sendout.php

用PHP和MSSQL开发的sspace商城系统

<?php
	/*
	+-------------------------------------------
	|
	|   Technology of Wane netware
	|   ========================================
	|   Powered by wan-e.net inc 
	|   (c) 2004 wane.net Power Services
	|   http://www.wan-e.net
	|   ========================================
	|   Web: http://www.wan-e.net
	|
	+-------------------------------------------
	|   Autohr	:	wsfuyibing
	+-------------------------------------------
	*/
	if (!$RIGHT['STORE'])
	{
		$function->showmsg('javascript:history.go(-1)',$LANG_CP_INFO['ACCESS_DENIED'],'10');
	}
	elseif ($submit && $sendoutsubmit)
	{
		extract($LANG_CP_SENDOUT,EXTR_SKIP);
		function getselectsendout()
		{
			global $db,$tablepre,$wane_uid;
			$query=$db->query("select * from {$tablepre}sendout where uid='$wane_uid'");
			$data = "<?php\n 	if (!defined('IN_www.wan-e.net')){exit('Access denied');}\n\n	\$select_sendout_list = array(";
			while ($row=$db->row($query))
			{
				$data .= "\n		'$row[id]'	=>	array(";
				$data .= "\n			'id'		=>	'$row[id]',";
				$data .= "\n			'title'		=>	'".addslashes($row['title'])."',";
				$data .= "\n			'spend'		=>	'$row[spend]',";
				$data .= "\n		),";
			}
			$data .= "\n	);\n?>";
			$sendfile = $wane_root.'upload/sendout/'.$wane_uid.'.php';
			$fp = @fopen($sendfile,'w+');
			@fwrite($fp,$data);
			fclose($fp);
		}
		$sendoutfile = $wane_root.'upload/sendout/'.$wane_uid.'.php';
		if (!is_writable($wane_root.'upload'))
		{
			$function->clickback('Can not write to folder upload');
		}
		if (!is_dir($wane_root.'upload/sendout'))
		{
			@mkdir($wane_root.'upload/sendout',0777);
		}
		if (!is_writable($wane_root.'upload/sendout'))
		{
			$function->clickback('Can not write to folder upload/sendout');
		}
		if (!file_exists($sendoutfile))
		{
			$fp = @fopen($sendoutfile,'w+');
			if (!$fp)
			{
				$function->clickback('Can not Create User Sendout file');
			}
		}
		if (!is_writable($sendoutfile))
		{
			$function->clickback('Can not Write to User Sendout file');
		}
		else
		{
			if ($ntitle)
			{
				$ntitle = $function->wane_str($ntitle,255);
				$db->query("INSERT INTO {$tablepre}sendout VALUES ('NULL','$wane_uid','$ntitle','$nspend')");
				getselectsendout();
				$function->showmsg('index.php?action=memcp&type=sendout',$SUCCESS_NEW);
			}
			elseif (!empty($selects))
			{
				$ids=$comma="";
				foreach ($selects as $id)
				{
					$ids .= "$comma'$id'";
					$comma = ",";
				}
				$query=$db->query("delete from {$tablepre}sendout where id in ($ids) and uid='$wane_uid'");
				getselectsendout();
				$function->showmsg('index.php?action=memcp&type=sendout',$SUCCESS_DELETE);
			}
			elseif (empty($updates))
			{
				$function->showmsg('index.php?action=memcp&type=sendout',$SUCCESS_NOTFOUND);
			}
			else
			{
				foreach ($updates as $id)
				{
					$title = $function->wane_str(${'title'.$id},255);
					$spend = ${'spend'.$id};
					$db->query("UPDATE {$tablepre}sendout SET title='$title',spend='$spend' where id='$id'");
				}
				getselectsendout();
				$function->showmsg('index.php?action=memcp&type=sendout',$SUCCESS_UPDATE);
			}
		}
	}
	else
	{
		extract($LANG_CP_SENDOUT,EXTR_SKIP);
		$query=$db->query("select * from {$tablepre}sendout where uid='$wane_uid'");
		$sendouts = $db->num($query);
	}
?>