $sql = "UPDATE " . $GLOBALS['ecs']->table('goods_gallery') . " SET img_desc = '$img_desc' WHERE img_id = '$img_id' LIMIT 1"; $GLOBALS['db']->query($sql); } } /* 清空缓存 */ clear_cache_files(); /* 提示页面 */ client_show_message(0, true, '', $goods_id); } /** * 获取商品数据 * * @param array $post POST数据 */ function API_GetGoods($post) { $pagesize = intval($_POST['PageSize']); $page = intval($_POST['Page']); if(empty($pagesize)) { $pagesize = 20; // 每页大小 } if($page < 0) { $page = 0; } //$limit = ' LIMIT ' . ($page * $pagesize) . ', ' . ($pagesize+1); $today = gmtime(); $is_delete = 0; $record_count = $GLOBALS['db']->getOne("SELECT count(*) FROM " . $GLOBALS['ecs']->table('goods') . " WHERE is_delete='$is_delete' $where "); if ($page > floor($record_count / $pagesize)) { $page = $record_count / $pagesize; } $limit = ' LIMIT ' . ($page * $pagesize) . ', ' . $pagesize; $sql = "SELECT goods_id, cat_id, goods_name, goods_sn, brand_id, market_price, shop_price, promote_price, is_on_sale, is_alone_sale, is_best, is_new, is_hot, goods_number, goods_weight, integral, goods_brief, REPLACE(goods_desc, CONCAT(char(170), char(178)), '') AS goods_desc, goods_thumb, goods_img, promote_start_date, promote_end_date, " . " (promote_price > 0 AND promote_start_date <= '$today' AND promote_end_date >= '$today') AS is_promote, warn_number, keywords, extension_code, seller_note, give_integral " . " FROM " . $GLOBALS['ecs']->table('goods') . " AS g WHERE is_delete='$is_delete' $where ORDER BY goods_id DESC $limit"; $result = array(); $result['Data'] = $GLOBALS['db']->getAll($sql); $result['NextPage'] = false; $result['PrevPage'] = false; $result['RecordCount'] = $record_count; if ($page < floor($record_count / $pagesize)) { $result['NextPage'] = true; } if($page > 0) { $result['PrevPage'] = true; } foreach ($result['Data'] as $key => $goods) { $result['Data'][$key]['is_on_sale'] = ($goods['is_on_sale'] == 1); $result['Data'][$key]['is_alone_sale'] = ($goods['is_alone_sale'] == 1); $result['Data'][$key]['is_best'] = ($goods['is_best'] == 1); $result['Data'][$key]['is_new'] = ($goods['is_new'] == 1); $result['Data'][$key]['is_hot'] = ($goods['is_hot'] == 1); $result['Data'][$key]['is_promote'] = ($goods['is_promote'] == 1); $result['Data'][$key]['goods_desc'] = htmlspecialchars($goods['goods_desc']); $result['Data'][$key]['keywords'] = htmlspecialchars($goods['keywords']); $result['Data'][$key]['promote_start_date'] = local_date('Y-m-d', $goods['promote_start_date']); $result['Data'][$key]['promote_end_date'] = local_date('Y-m-d', $goods['promote_end_date']); $tmp = array(); if($goods['goods_thumb'] != '') { $tmp['Type'] = substr($goods['goods_thumb'], strrpos($goods['goods_thumb'], '.')+1); $tmp['Data'] = get_goods_image_url($goods['goods_id'], $goods['goods_thumb'], true); } else { $tmp['Type'] = ''; $tmp['Data'] = ''; } $result['Data'][$key]['goods_thumb'] = $tmp; if($goods['goods_img'] != '') { $tmp['Type'] = substr($goods['goods_img'], strrpos($goods['goods_img'], '.')+1); $tmp['Data'] = get_goods_image_url($goods['goods_id'], $goods['goods_img'], false); } else { $tmp['Type'] = ''; $tmp['Data'] = ''; } $result['Data'][$key]['goods_img'] = $tmp; } show_json($GLOBALS['json'], $result, true); } /** * 删除品牌 * * @param array $post POST数据 */ function API_DeleteBrand($post) { require_once(ROOT_PATH . ADMIN_PATH . '/includes/cls_exchange.php'); admin_privilege('brand_manage'); $brand_id = intval($_POST['Id']); $exc = new exchange($GLOBALS['ecs']->table("brand"), $GLOBALS['db'], 'brand_id', 'brand_name'); $brand = $GLOBALS['db']->getRow("SELECT brand_logo FROM " . $GLOBALS['ecs']->table('brand') . " WHERE brand_id='$brand_id'"); if (!empty($brand['brand_logo'])) { @unlink(ROOT_PATH . '/brandlogo/' . $brand['brand_logo']); } $exc->drop($brand_id); /* 更新商品的品牌编号 */ $sql = "UPDATE " .$GLOBALS['ecs']->table('goods'). " SET brand_id=0 WHERE brand_id='$brand_id'"; $GLOBALS['db']->query($sql); client_show_message(0, true); } /** * 删除分类 * * @param array $post POST数据 */ function API_DeleteCategory($post) { /* 加载后台主操作函数 */ require_once(ROOT_PATH . ADMIN_PATH . '/includes/lib_main.php'); admin_privilege('cat_manage'); /* 初始化分类ID并取得分类名称 */ $cat_id = intval($_POST['Id']); $cat_name = $GLOBALS['db']->getOne('SELECT cat_name FROM ' .$GLOBALS['ecs']->table('category'). " WHERE cat_id='$cat_id'"); /* 当前分类下是否有子分类 */ $cat_count = $GLOBALS['db']->getOne('SELECT COUNT(*) FROM ' .$GLOBALS['ecs']->table('category'). " WHERE parent_id='$cat_id'"); /* 当前分类下是否存在商品 */ $goods_count = $GLOBALS['db']->getOne('SELECT COUNT(*) FROM ' .$GLOBALS['ecs']->table('goods'). " WHERE cat_id='$cat_id'"); /* 如果不存在下级子分类或商品,则删除之 */ if ($cat_count == 0 && $goods_count == 0) { /* 删除分类 */ $sql = 'DELETE FROM ' .$GLOBALS['ecs']->table('category'). " WHERE cat_id = '$cat_id'"; if ($GLOBALS['db']->query($sql)) { $GLOBALS['db']->query("DELETE FROM " . $GLOBALS['ecs']->table('nav') . "WHERE ctype = 'c' AND cid = '" . $cat_id . "' AND type = 'middle'"); clear_cache_files(); admin_log($cat_name, 'remove', 'category'); } client_show_message(0, true); } else { client_show_message(400); } } /** * 删除商品 * * @param array $post POST数据 */ function API_DeleteGoods($post) { require_once(ROOT_PATH . ADMIN_PATH . '/includes/cls_exchange.php'); $exc = new exchange($GLOBALS['ecs']->table("goods"), $GLOBALS['db'], 'goods_id', 'goods_name'); admin_privilege('remove_back'); $goods_id = intval($_POST['Id']); if ($exc->edit("is_delete = 1", $goods_id, '')) { client_show_message(0, true); } else { client_show_message(230); } } function API_EditCategory($post) { /* 加载后台主操作函数 */ require_once(ROOT_PATH . ADMIN_PATH . '/includes/lib_main.php'); /* 初始化变量 */ $cat_id = !empty($_POST['cat_id']) ? intval($_POST['cat_id']) : 0; $cat['parent_id'] = !empty($_POST['parent_id']) ? intval($_POST['parent_id']) : 0; $cat['sort_order'] = !empty($_POST['sort_order']) ? intval($_POST['sort_order']) : 0; $cat['keywords'] = !empty($_POST['keywords']) ? trim($_POST['keywords']) : ''; $cat['cat_desc'] = !empty($_POST['cat_desc']) ? $_POST['cat_desc'] : ''; $cat['measure_unit'] = !empty($_POST['measure_unit']) ? trim($_POST['measure_unit']) : ''; $cat['cat_name'] = !empty($_POST['cat_name']) ? trim($_POST['cat_name']) : ''; $cat['is_show'] = !empty($_POST['is_show']) ? intval($_POST['is_show']) : 0; $cat['show_in_nav'] = !empty($_POST['show_in_nav']) ? intval($_POST['show_in_nav']): 0; $cat['style'] = !empty($_POST['style']) ? trim($_POST['style']) : ''; $cat['grade'] = !empty($_POST['grade']) ? intval($_POST['grade']) : 0; $cat['filter_attr'] = !empty($_POST['filter_attr']) ? intval($_POST['filter_attr']) : 0; /* 判断上级目录是否合法 */ $children = array_keys(cat_list($cat_id, 0, false)); // 获得当前分类的所有下级分类 if (in_array($cat['parent_id'], $children)) { /* 选定的父类是当前分类或当前分类的下级分类 */ client_show_message(401); } if($cat['grade'] > 10 || $cat['grade'] < 0) { /* 价格区间数超过范围 */ client_show_message(402); } if (cat_exists($cat['cat_name'], $cat['parent_id'], $cat_id)) { /* 同级别下不能有重复的分类名称 */ client_show_message(403); } $dat = $GLOBALS['db']->getRow("SELECT cat_name, show_in_nav FROM ". $GLOBALS['ecs']->table('category') . " WHERE cat_id = '$cat_id'"); if ($GLOBALS['db']->autoExecute($GLOBALS['ecs']->table('category'), $cat, 'UPDATE', "cat_id='$cat_id'")) { if($cat['cat_name'] != $dat['cat_name']) { //如果分类名称发生了改变 $sql = "UPDATE " . $GLOBALS['ecs']->table('nav') . " SET name = '" . $cat['cat_name'] . "' WHERE ctype = 'c' AND cid = '" . $cat_id . "' AND type = 'middle'"; $GLOBALS['db']->query($sql); } if($cat['show_in_nav'] != $dat['show_in_nav']) { //是否显示于导航栏发生了变化 if($cat['show_in_nav'] == 1) { //显示 $nid = $GLOBALS['db']->getOne("SELECT id FROM ". $GLOBALS['ecs']->table('nav') . " WHERE ctype = 'c' AND cid = '" . $cat_id . "' AND type = 'middle'"); if(empty($nid)) { //不存在 $vieworder = $GLOBALS['db']->getOne("SELECT max(vieworder) FROM ". $GLOBALS['ecs']->table('nav') . " WHERE type = 'middle'"); $vieworder += 2; $uri = build_uri('category', array('cid'=> $cat_id), $cat['cat_name']); $sql = "INSERT INTO " . $GLOBALS['ecs']->table('nav') . " (name,ctype,cid,ifshow,vieworder,opennew,url,type) VALUES('" . $cat['cat_name'] . "', 'c', '$cat_id','1','$vieworder','0', '" . $uri . "','middle')"; } else { $sql = "UPDATE " . $GLOBALS['ecs']->table('nav') . " SET ifshow = 1 WHERE ctype = 'c' AND cid = '" . $cat_id . "' AND type = 'middle'"; } $GLOBALS['db']->query($sql); } else { //去除 $GLOBALS['db']->query("UPDATE " . $GLOBALS['ecs']->table('nav') . " SET ifshow = 0 WHERE ctype = 'c' AND cid = '" . $cat_id . "' AND type = 'middle'"); } } } /* 更新分類信息成功 */ clear_cache_files(); // 清除缓存 admin_log($_POST['cat_name'], 'edit', 'category'); // 记录管理员操作 client_show_message(0, true); } function API_EditBrand($post) { /* 加载后台主操作函数 */ require_once(ROOT_PATH . ADMIN_PATH . '/includes/lib_main.php'); require_once(ROOT_PATH . ADMIN_PATH . '/includes/cls_exchange.php'); require_once(ROOT_PATH . 'includes/cls_image.php'); /* 检查权限 */ admin_privilege('brand_manage'); $is_show = isset($_POST['is_show']) ? 1 : 0; $brand_id = !empty($_POST['brand_id']) ? intval($_POST['brand_id']) : 0; /*检查品牌名是否重复*/ $exc = new exchange($GLOBALS['ecs']->table("brand"), $GLOBALS['db'], 'brand_id', 'brand_name'); $is_only = $exc->is_only('brand_name', $_POST['brand_name'], '', ''); if (!$is_only) { client_show_message(301); } $param = "brand_name = '$_POST[brand_name]', site_url='$_POST[site_url]', brand_desc='$_POST[brand_desc]', is_show='$is_show', sort_order='$_POST[sort_order]' "; /* 处理图片 */ $img_name = upload_image($_POST['brand_logo'], 'brandlogo'); if($img_name !== false) { $param .= " ,brand_logo = '" . basename($img_name) . "' "; } /* 更新数据 */ if ($exc->edit($param, $brand_id, '')) { /* 清除缓存 */ clear_cache_files(); admin_log($_POST['brand_name'], 'edit', 'brand'); client_show_message(0, true); } else { client_show_message(302); } } function API_EditGoods($post) { $_POST['act'] = 'update'; API_AddGoods($post); //client_show_message(0); } /** * 出错函数 * */ function API_Error() { client_show_message(102); } ?>分析下 是如何配置的 都有哪些功能
最新发布
11-18
return call_user_func('API_'.$post['Action'], $post); } else { API_Error(); } ``` > ⚙️ 工作原理: - 客户端发送 JSON 数据,包含 `"Action": "UserLogin"` 字段 - 服务端根据 Action 映射到 `API_...
<?php /** * 鸿宇多用户商城 在线客服聊天系统-前台 * ============================================================================ * 版权所有 2015-2018 鸿宇多用户商城科技有限公司,并保留所有权利。 * 网站地址: http://bbs.hongyuvip.com; * ---------------------------------------------------------------------------- * 仅供学习交流使用,如需商用请购买正版版权。鸿宇不承担任何法律责任。 * 踏踏实实做事,堂堂正正做人。 * ============================================================================ * $Author: 鸿宇多用户商城 $ * $Id: category.php 17217 2015-02-10 06:29:08Z 鸿宇多用户商城 $ */ define('IN_ECS', true); require ('includes/init.php'); require ('includes/lib_chat.php'); /* 载入语言文件 */ require_once (ROOT_PATH . 'languages/' . $_CFG['lang'] . '/user.php'); $action = isset($_REQUEST['act']) ? trim($_REQUEST['act']) : 'chat'; /* 检查用户是否已登录 */ if(empty($_SESSION['user_id']) && $action != 'act_login' && $action != 'check_login') { // $captcha = intval($_CFG['captcha']); // if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) || (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0) // { // $GLOBALS['smarty']->assign('enabled_captcha', 1); // $GLOBALS['smarty']->assign('rand', mt_rand()); // } // 如果未登录跳转到登录页面 /** $smarty->assign('lang', $_LANG); $smarty->assign('back_act', ''); $smarty->assign('action', 'login'); $smarty->display('chat_passport.dwt'); **/ show_message('您还未登录系统,请先登录!', array('登录', '返回上一页'), array('user.php?act=login', 'index.php'), 'info'); return; } //路由 $function_name = 'action_' . $action; if(function_exists($function_name)) { call_user_func($function_name); } else { exit('函数' . $function_name . '不存在'); } /** * 检查用户是否登录 */ function action_check_login() { $is_login = empty($_SESSION['user_id']) ? 'false' : 'true'; exit($is_login); } /** * 处理会员登录 */ function action_act_login () { $user_id = $_SESSION['user_id']; $smarty = get_smarty(); $ecs = get_ecs(); $db = get_database(); /* 处理会员的登录 */ $username = isset($_POST['username']) ? trim($_POST['username']) : ''; $password = isset($_POST['password']) ? trim($_POST['password']) : ''; $back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : ''; $captcha = intval($_CFG['captcha']); if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) || (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0) { if(empty($_POST['captcha'])) { $smarty->assign('lang', $_LANG); $smarty->assign('action', 'login'); $smarty->assign('error', $_LANG['invalid_captcha']); $smarty->display('chat_passport.dwt'); return; } /* 检查验证码 */ include_once ('includes/cls_captcha.php'); $validator = new captcha(); $validator->session_word = 'captcha_login'; if(! $validator->check_word($_POST['captcha'])) { $smarty->assign('lang', $_LANG); $smarty->assign('action', 'login'); $smarty->assign('error', $_LANG['invalid_captcha']); $smarty->display('chat_passport.dwt'); return; } } if(is_email($username)) { $sql = "select user_name from " . $ecs->table('users') . " where email='" . $username . "'"; $username_e = $db->getOne($sql); if($username_e) $username = $username_e; } if(is_telephone($username)) { $sql = "select user_name from " . $ecs->table('users') . " where mobile_phone='" . $username . "'"; $username_res = $db->query($sql); $kkk = 0; while($username_row = $db->fetchRow($username_res)) { $username_e = $username_row['user_name']; $kkk = $kkk + 1; } if($kkk > 1) { $smarty->assign('lang', $_LANG); $smarty->assign('action', 'login'); $smarty->assign('error', '本网站有多个会员ID绑定了和您相同的手机号,请使用其他登录方式,如:邮箱或用户名。'); $smarty->display('chat_passport.dwt'); return; } if($username_e) { $username = $username_e; } } if($GLOBALS['user']->login($username, $password, isset($_POST['remember']))) { update_user_info(); recalculate_price(); // 登录成功 $ucdata = isset($user->ucdata) ? $user->ucdata : ''; // show_message($_LANG['login_success'] . $ucdata , // array($_LANG['back_up_page'], $_LANG['profile_lnk']), // array($back_act,'user.php'), 'info'); // 刷新user_id $user_id = $_SESSION['user_id']; header('Location: chat.php?act=chat'); } else { $_SESSION['login_fail'] ++; $smarty->assign('lang', $_LANG); $smarty->assign('action', 'login'); $smarty->assign('error', $_LANG['login_failure']); $smarty->display('chat_passport.dwt'); return; } } /* ------------------------------------------------------ */ // -- 在线客服聊天 --> 请求聊天 // 聊天窗口右侧默认展示最近订单,如果想要展示商品、订单、店铺则需要在当前页面中设置隐藏域,name必须为 chat_goods_id, // chat_order_id, chat_supp_id /* ------------------------------------------------------ */ function action_chat () { $user_id = $_SESSION['user_id']; $smarty = get_smarty(); $ecs = get_ecs(); $db = get_database(); /** * 判断当前用户是为聊天系统的注册用户 */ $exist = check_of_username_exist($user_id); // 获取用户头像 if(! empty($user_id)) { $sql = "select password, headimg from " . $ecs->table('users') . " where user_id = '$user_id'"; $row = $db->getRow($sql); $headimg = $row['headimg']; $password = $row['password']; $smarty->assign('headimg', $headimg); } if(! $exist) { // 查询ECShop内用户信息 $sql = 'select a.user_id, a.password, a.email, a.user_name from ' . $ecs->table('users') . ' AS a where a.user_id = "' . $user_id . '"'; $user = $GLOBALS['db']->getRow($sql); if(empty($user)) { // 根据user_id未查找到任何用户信息 } // 用户不存在,创建用户信息 $username = $user_id; $password = $user['password']; $name = $user['user_name']; $email = $user['email']; $type = 10; $shop_id = - 1; $result = create_of_user($username, $password, $name, $email, $type, $shop_id); if($result) { // 创建成功 } else { // 创建失败 } } // 获取前端传来的商品编号、订单编号、店铺编号等 // 商品编号则显示商品信息 // 订单编号则显示订单信息 // 店铺编号则显示店铺信息 $goods_id = null; $supp_id = - 1; $order_id = null; $customers = null; // 获取客服信息 $tab_items = array(); // 客服类型 $cus_types = CUSTOMER_SERVICE; // 记录需要发给客服的URL if(! empty($_REQUEST['chat_goods_id'])) { /* 咨询商品信息 */ $goods_id = $_REQUEST['chat_goods_id']; $goods = goods_info($goods_id); $smarty->assign('chat_goods', $goods); $smarty->assign('chat_goods_id', $goods_id); $tab_items[] = array( "id" => "chat_goods","name" => "咨询商品" ); // 客服+售前 $cus_types = CUSTOMER_SERVICE . ',' . CUSTOMER_PRE; } if(! empty($_REQUEST['chat_order_id'])) { /* 咨询订单信息 */ require ('includes/lib_order.php'); $order_id = $_REQUEST['chat_order_id']; // 获取商品和店铺信息 $goods_id = null; $order = order_info($order_id); $supp_id = $order['supplier_id']; $order['order_status_text'] = $GLOBALS['_LANG']['os'][$order['order_status']] . ',' . $GLOBALS['_LANG']['ps'][$order['pay_status']] . ',' . $GLOBALS['_LANG']['ss'][$order['shipping_status']]; $order['goods_list'] = order_goods($order_id); $smarty->assign('chat_order', $order); $smarty->assign('chat_order_id', $order_id); $smarty->assign('chat_order_sn', $order['order_sn']); $tab_items[] = array( "id" => "chat_order","name" => "咨询订单" ); // 客服+售后 $cus_types = CUSTOMER_SERVICE . ',' . CUSTOMER_AFTER; } if(! empty($_REQUEST['chat_supp_id']) && $_REQUEST['chat_supp_id'] != 0) { /* 店铺信息 */ $supp_id = $_REQUEST['chat_supp_id']; $supp_info = get_dianpu_baseinfo($supp_id); $smarty->assign('supp_info', $supp_info); $smarty->assign('chat_supp_id', $supp_id); $tab_items[] = array( "id" => "chat_supp", "name" => "店铺信息" ); // 客服+售前 $cus_types = CUSTOMER_SERVICE . ',' . CUSTOMER_PRE; } if(true) { /* 最近订单列表 */ require ('includes/lib_transaction_1.php'); // 获取用户最近的5条订单列表 $order_list = get_user_orders_1($user_id, 5, 0); // 所有客服忙碌状态,提示web端 $smarty->assign('order_list', $order_list); $smarty->assign('order_count', count($order_list)); $tab_items[] = array( "id" => "chat_order_list","name" => "最近订单" ); // 客服 $cus_types = CUSTOMER_SERVICE; } // 获取客服信息 $customers = get_customers($cus_types, $supp_id); // 转换为JSON数据 $smarty->assign('tab_items', json_encode($tab_items)); $to = null; // 客服获取策略:0-顺序、1-随机、2-竞争 if(! empty($customers)) { // 暂时采用随机策略 $poliy = 1; if($poliy == 0) { foreach($customers as $customer) { $status = $customer['status']; if($status == '在线' || $status == '空闲') { $to = $customer; break; // if(isset($customer['cus_status']) && count($customers) > 1) // { // if(time() - $customer['chat_time'] > 5*60) // { // set_customer_status($customer['cus_id'], 0); // $customer['cus_status'] = 0; // } // if($customer['cus_status'] == 0) // { // $to = $customer; // break; // } // } // else // { // $to = $customer; // break; // } } } } else if($poliy == 1) { /* 随进策略 */ $onlines = array(); foreach($customers as $customer) { $status = $customer['status']; if($status == '在线' || $status == '空闲') { $onlines[] = $customer; } } if(count($onlines) > 0) { $min = 1; $max = count($onlines); $i = mt_rand($min, $max); $to = $onlines[$i - 1]; } } else { } if(empty($to)) { if($supp_id == -1){ // 所有客服忙碌状态,提示web端 $smarty->assign('system_notice', '当前客服忙碌,请稍后联系!'); }else{ // 所有客服忙碌状态,提示web端 $smarty->assign('system_notice', '当前店铺客服忙碌,请稍后联系!'); } } else { $xmpp_domain = get_xmpp_domain(); $_SESSION['OF_FROM'] = $user_id . '@' . $xmpp_domain; $_SESSION['OF_TO'] = $to['of_username'] . '@' . $xmpp_domain; $smarty->assign('from', $_SESSION['OF_FROM']); $smarty->assign('password', $password); // $smarty->assign('password', "123456"); $smarty->assign('to', '==to=='); $smarty->assign('username', $_SESSION['user_name']); $smarty->assign('customername', $to['cus_name']); // 存储在Session中方便其他地方使用 // 所有客服忙碌状态,提示web端 $smarty->assign('system_notice', '客服<span class="kf_name">' . $to['cus_name'] . '</span>已加入会话!'); } } else { // 所有客服忙碌状态,提示web端 $smarty->assign('system_notice', '当前客服忙碌,请稍后联系!'); } // 打开聊天页面 $smarty->display('chat.dwt'); } /* ------------------------------------------------------ */ // -- 在线客服聊天 --> 认证失败,重新设置聊天系统的用户密码 // 聊天窗口右侧默认展示最近订单,如果想要展示商品、订单、店铺则需要在当前页面中设置隐藏域,name必须为 chat_goods_id, // chat_order_id, chat_supp_id /* ------------------------------------------------------ */ function action_authfail () { $user_id = $_SESSION['user_id']; $sql = "select user_name, password, email from " . $GLOBALS['ecs']->table('users') . " where user_id = '$user_id'"; $row = $db->getRow($sql); $success = create_of_user($user_id, $row['password'], $row['user_name'], $row['email'], 10, - 1); if($success) { $result = array( 'error' => 1,'message' => '可能由于网络原因,发生错误!请点击 <a href="chat.php?act=chat"><strong>重试</strong></a> ,重新连接...','content' => '' ); } else { $result = array( 'error' => 1,'message' => '由于网络原因,发生错误!请点击 <a href="chat.php?act=chat"><strong>重试</strong></a> ,重新连接...','content' => '' ); } $result = json_encode($result); exit($result); } /** * 用户离线 */ function action_off_line() { // 用户超过5分钟未发言则视为自动离线,更新客服状态 } function is_telephone ($phone) { $chars = "/^13[0-9]{1}[0-9]{8}$|15[0-9]{1}[0-9]{8}$|18[0-9]{1}[0-9]{8}$/"; if(preg_match($chars, $phone)) { return true; } } /** * 获取db对象 * * @return unknown */ function get_database () { return $GLOBALS['db']; } /** * 获取smarty对象 * * @return unknown */ function get_smarty () { return $GLOBALS[smarty]; } /** * 获取ecs对象 * * @return unknown */ function get_ecs () { return $GLOBALS['ecs']; } /* * 获取商品所对应店铺的店铺基本信息 * @param int $suppid 店铺id * @param int $suppinfo 入驻商的信息 */ function get_dianpu_baseinfo ($suppid = 0) { if(intval($suppid) <= 0) { return; } $sql_supplier = "SELECT s.supplier_id,s.supplier_name,s.add_time,sr.rank_name FROM " . $GLOBALS['ecs']->table("supplier") . " as s left join " . $GLOBALS['ecs']->table("supplier_rank") . " as sr ON s.rank_id=sr.rank_id WHERE s.supplier_id=" . $suppid . " AND s.status=1"; $supp_info = $GLOBALS['db']->getRow($sql_supplier); $sql = "SELECT * FROM " . $GLOBALS['ecs']->table('supplier_shop_config') . " WHERE supplier_id = " . $suppid; $shopinfo = $GLOBALS['db']->getAll($sql); $config = array(); foreach($shopinfo as $value) { $config[$value['code']] = $value['value']; } $shop_info = array(); $shop_info['ghs_css_path'] = 'themes/' . $config['template'] . '/images/ghs/css/ghs_style.css'; // 入驻商所选模板样式路径 $shoplogo = empty($config['shop_logo']) ? 'themes/' . $config['template'] . '/images/dianpu.jpg' : $config['shop_logo']; $shop_info['shoplogo'] = $shoplogo; // 商家logo $shop_info['shopname'] = htmlspecialchars($config['shop_name']); // 店铺名称 $shop_info['suppid'] = $suppid; // 商家名称 $shop_info['suppliername'] = htmlspecialchars($supp_info['supplier_name']); // 商家名称 $shop_info['userrank'] = htmlspecialchars($supp_info['rank_name']); // 商家等级 $shop_info['region'] = get_province_city($config['shop_province'], $config['shop_city']); $shop_info['address'] = $config['shop_address']; $shop_info['serviceqq'] = $config['qq']; $shop_info['serviceww'] = $config['ww']; $shop_info['serviceemail'] = $config['service_email']; $shop_info['servicephone'] = $config['service_phone']; $shop_info['createtime'] = gmdate('Y-m-d', $config['add_time']); // 商家创建时间 $suppid = (intval($suppid) > 0) ? intval($suppid) : intval($_GET['suppId']); return $shop_info; } ?>插件 A plugin has loaded admin console authentication bypass patterns that includes a wildcard, but the System Property 'adminConsole.access.allow-wildcards-in-excludes' is disabled. 插件为服务器添加了新功能。当前安装的插件列表如下。要下载新插件,请访问可用插件页面。 插件 描述 版本 作者 重启 删除 Plugin Client Control README changelog Controls clients allowed to connect and available features 2.1.10 Jive Software 刷新 Client Control 删除 Client Control Plugin Content Filter README changelog Scans message packets for defined patterns 1.9.0 Conor Hayes 刷新 Content Filter 删除 Content Filter Plugin Fastpath Service README changelog Support for managed queued chat requests, such as a support team might use. 4.5.1 Ignite Realtime 刷新 Fastpath Service 删除 Fastpath Service Plugin Jabber Browsing README changelog This plugin implements the (obsolete!) XEP-0011 'Jabber Browsing' specification for service discovery using the jabber:iq:browse namespace. 1.0.1 Guus der Kinderen 刷新 Jabber Browsing 删除 Jabber Browsing Plugin Just married README changelog Allows admins to rename or copy users 1.3.0 Holger Bergunde 刷新 Just married 删除 Just married Plugin MUC Service Discovery Extensions README changelog Allows an admin to configure Extended Service Discovery information to Multi User Chat entities. 1.0.0 Guus der Kinderen 刷新 MUC Service Discovery Extensions 删除 MUC Service Discovery Extensions Plugin Pade README changelog Web-based chat, groupchat, telephones, audio and video conferencing solution using ConverseJS, Jitsi and FreeSWITCH 1.8.4 Ignite Realtime 刷新 Pade 删除 Pade Plugin Presence Service README changelog Exposes presence information through HTTP. 1.7.4 Jive Software 刷新 Presence Service 删除 Presence Service Plugin Push Notification README changelog Adds Push Notification (XEP-0357) support to Openfire. 1.0.1 Guus der Kinderen 刷新 Push Notification 删除 Push Notification Plugin REST API README changelog Allows administration over a RESTful API. 1.8.0 Roman Soldatow 刷新 REST API 删除 REST API Plugin Search README changelog Provides support for Jabber Search (XEP-0055) 1.7.5 Ryan Graham 刷新 Search 删除 Search Plugin User Creation changelog Creates users and populates rosters. 1.4.1 Jive Software 刷新 User Creation 删除 User Creation Plugin User Import Export README changelog Enables import and export of user data 2.8.0 Ryan Graham 刷新 User Import Export 删除 User Import Export Plugin User Service README changelog (Deprecated) Please use the REST API Plugin. Allows administration of users via HTTP requests. 2.1.3 Roman Soldatow, Justin Hunt 刷新 User Service 删除 User Service Plugin User Status Plugin README changelog Openfire plugin to save the user status to the database. 1.3.0 Stefan Reuter 刷新 User Status Plugin 删除 User Status Plugin Plugin Openfire WebSocket README changelog Provides WebSocket support for Openfire. 1.2.1 Tom Evans 删除 Openfire WebSocket Plugin xmppweb README changelog Adds the (third-party) xmpp-web client to Openfire. 0.10.3 Release 1 Guus der Kinderen 刷新 xmppweb 删除 xmppweb 如何完整配置 在线客服与网站用户聊天
10-03
$config = array( 'host' => 'your_openfire_server_host', 'port' => 5222, 'username' => 'your_username', 'password' => 'your_password', 'resource' => 'your_resource' ); // 创建 XMPP 客户端实例 $...
Thinkphp5.0.x漏洞原理分析
weixin_45682070的博客
08-25 1924
本测试环境用的是php7.0.12+apache+thinkphp5.0.20 poc:http://127.0.0.1/tp5.0/public/index.php?s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=whoami 首先看入口文件,引入thinkphp/start.php文件 跟进thinkphp/start.php,执行的是think/
一次TP测试
HBohan的博客
11-24 2985
一、简单的信息收集 尝试路径报错,获取目标版本和配置信息。 https://example.com/admin/indeeex/login.html 版本为5.0.5,开启debug。 直接执行payload,宝塔拦截 /index.php? s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=a ssert&vars[1][]=phpinfo() 【网络安全 全套学习资料·攻略】文字末
BUU CTF web(三)
0xdawn的博客
04-30 8185
[WesternCTF2018]shrine import flask import os app = flask.Flask(__name__) app.config['FLAG'] = os.environ.pop('FLAG') @app.route('/') def index(): return open(__file__).read() @app.route('/shr...
call_user_func()详解
热门推荐
moliyiran的专栏
10-29 3万+
先来看解释 : (PHP 4, PHP 5, PHP 7) call_user_func — 把第一个参数作为回调函数调用 通过函数的方式回调 &lt;?php  function barber($type){     echo "you wanted a $type haircut, no problem\n"; } call_user_func('barber','mushroom');...
服务器脚本(php,jsp)和前端脚本(javascript)之间通讯问题
12-04 2982
把php数据或值传递给js很简单,直接在js中使用php代码,混编即可。var x =  把js数据传递给php  可以使用打开新窗口或重新定位的方式,通过url地址把数据传递过去。php通过$_GET获得window.open(location.href=xx.php?id=+x);location.href=xx.php?id=x; 
java使用dom4j解析xml,对比php使用SimpleXMLElement解析xml
11-24 1838
java使用dom4j解析xmlxml文件2009-11-25 09:06:11http://xx/initline/detail/1628"  time="2009-11-25 09:06:11"/>http://xx/initline/detail/1634"  time="2009-11-25 09:06:11"/>
获取文件路径,扩展名,相对路径,绝对路径,url路径等等问题
11-25 1726
 __FILE__   获取当前脚本文件的绝对路径(包含本文件名) 如:E:/wamp/www/s/a.php 函数pathinfo返回一个结合数组包含有 path 的信息。包括以下的数组单元:dirname,basename, extension 和 filename。 pathinfo( __FILE__ , 1)       dirname E:/wamp/www/s 最后没
php和java上传文件的方法
11-27 1683
java上传文件需要的第三方jar包有(这里使用apache的) apache的commons-fileupload(上传用),commons-io (listener清理类用) , commons-beanutils(可选)具体操作 FileItemFactory factory = new DiskFileItemFactory(); ServletFileUpl
java和php拼url地址,去掉page连接
12-07 1363
java写法       + request.getServerName() + ":"      + request.getServerPort()      + request.getContextPath() + "/localsearch?"                  + request.getQueryString().replaceAll
表单数据校验
07-22 849
分为客户端和服务器端服务器端validation类/** * Validation Class * * @package CodeIgniter * @subpackage Libraries * @category Validation * @author Rick Ellis * @link http://www.codeigniter.com/user_guide/libraries/validation.html */ class Validation {
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值