setbank.php

在传统CMS文章内容管理功能基础上

<?php
/*
    [BBWPS!] (C)2006-2010 小蜜蜂版权所有.
	  This is NOT a freeware, use is subject to license terms
*/

error_reporting(0);
if(!function_exists("CheckRequire")){
	exit("Forbidden");
}
$action=$_GET["act"];
$db= new DB($hostname,$username,$password,$database);
if($action=="search"){
	$bank=$_POST["bank"];
	$bank["count"]=="*"?$countCon="1":$countCon="b.`count` like '%".$bank["count"]."%'";
	$bank["mony"]=="*"?$monyCon="1":$monyCon="b.mony ".$bank["count"];
	$bank["username"]=="*"?$usernameCon="1":$usernameCon="m.username like '%".$bank["username"]."%'";
	$bank["group"]=="0"?$groupCon="1":$groupCon="m.vipum=".$bank["group"];
	if($groupCon=="1"&&$usernameCon=="1"){
		$sql_count="select count(*) as num from {$prefix}bankcard as b where {$monyCon} and {$countCon}";
		$sql="select * from {$prefix}bankcard as b where {$monyCon} and {$countCon}";
	}
	else{
		$sql_count="select count(*) as num from {$prefix}bankcard as b,{$prefix}members as m where m.uid=b.uid and {$monyCon} and {$countCon} and {$usernameCon} and {$groupCon}";
		$sql="select b.*,m.username from {$prefix}bankcard as b,{$prefix}members as m where m.uid=b.uid and {$monyCon} and {$countCon} and {$usernameCon} and {$groupCon}";
	}
	$_GET["next"]?$whichpage=$_GET["next"]:$whichpage=1;
	$lower_item=($whichpage-1)*30;
	$result=$db->query($sql_count,true);
	$rs=$db->fetch_array();
	$allMsg=$rs["num"];
	$allPage=ceil($allMsg/30);
	$db->update($sql);
	$sql.=" limit $lower_item,30";
	$p=new Template("./template/cash/system");
	$db->query($sql,true);
	$p->set_file("handle_list","set_row.html");
	while ($rs=$db->fetch_array()){
		$rs["time"]=date("Y-m-d H:i:s",$rs["time"]);
		$p->set_var($rs);
		$p->parse("banklist","handle_list",true);
	}
	
	$p->set_file("handle","setbank.html");
	$split_page=show_split_page($whichpage,$allPage,"./admin.php?mod=cash/system&f=setbank&c=3");
	$p->set_var("split_page",$split_page);
	$p->set_var("allpage",$allPage);
	$p->set_var("allmsg",$allMsg);
	$p->set_var("whichpage",$whichpage);
	$p->set_var("addcon",urlencode(base64_encode("{$monyCon} and {$countCon} and {$usernameCon} and {$groupCon}")));
	$p->parse("output","handle");
	$p->p("output");
	exit;
}
elseif ($action=="add"){
	$bankid=$_GET["bankid"];
	$addtype=$_GET["addtype"];
	$addcon=$_GET["addcon"];
	if($_POST["reason"]){
		$_POST["date"]=3600*24*$_POST["date"];
		$type=$_POST["type"];
		foreach ($type as $key=>$value){
			$setSql[]="`$value`=$value+".$_POST[$value];
		}
		if($bankid){
			$sql="update {$prefix}bankcard set ".implode(",",$setSql).",reason='".$_POST["reason"]."' where bankid=$bankid limit 1";
			$db->update($sql);
		}
		else{
			if($addtype=="1"){
				$where="uid>0 and status=1";
				$sql="update {$prefix}bankcard set ".implode(",",$setSql).",reason='".$_POST["reason"]."' where $where";
				$db->update($sql);
			}
			elseif ($addtype=="2"){
				$sql_select="select b.bankid from {$prefix}bankcard as b,{$prefix}members as m where m.uid=b.uid and ".base64_decode(urldecode($addcon));
				$db->query($sql_select,true);
				while ($rs=$db->fetch_array()){
					$where="bankid=".$rs["bankid"]." and uid>0 and status=1 limit 1";
					$sql="update {$prefix}bankcard set ".implode(",",$setSql).",reason='".$_POST["reason"]."' where $where";
					$db->update($sql);
				}
			}
			else {
				exit("Forbidden");
			}
		}
		ExeSuccess($langAdminArray["bank_succ"],"./admin.php?mod=cash/system&f=editbank&c=3");
	}
	else{
		$p=new Template("./template/cash/system");
		$p->set_file("handle","add.html");
		$p->set_var("bankid",$bankid);
		$p->set_var("addtype",$addtype);
		$p->set_var("addcon",$addcon);
		$p->parse("output","handle");
		$p->p("output");
	}
}
else{
	$p=new Template("./template/cash/system");
	$p->set_file("handle","setbank.html");
	$sql="select * from {$prefix}permitgroup where popen=1";
	$db->query($sql,true);
	while ($rs=$db->fetch_array()){
		$permitGroup.="<option value=\"".$rs["pgid"]."\">".$rs["pgname"]."</option>";
	}
	$p->set_var("permitGroup",$permitGroup);
	$p->parse("output","handle");
	$p->p("output");
}
?>