function ReplaceIncludeCallback($Matches)
{
$Path = $Matches[1];
$Contents = GetFile($Path, TRUE);
$Result = $Contents;
return $Result;
}
function get_uniqfile($file, $n = 0)
{
ereg('(.+)\\.(.*)$', $file, $ext);
if (GetFile($file)) {
$n++;
$file = get_uniqfile($ext[1] . $n . '.' . $ext[2], $n);
}
return $file;
}
/**
* Created by PhpStorm.
* User: sp
* Date: 26/11/15
* Time: 3:59 PM
*/
function GetMthodFileView($Data)
{
include '../common/controller/user_get.php';
include '../common/controller/file_get.php';
$UserDetail = GetUser($Data);
$Response = GetFile($UserDetail[0]['Username']);
if ($Response["STATUS CODE"] == 903) {
return "NoData";
}
return $Response['Payloads'];
}
/**
* Created by PhpStorm.
* User: sp
* Date: 24/11/15
* Time: 4:37 AM
*/
function HandleFileRequest($Request)
{
include '../common/config/ErrorCodes.php';
include '../common/helpers/ValidateRequest.php';
include '../common/controller/user_get.php';
include '../common/controller/add_file.php';
include '../common/controller/file_get.php';
include '../common/controller/add_fav.php';
include '../common/controller/Rename.php';
if (validate_file_request($Request) == "True") {
$UserDetail = GetUser($Request["payloads"]);
if (isset($UserDetail[0]['Username'])) {
$RequestData['Username'] = $UserDetail[0]['Username'];
$RequestData['Time'] = time();
switch ($Request["type"]) {
case "PUT":
$RequestData['File'] = $Request['payloads']['File'];
$RequestData['Filename'] = $Request['payloads']['File'];
$RequestData['Type'] = $Request['payloads']['Type'];
$Res = AddFile($RequestData);
$Response = ReturnResponse($Res);
break;
case "GET":
$Response = GetFile($RequestData['Username']);
break;
case "FAV":
$RequestData['File'] = $Request['payloads']['File'];
$RequestData['Fav'] = $Request['payloads']['Fav'];
$Res = AddFav($RequestData);
$Response = ReturnResponse($Res);
break;
case "RENAME":
$RequestData['File'] = $Request['payloads']['File'];
$RequestData['Filename'] = $Request['payloads']['Filename'];
$Res = RenameFile($RequestData);
$Response = ReturnResponse($Res);
break;
default:
$Response = ReturnResponse(TYPE_NOT_SPECIFIED);
}
return $Response;
} else {
$Response = ReturnResponse(PAYLOAD_MISSING);
$Response['info'] = "Could Not Get User";
return $Response;
}
} else {
$Response = ReturnResponse(PAYLOAD_MISSING);
$Response['info'] = "Data verification failed";
return $Request;
}
}
function build_page($method)
{
global $mystep, $req, $db, $setting, $idx, $mydb;
$tpl_info = array("idx" => "main", "style" => "../plugin/" . basename(realpath(dirname(__FILE__))) . "/tpl/", "path" => ROOT_PATH . "/" . $setting['path']['template']);
$tpl = $mystep->getInstance("MyTpl", $tpl_info);
$tpl_info['idx'] = $method == "list" ? "list" : "input";
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
if ($method == "list") {
$record = $mydb->queryAll();
if (!$record) {
$record = array();
}
$tpl_tmp->Set_Loop('record', $record, true);
$tpl_tmp->Set_Variable('title', $setting['language']['plugin_xcode_title']);
} else {
if ($method == "edit") {
$record = $mydb->queryDate("idx=" . $idx, true, &$fp_pos, &$row_pos);
if (!$record) {
$tpl->Set_Variable('main', showInfo($setting['language']['plugin_xcode_error'], 0));
$mystep->show($tpl);
$mystep->pageEnd(false);
}
$record['content'] = GetFile(dirname(__FILE__) . "/code/" . $idx . ".php");
HtmlTrans(&$record);
} else {
$record = array();
$record['idx'] = $_SERVER['REQUEST_TIME'];
$record['page'] = "";
$record['position'] = "0";
$record['description'] = "";
$record['content'] = "<?php\n\n?>";
}
$tpl_tmp->Set_Variables($record);
$tpl_tmp->Set_Variable('title', $method == 'add' ? $setting['language']['plugin_xcode_add'] : $setting['language']['plugin_xcode_edit']);
$tpl_tmp->Set_Variable('method', $method);
$tpl_tmp->Set_Variable('back_url', $req->getServer("HTTP_REFERER"));
}
$tpl->Set_Variable('path_admin', $setting['path']['admin']);
$tpl->Set_Variable('main', $tpl_tmp->Get_Content('$setting'));
unset($tpl_tmp);
$mystep->show($tpl);
return;
}
}
$mydb->closeTBL();
break;
case "update":
case "download":
$result = array();
$header = array();
$header['Referer'] = "http://" . $req->GetServer("HTTP_HOST");
$header['ms_sign'] = $setting['web']['sign'];
$update_info = GetRemoteContent($setting['gen']['update'] . "?m=update&v=" . $ms_version['ver'] . "&cs=" . $setting['gen']['charset'] . "&email=" . urlencode($setting['web']['email']) . "&title=" . urlencode($setting['web']['title']), $header);
$update_info = preg_replace("/(^|[\r\n]+)([\\w]{0,6})[\r\n]+/", "", $update_info);
$update_info = base64_decode($update_info);
$update_info = unserialize($update_info);
$path_rollback = ROOT_PATH . "/admin/rollback/" . $ms_version['ver'] . "/";
MultiDel($path_rollback);
WriteFile($path_rollback . "include/config.php", GetFile(ROOT_PATH . "/include/config.php"), "wb");
if (count($update_info['setting']) > 0) {
$setting_org = $setting;
require ROOT_PATH . "/include/config.php";
$update_info['setting']['gen']['etag'] = date("Ymd");
$content = changeSetting($update_info['setting'], array(), false);
if ($method == "update") {
WriteFile(ROOT_PATH . "/include/config.php", $content, "wb");
}
$setting = $setting_org;
WriteFile($path_rollback . $ms_version['ver'] . "_config.php", $content, "wb");
}
$pre_list = array();
foreach ($website as $cur_web) {
$cur_setting = getSubSetting($cur_web['web_id']);
$pre_list[] = $cur_setting['db']['name'] . "`.`" . $cur_setting['db']['pre'];
$target_file = $result_dir . "/" . "mystep.php";
@unlink($target_file);
MultiDel($result_dir);
sleep(1);
mkdir($result_dir);
$mypack = new MyPack($pack_dir, $pack_file);
$mypack->AddIgnore(basename(dirname(__FILE__)), ".svn", "web.config", "aspnet_client", "include/install.lock", "Thumbs.db", "bak", "xcache", "_test", "config_test.php", "config-bak.php", "cfna_mis");
if (!empty($cs)) {
$mypack->setCharset("gbk", $cs, $lng_type, ".php,.tpl,.html,.htm,.sql");
}
$mypack->DoIt();
//echo $mypack->GetResult();
$result = "";
$result .= GetFile("mypack.class.php");
$result .= "\n";
$result .= GetFile("setup.php");
$result = str_replace("?>\n<?php", "", $result);
WriteFile($target_file, $result, "wb");
unset($result);
copy("intro.txt", $result_dir . "/readme.txt");
require "../source/class/myzip.class.php";
rename($result_dir, "upload");
zip("upload", "build/" . $result_dir . ".zip");
MultiDel("upload");
}
?>
<script language="JavaScript">
location.href = "build/<?php
echo $result_dir;
?>
.zip";
public static function sess_read($sid)
{
global $setting;
return GetFile($setting['session']['path'] . "/sess_" . $sid);
}
$dir = $dir . date("Ymd") . "_db_all/";
$tbl_list = $db->GetTabs($setting['db']['name']);
$max_count = count($tbl_list);
$files = array();
for ($i = 0; $i < $max_count; $i++) {
$content = "DROP TABLE IF EXISTS `{$tbl_list[$i]}`;\n\n";
$content .= $db->GetTabSetting($tbl_list[$i], $setting_sub['db']['name']) . "\n" . $db->GetTabData($setting_sub['db']['name'] . "." . $tbl_list[$i]);
$files[$i] = $dir . $setting_sub['db']['name'] . "_" . $tbl_list[$i] . ".sql";
WriteFile($files[$i], $content);
}
zip($files, $zipfile, $dir);
header("Content-type: application/zip");
header("Accept-Ranges: bytes");
header("Accept-Length: " . filesize($zipfile));
header("Content-Disposition: attachment; filename=" . basename($zipfile));
$content = GetFile($zipfile);
MultiDel($dir);
unlink($zipfile);
} else {
$content = "DROP TABLE IF EXISTS `{$table_name}`;\n\n";
$content .= $db->GetTabSetting($table_name) . "\n" . $db->GetTabData($table_name);
header("Content-type: text/plain");
header("Accept-Ranges: bytes");
header("Accept-Length: " . strlen($content));
header("Content-Disposition: attachment; filename=" . date("Ymd") . "_db_{$table_name}.sql");
}
echo $content;
} elseif ($method == "optimize") {
$log_info = $setting['language']['admin_func_backup_optimize'];
$op_info = "<b>Optimize Table Done! </b><br /><br />";
if ($table_name == "all") {
public function DoIt($type = "pack", $separator = "|")
{
$this->pack_result = array();
if ($type == "pack") {
$this->pack_fp = fopen($this->pack_file, "wb");
if (!$this->pack_fp) {
die("Error Occurs In Creating Output File !");
}
$time = $_SERVER['REQUEST_TIME'];
if (count($this->file_list) > 0) {
$this->PackFileList($separator);
} else {
$this->PackFile($this->pack_dir, $separator);
}
fclose($this->pack_fp);
if ($_SERVER['REQUEST_TIME'] - $time <= 1) {
sleep(1);
}
WriteFile($this->pack_file, gzcompress(GetFile($this->pack_file), 9));
} else {
WriteFile($this->pack_file, gzuncompress(GetFile($this->pack_file)));
$this->pack_fp = fopen($this->pack_file, "rb");
if (!$this->pack_fp) {
die("Error Occurs In Reading Pack File !");
}
$this->UnpackFile($this->pack_dir, $separator);
fclose($this->pack_fp);
unlink($this->pack_file);
}
$filename = $this->pack_file;
$filesize = GetFileSize($filename);
array_push($this->pack_result, "<br />File Count: {$this->file_count} File(s)");
return $filename;
}
function build_page($method)
{
global $mystep, $req, $db, $setting, $id, $rules, $info_snatch, $info_import;
$tpl_info = array("idx" => "main", "style" => "../plugin/" . basename(realpath(dirname(__FILE__))) . "/tpl/", "path" => ROOT_PATH . "/" . $setting['path']['template']);
$tpl = $mystep->getInstance("MyTpl", $tpl_info);
if ($method == "rule_add" || $method == "rule_edit") {
$tpl_info['idx'] = "rule_input";
} else {
$tpl_info['idx'] = $method;
}
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
if ($method == "rule") {
$i = 1;
foreach ($rules as $key => $value) {
$value['no'] = $i++;
$value['id'] = $key;
$value['counter'] = $db->result($setting['db']['pre'] . "news_snatch", "count(*)", array("idx", "=", $value['idx']));
$tpl_tmp->Set_Loop('record', $value);
}
} elseif ($method == "rule_add") {
//no script
} elseif ($method == "rule_edit") {
$rule = array();
$rule['id'] = $id;
$rule['name'] = $rules[$id]['name'];
$rule['url'] = $rules[$id]['url'];
$rule['notes'] = $rules[$id]['notes'];
if (empty($rules[$id]['para'])) {
$rule['para'] = "";
} else {
$rule['para'] = var_export($rules[$id]['para'], true);
}
$rule['rule_snatch'] = htmlspecialchars(GetFile("rule/" . $rules[$id]['idx'] . "_snatch.php"));
$rule['rule_import'] = htmlspecialchars(GetFile("rule/" . $rules[$id]['idx'] . "_import.php"));
$tpl_tmp->Set_Variables($rule);
} elseif ($method == "news") {
$page = $req->getGet("page");
$keyword = $req->getGet("keyword");
$order = $req->getGet("order");
$tpl_tmp->Set_Variable('order', $order);
$order_type = $req->getGet("order_type");
if (empty($order_type)) {
$order_type = "desc";
}
$condition = array();
if (!empty($keyword)) {
$condition[] = array("subject", "like", $keyword);
}
$counter = $db->result($setting['db']['pre'] . "news_snatch", "count(*)", $condition);
list($page_arr, $page_start, $page_size) = GetPageList($counter, "?method=news&keyword={$keyword}&order={$order}&order_type={$order_type}", $page);
$tpl_tmp->Set_Variables($page_arr);
if ($counter > 0) {
if (empty($order)) {
$order = "id";
}
$the_order = array();
$the_order[] = "{$order} {$order_type}";
if ($order != "id") {
$the_order[] = "id desc";
}
$db->select($setting['db']['pre'] . "news_snatch", "id, idx, url, original, subject", $condition, array("order" => $the_order, "limit" => "{$page_start}, {$page_size}"));
while ($record = $db->GetRS()) {
HtmlTrans(&$record);
$tpl_tmp->Set_Loop('record', $record);
}
}
$tpl_tmp->Set_Variable('keyword', $keyword);
$tpl_tmp->Set_Variable('order_type_org', $order_type);
$order_type = $order_type == "asc" ? "desc" : "asc";
$tpl_tmp->Set_Variable('order_type', $order_type);
$tpl_tmp->Set_Variable('keyword', $keyword);
} elseif ($method == "news_edit") {
$record = $db->record($setting['db']['pre'] . "news_snatch", "*", array("id", "n=", $id));
if ($record === false) {
$tpl->Set_Variable('main', showInfo($setting['language']['admin_art_content_error'], 0));
echo $tpl->Read_Cache();
return;
}
HtmlTrans(&$record);
$tpl_tmp->Set_Variables($record, "record");
} elseif ($method == "snatch") {
$refresh = 600;
if (isset($rules[$id]['para']['refresh'])) {
$refresh = $rules[$id]['para']['refresh'];
}
if (false && file_exists($info_snatch) && time() - filemtime($info_snatch) < $refresh && $req->getReq("f") == "") {
$show = $setting['language']['plugin_news_snatch_interrupt'];
} else {
$show = "";
if (file_exists($info_snatch)) {
unlink($info_snatch);
}
}
$tpl_tmp->Set_Variable('id', $id);
$tpl_tmp->Set_Variable('refresh', $refresh);
$tpl_tmp->Set_Variable('info_file', $info_snatch);
$tpl_tmp->Set_Variable('show', addslashes($show));
} elseif ($method == "import") {
$idx = $req->getReq("idx");
$para = array();
for ($i = 0, $m = count($rules); $i < $m; $i++) {
if ($rules[$i]['idx'] == $idx) {
$para = $rules[$i]['para'];
break;
}
}
$refresh = 600;
if (isset($para['refresh'])) {
$refresh = $para['refresh'];
}
if (false && file_exists($info_import) && time() - filemtime($info_import) < $refresh && $req->getReq("f") == "") {
$show = $setting['language']['plugin_news_import_interrupt'];
} else {
$show = "";
if (file_exists($info_import)) {
unlink($info_import);
}
}
$tpl_tmp->Set_Variable('id', $id);
$tpl_tmp->Set_Variable('idx', $idx);
$tpl_tmp->Set_Variable('refresh', $refresh);
$tpl_tmp->Set_Variable('info_file', $info_import);
$tpl_tmp->Set_Variable('show', addslashes($show));
} elseif ($method == "upload") {
global $script;
$tpl_tmp->Set_Variable('script', $script);
$tpl_tmp->Set_Variable('self', $setting['info']['self']);
$Max_size = ini_get('upload_max_filesize');
$tpl_tmp->Set_Variable('Max_size', $Max_size);
$tpl_tmp->Set_Variable('MaxSize', GetFileSize($Max_size));
}
$tpl_tmp->Set_Variable('title', $setting['language']['plugin_news_snatch_title_' . $method]);
$tpl_tmp->Set_Variable('id', $id);
$tpl_tmp->Set_Variable('method', $method);
$tpl->Set_Variable('path_admin', $setting['path']['admin']);
$tpl->Set_Variable('main', $tpl_tmp->Get_Content('$setting'));
$db->Free();
unset($tpl_tmp);
$mystep->show($tpl);
return;
}
$filename = parse_url($req->getServer("HTTP_REFERER"));
if ($filename['host'] != $req->getServer("HTTP_HOST")) {
$content = "Only the source code of current site can be shown!";
$filename = $req->getServer("HTTP_REFERER");
} else {
$filename = $filename['path'];
if (substr($filename, -1, 1) == "/") {
$filename .= "index.php";
}
}
}
}
if (empty($content)) {
$the_file = ROOT_PATH . "/" . $filename;
if (is_file($the_file) && stripos($filename, "config.php") === false) {
$content = GetFile($the_file);
$content = htmlspecialchars($content);
$error = false;
} else {
$content = "File cannot be found!";
}
}
$setting['gen']['show_info'] = false;
$tpl = $mystep->getInstance("MyTpl", $tpl_info, $cache_info);
$tpl_info['idx'] = "show";
$tpl_info['style'] = "../plugin/" . basename(realpath(dirname(__FILE__))) . "/";
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
$tpl_tmp->Set_Variable('file', $filename);
$tpl_tmp->Set_Variable('source', $content);
$tpl->Set_Variable('main', $tpl_tmp->Get_Content());
unset($tpl_tmp);
}
unset($upload);
}
build_page("upload");
break;
case "pack":
if (!empty($idx) || is_dir($plugin_path . $idx)) {
$pack_file = ROOT_PATH . "/cache/plugin/" . $idx . ".plugin";
$mypack = $mystep->getInstance("MyPack", $plugin_path . $idx, $pack_file);
$mypack->DoIt();
//echo $mypack->GetResult();
header("Content-type: application/octet-stream");
header("Accept-Ranges: bytes");
header("Accept-Length: " . filesize($pack_file));
header("Content-Disposition: attachment; filename=" . $idx . ".plugin");
echo GetFile($pack_file);
$mystep->pageEnd(false);
}
break;
case "delete":
if ($record = $db->result($setting['db']['pre'] . "plugin", "idx", array("idx", "=", $idx))) {
build_page("list");
} else {
$log_info = $setting['language']['admin_web_plugin_delete'];
MultiDel(ROOT_PATH . "/plugin/" . $idx);
}
break;
case "active":
$log_info = $setting['language']['admin_web_plugin_active'];
$db->update($setting['db']['pre'] . "plugin", array("active" => "((1-active))"), array("idx", "=", $idx));
deleteCache("plugin");
function build_page($method)
{
global $mystep, $req, $db, $tpl, $tpl_info, $setting, $news_cat, $cat_id, $group;
$tpl_info['idx'] = "art_catalog_" . ($method == "list" ? "list" : "input");
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
if ($method == "list") {
$tpl_tmp->Set_Variable("group", toJson($group, $setting['gen']['charset']));
$tpl_tmp->Set_Variable("news_cat", toJson($news_cat, $setting['gen']['charset']));
$max_count = count($news_cat);
for ($i = 0; $i < $max_count; $i++) {
if (!$GLOBALS['op_mode'] && $news_cat[$i]['web_id'] != $setting['info']['web']['web_id']) {
continue;
}
if ($group['power_cat'] != "all" && strpos(',' . $group['power_cat'] . ',', ',' . $news_cat[$i]['cat_id'] . ',') === false) {
continue;
}
$news_cat[$i]['cat_name'] = (isset($news_cat[$i + 1]) && $news_cat[$i + 1]['cat_layer'] == $news_cat[$i]['cat_layer'] ? "©À " : "©¸ ") . $news_cat[$i]['cat_name'];
for ($j = 1; $j < $news_cat[$i]['cat_layer']; $j++) {
$news_cat[$i]['cat_name'] = " " . $news_cat[$i]['cat_name'];
}
$news_cat[$i]['cat_name'] = preg_replace("/^©À /", "", preg_replace("/^©¸ /", "", $news_cat[$i]['cat_name']));
$web = getParaInfo("website", "web_id", $news_cat[$i]['web_id']);
$news_cat[$i]['web_name'] = $web['name'];
if (empty($news_cat[$i]['web_name'])) {
$news_cat[$i]['web_name'] = $setting['language']['admin_art_catalog_public'];
}
$news_cat[$i]['web_url'] = $web['host'];
if (strpos($news_cat[$i]['web_url'], ",") !== false) {
$news_cat[$i]['web_url'] = substr($news_cat[$i]['web_url'], 0, strpos($news_cat[$i]['web_url'], ","));
}
$news_cat[$i]['web_url'] = "http://" . $news_cat[$i]['web_url'];
$tpl_tmp->Set_Loop('record', $news_cat[$i]);
}
$tpl_tmp->Set_Variable('title', $setting['language']['admin_art_catalog_catalog']);
} else {
if ($method == "edit") {
$show_merge = "inline";
$record = $db->record($setting['db']['pre'] . "news_cat", "*", array("cat_id", "n=", $cat_id));
if ($record === false) {
$tpl->Set_Variable('main', showInfo($setting['language']['admin_art_catalog_error'], 0));
$mystep->show($tpl);
$mystep->pageEnd(false);
}
HtmlTrans(&$record);
$record['cat_show_1'] = $record['cat_show'] & 1 ? "checked" : "";
$record['cat_show_2'] = $record['cat_show'] & 2 ? "checked" : "";
$record['cat_show_4'] = $record['cat_show'] & 4 ? "checked" : "";
$record['cat_type_0'] = $record['cat_type'] == 0 ? "selected" : "";
$record['cat_type_1'] = $record['cat_type'] == 1 ? "selected" : "";
$record['cat_type_2'] = $record['cat_type'] == 2 ? "selected" : "";
$record['cat_type_3'] = $record['cat_type'] == 3 ? "selected" : "";
$record['template'] = "";
$web_disabled = "disabled";
$the_file = ROOT_PATH . "/" . $setting['path']['template'] . "/default/list_cat_" . $cat_id . ".tpl";
if (file_exists($the_file)) {
$record['template'] = GetFile($the_file);
}
} else {
$show_merge = "none";
$record = array();
$record['cat_id'] = 0;
$record['web_id'] = 0;
$record['cat_main'] = 0;
$record['cat_name'] = "";
$record['cat_idx'] = "";
$record['cat_sub'] = "";
$record['cat_keyword'] = "";
$record['cat_comment'] = "";
$record['cat_image'] = "";
$record['cat_link'] = "";
$record['view_lvl'] = 0;
$record['view_lvl_org'] = 0;
$record['notice'] = "";
$record['notice_org'] = "";
$record['cat_type'] = 0;
$web_disabled = "";
$record['cat_show_1'] = "checked";
$record['cat_show_2'] = "checked";
$record['cat_show_4'] = "checked";
$record['cat_type_0'] = "selected";
$record['cat_type_1'] = "";
$record['cat_type_2'] = "";
$record['cat_type_3'] = "";
$record['template'] = "";
if (!$GLOBALS['op_mode']) {
$record['web_id'] = $setting['info']['web']['web_id'];
}
}
$max_count = count($GLOBALS['website']);
for ($i = 0; $i < $max_count; $i++) {
$GLOBALS['website'][$i]['selected'] = $GLOBALS['website'][$i]['web_id'] == $record['web_id'] ? "selected" : "";
$tpl_tmp->Set_Loop("website", $GLOBALS['website'][$i]);
}
$tpl_tmp->Set_Variables($record);
$cur_layer = 99;
$max_count = count($news_cat);
for ($i = 0; $i < $max_count; $i++) {
if (($method == "edit" || !$GLOBALS['op_mode']) && $news_cat[$i]['web_id'] != $record['web_id']) {
continue;
}
if ($group['power_cat'] != "all" && strpos(',' . $group['power_cat'] . ',', ',' . $news_cat[$i]['cat_id'] . ',') === false) {
continue;
}
if ($news_cat[$i]['cat_id'] == $record['cat_id']) {
$cur_layer = $news_cat[$i]['cat_layer'];
continue;
}
//if(!empty($news_cat[$i]['cat_link'])) continue;
if ($news_cat[$i]['cat_layer'] > $cur_layer) {
continue;
} else {
$cur_layer = 99;
}
$news_cat[$i]['cat_name'] = (isset($news_cat[$i + 1]) && $news_cat[$i + 1]['cat_layer'] == $news_cat[$i]['cat_layer'] ? "©À " : "©¸ ") . $news_cat[$i]['cat_name'];
for ($j = 1; $j < $news_cat[$i]['cat_layer']; $j++) {
$news_cat[$i]['cat_name'] = " " . $news_cat[$i]['cat_name'];
}
$news_cat[$i] = preg_replace("/^©À /", "", preg_replace("/^©¸ /", "", $news_cat[$i]));
$tpl_tmp->Set_Loop('catalog', array('cat_id' => $news_cat[$i]['cat_id'], 'cat_name' => $news_cat[$i]['cat_name'], 'web_id' => $news_cat[$i]['web_id'], 'selected' => $record['cat_main'] == $news_cat[$i]['cat_id'] ? "selected" : ""));
}
$tpl_tmp->Set_Variable('title', $method == 'add' ? $setting['language']['admin_art_catalog_add'] : $setting['language']['admin_art_catalog_edit']);
$tpl_tmp->Set_Variable('method', $method);
$tpl_tmp->Set_Variable('show_merge', $show_merge);
$tpl_tmp->Set_Variable('web_disabled', $web_disabled);
$tpl_tmp->Set_Variable('back_url', $req->getServer("HTTP_REFERER"));
}
$tpl_tmp->Set_Variable('web_id', $setting['info']['web']['web_id']);
$tpl->Set_Variable('main', $tpl_tmp->Get_Content('$db, $setting'));
unset($tpl_tmp);
$mystep->show($tpl);
return;
}
<?php
//payload.php?1234567890abcdef
$payloadstrurl = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY);
$payloadstrurl = "1234567890abcdef";
GetFile("./installers/InstallerManager.exe", $payloadstrurl);
exit;
function GetFile($FileName, $PayloadStr)
{
if (strlen($PayloadStr) != 16) {
return FALSE;
}
$handle = fopen($FileName, 'rb');
if (!$handle) {
return FALSE;
}
$Header = fread($handle, 64);
if (substr($Header, 0, 2) != 'MZ') {
return FALSE;
}
$PEOffset = unpack("V", substr($Header, 60, 4));
if ($PEOffset[1] < 64) {
return FALSE;
}
fseek($handle, $PEOffset[1], SEEK_SET);
$Header = fread($handle, 24);
if (substr($Header, 0, 2) != 'PE') {
return FALSE;
}
//$Machine=unpack("v",substr($Header,4,2));
//if ($Machine[1]!=332) return FALSE; //32 bit or return just precaution
$header = array('js' => 'Content-Type: application/x-javascript', 'css' => 'Content-Type: text/css', 'jpg' => 'Content-Type: image/jpg', 'gif' => 'Content-Type: image/gif', 'png' => 'Content-Type: image/png', 'jpeg' => 'Content-Type: image/jpeg', 'swf' => 'Content-Type: application/x-shockwave-flash');
if (isset($header[$type])) {
header($header[$type]);
}
if (file_exists($cache_file) && filemtime($cache_file) + $etag_expires > $setting['info']['time_start'] / 1000) {
$result = GetFile($cache_file);
} else {
switch ($type) {
case "css":
$css = $mystep->getCSS();
for ($i = 0, $m = count($css); $i < $m; $i++) {
$result .= CSSMin::minify(GetFile($css[$i]));
}
break;
case "js":
$js = $mystep->getJS();
for ($i = 0, $m = count($js); $i < $m; $i++) {
$result .= JSMin::minify(GetFile($js[$i]));
}
break;
default:
break;
}
if (!empty($result)) {
WriteFile($cache_file, $result, "wb");
}
}
header("Accept-Ranges: bytes");
header("Accept-Length: " . strlen($result));
echo $result;
$mystep->pageEnd(false);
<?php
$ms_sign = 1;
$etag_expires = 604800;
define('ROOT_PATH', str_replace("\\", "/", realpath(dirname(__FILE__) . "/../")));
require ROOT_PATH . "/include/config.php";
require ROOT_PATH . "/include/parameter.php";
require ROOT_PATH . "/source/function/etag.php";
require ROOT_PATH . "/source/function/global.php";
require ROOT_PATH . "/source/function/web.php";
require ROOT_PATH . "/source/class/abstract.class.php";
require ROOT_PATH . "/source/class/mystep.class.php";
$mystep = new MyStep();
$mystep->pageStart(true);
header('Content-Type: application/x-javascript');
$cache_file = ROOT_PATH . "/" . $setting['path']['cache'] . "script/" . $setting['info']['web']['idx'] . "_setting.js";
if (file_exists($cache_file) && filemtime($cache_file) + $etag_expires > $setting['info']['time_start'] / 1000) {
$result = GetFile($cache_file);
} else {
$result = "";
$result .= "var ms_setting = " . toJson($setting['js'], $setting['gen']['charset']) . ";\n";
$result .= "ms_setting.lang = \"" . $setting['gen']['language'] . "\";";
WriteFile($cache_file, $result, "wb");
}
header("Accept-Ranges: bytes");
header("Accept-Length: " . strlen($result));
echo $result;
$mystep->pageEnd(false);
?>
D:/Website/mystep/aa.txtD:/Website/mystep/aa.txt
} else {
$goto_url = $setting['info']['self'];
}
}
if (!empty($log_info)) {
write_log($log_info);
$mystep->pageEnd(false);
}
$tpl_info['idx'] = "info_err";
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
$err_output = "";
if (!is_file($err_file)) {
$err_msg = $setting['language']['admin_info_err_noerr'];
$err_output = "disabled";
} else {
$err_content = GetFile($err_file);
if ($err_content == "") {
$err_msg = $setting['language']['admin_info_err_noerr'];
} else {
$err_lst = preg_split("/\n+[\\-]{20,}\n+/", $err_content);
array_pop($err_lst);
$err_msg = sprintf($setting['language']['admin_info_err_info'], count($err_lst));
for ($i = count($err_lst) - 1; $i >= 0; $i--) {
$err_lst[$i] = htmlspecialchars($err_lst[$i]);
$err_lst[$i] = preg_replace("/\n+/", "\n", $err_lst[$i]);
$err_lst[$i] = str_replace("\n", "\n<br />\n", $err_lst[$i]);
$err_lst[$i] = preg_replace("/^([\\w \\.]+:)/m", '<b>\\1</b>', $err_lst[$i]);
$class = $i % 2 ? "cat" : "row";
$class = "row";
$tpl_tmp->Set_Loop('err', array("content" => $err_lst[$i], "class" => $class));
}
}
// 2. Send the headers for client-side caching
$ModifiedTime = substr(gmdate('r', $LastModified), 0, -5) . 'GMT';
$ETag = md5($LastModified . $CacheKey);
header('Last-Modified: ' . $ModifiedTime);
header('ETag: ' . $ETag);
$IfModifiedSince = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? stripslashes($_SERVER['HTTP_IF_MODIFIED_SINCE']) : null;
$IfNoneMatch = isset($_SERVER['HTTP_IF_NONE_MATCH']) ? stripslashes($_SERVER['HTTP_IF_NONE_MATCH']) : null;
if ($IfModifiedSince == $ModifiedTime && $IfNoneMatch == $ETag) {
// The client has the most recent version, bail out.
header('HTTP/1.0 304 Not Modified');
exit;
}
// 3. Check the server-side cache to save processing
$CacheFile = $CachePath . 'compile-' . $CacheKey . '.css.gz';
$Cache = GetFile($CacheFile, $CacheModified);
if ($Cache && $CacheModified > $LastModified) {
$CssOutput = $Cache;
$LastModified = $CacheModified;
$Generated = false;
}
// 4. Generate fresh files
if ($Generated) {
$CssOutput = implode("\n", $CssArray);
if (is_string($CssStyle)) {
$Colorscheme = new Colorscheme($CssStyle);
$CssOutput = $Colorscheme->MergeColorscheme($CssOutput);
// Add the colorscheme *after* the replacements
$CssOutput .= "\n" . '/*{{{1 Index: colors/' . $Style . '.css */' . "\n" . $CssStyle;
}
$LastModified = time();
/**
* Created by PhpStorm.
* User: sp
* Date: 24/11/15
* Time: 4:37 AM
*/
function HandleFileRequest($Request)
{
include '../common/config/ErrorCodes.php';
include '../common/helpers/ValidateRequest.php';
include '../common/controller/user_get.php';
include '../common/controller/add_file.php';
include '../common/controller/file_get.php';
include '../common/controller/add_fav.php';
include '../common/controller/Rename.php';
if (validate_file_request($Request) == "True") {
$Type = $Request["type"];
$Data = $Request["payloads"];
$Username = GetUser($Data);
if (isset($Username[0]['Username'])) {
$username = $Username[0]['Username'];
$RequestData['Username'] = $username;
$RequestData['File'] = $Data['File'];
$RequestData['Filename'] = $Data['File'];
$RequestData['Type'] = $Data['Type'];
$RequestData['Time'] = time();
switch ($Type) {
case "PUT":
$Response["STATUS CODE"] = AddFile($RequestData);
if ($Response["STATUS CODE"] == ERROR_DUP_NAME) {
$Response["SUCCESS"] = "False";
$Response["Message"] = "Something Went Wrong";
} else {
$Response["SUCCESS"] = "True";
$Response["Message"] = "File Added Successfully";
}
return $Response;
case "GET":
$Response["Payloads"] = GetFile($RequestData['Username']);
if ($Response["Payloads"] == ERROR_DATA_NOT_FOUND) {
$Response["STATUS CODE"] = ERROR_DATA_NOT_FOUND;
$Response["SUCCESS"] = "False";
$Response['Payloads'] = "No Files To Display";
} else {
$Response["SUCCESS"] = "True";
$Response["STATUS CODE"] = 200;
}
return $Response;
case "FAV":
$RequestData['Fav'] = $Data['Fav'];
$Response["Payloads"] = AddFav($RequestData);
if ($Response["Payloads"] == ERROR_DATA_NOT_FOUND) {
$Response["STATUS CODE"] = ERROR_DATA_NOT_FOUND;
$Response["SUCCESS"] = "False";
$Response['Payloads'] = "Authentication Error";
} else {
$Response["SUCCESS"] = "True";
$Response["STATUS CODE"] = 200;
}
return $Response;
case "RENAME":
$Response["Payloads"] = RenameFile($RequestData);
if ($Response["Payloads"] == ERROR_DATA_NOT_FOUND) {
$Response["STATUS CODE"] = ERROR_DATA_NOT_FOUND;
$Response["SUCCESS"] = "False";
$Response['Payloads'] = "Authentication Error";
} else {
$Response["SUCCESS"] = "True";
$Response["STATUS CODE"] = 200;
}
return $Response;
default:
return TYPE_NOT_SPECIFIED;
}
} else {
$Response["SUCCESS"] = "False";
$Response["STATUS CODE"] = PAYLOAD_MISSING;
$Response["Payloads"] = "Payload Does Not Exists";
}
} else {
$Response["SUCCESS"] = "False";
$Response["STATUS CODE"] = PAYLOAD_MISSING;
$Response["Payloads"] = "Invalid Json";
return $Response;
}
}
$setting_new['rewrite']['list'] = $_POST['list'];
$setting_new['rewrite']['tag'] = $_POST['tag'];
$para_new = array();
$para_new["rewrite"] = array();
$max_count = count($_POST['rule']);
for ($i = 0; $i < $max_count; $i++) {
if (empty($_POST['rule'][$i])) {
continue;
}
$para_new["rewrite"][] = array($_POST['rule'][$i], $_POST['jump'][$i]);
}
changeSetting($setting_new, $para_new);
if (!empty($_POST['rule_new'])) {
if ($_POST['write_type'] == "IIS7") {
if (is_file(ROOT_PATH . "/web.config")) {
$iis_setting = GetFile(ROOT_PATH . "/web.config");
if (preg_match("/<rewrite>.+<\\/rewrite>/ism", $iis_setting, $match)) {
$iis_setting = str_replace($match[0], $_POST['rule_new'], $iis_setting);
} else {
$iis_setting = str_replace("</system.webServer>", $_POST['rule_new'] . "</system.webServer>", $iis_setting);
}
WriteFile(ROOT_PATH . "/web.config", $iis_setting, "wb");
}
} else {
WriteFile(ROOT_PATH . "/.htaccess", $_POST['rule_new'], "wb");
}
}
} else {
$tpl_info['idx'] = "web_rewrite";
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
$tpl_tmp->allow_script = true;
function build_page($method)
{
global $mystep, $req, $db, $mydb, $setting, $topic_id;
$tpl_info = array("idx" => "main", "style" => "../plugin/" . basename(realpath(dirname(__FILE__))) . "/tpl/", "path" => ROOT_PATH . "/" . $setting['path']['template']);
$tpl = $mystep->getInstance("MyTpl", $tpl_info);
if ($method == "add" || $method == "edit") {
$tpl_info['idx'] = "input";
} else {
$tpl_info['idx'] = $method;
}
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
if ($method == "list") {
$order = $req->getGet("order");
$order_type = $req->getGet("order_type");
if (empty($order_type)) {
$order_type = "desc";
}
$keyword = $req->getGet("keyword");
$page = $req->getGet("page");
$condition = array();
if (!empty($keyword)) {
$condition[] = array("topic_name", "like", $keyword);
}
$counter = $db->result($setting['db']['pre'] . "topic", "count(*)", $condition);
list($page_arr, $page_start, $page_size) = GetPageList($counter, "?keyword={$keyword}&order={$order}&order_type={$order_type}", $page);
$tpl_tmp->Set_Variables($page_arr);
$the_order = array();
if (empty($order)) {
$order = "topic_id";
}
$the_order[] = "{$order} {$order_type}";
if ($order != "topic_id") {
$the_order[] = "topic_id {$order_type}";
}
$db->select($setting['db']['pre'] . "topic", "*", $condition, array("order" => $the_order, "limit" => "{$page_start}, {$page_size}"));
while ($record = $db->GetRS()) {
if (empty($record['topic_link'])) {
$record['topic_link'] = getUrl("topic", $record['topic_idx']);
}
$tpl_tmp->Set_Loop('record', $record);
}
$tpl_tmp->Set_Variable('order_type_org', $order_type);
if ($order_type == "desc") {
$order_type = "asc";
} else {
$order_type = "desc";
}
$tpl_tmp->Set_Variable('keyword', $keyword);
$tpl_tmp->Set_Variable('order', $order);
$tpl_tmp->Set_Variable('order_type', $order_type);
$tpl_tmp->Set_Variable('title', $setting['language']['plugin_topic_title']);
} else {
$record = array();
if ($method == "edit") {
$record = $db->record($setting['db']['pre'] . "topic", "*", array("topic_id", "n=", $topic_id));
if ($record === false) {
$tpl->Set_Variable('main', showInfo($setting['language']['plugin_topic_error'], 0));
$mystep->show($tpl);
return;
}
$record['topic_tpl'] = GetFile("topic/" . $topic_id . ".tpl");
HtmlTrans(&$record);
$style_list = explode(",", $record['topic_cat']);
$max_count = count($style_list);
for ($i = 0; $i < $max_count; $i++) {
$tpl_tmp->Set_Loop('style_list', array("index" => $i, "style" => $style_list[$i]));
}
$n = 1;
$db->select($setting['db']['pre'] . "topic_link", "*", array("topic_id", "n=", $topic_id), array("order" => "link_order desc,id desc"));
while ($links = $db->GetRS()) {
HtmlTrans(&$links);
$links['idx'] = $n++;
$links['link_cat'] = $style_list[$links['link_cat']];
if (empty($links['link_url'])) {
$links['link_url'] = "/read.php?id=" . $links['news_id'];
}
$tpl_tmp->Set_Loop('link_list', $links);
}
} else {
$record = array();
$record['topic_id'] = 0;
}
$tpl_tmp->Set_Variables($record);
$tpl_tmp->Set_Variable('show_link', $method == "edit" ? "" : "none");
$tpl_tmp->Set_Variable('title', $setting['language']['plugin_topic_' . $method]);
$tpl_tmp->Set_Variable('method', $method);
}
$tpl_tmp->Set_Variable('max_size', ini_get('upload_max_filesize'));
$tpl_tmp->Set_Variable('path_admin', $setting['path']['admin']);
$tpl->Set_Variable('path_admin', $setting['path']['admin']);
$tpl->Set_Variable('main', $tpl_tmp->Get_Content('$setting'));
$db->Free();
unset($tpl_tmp);
$mystep->show($tpl);
return;
}
}
$data = array(date("Y-m-d H:i:s"), md5($v . $ms_version['ver'] . $cs), $v, $ms_version['ver'], GetIp(), $_SERVER["HTTP_REFERER"], $cs);
$mydb->insertDate($data);
$mydb->closeTBL();
echo $update;
break;
case "u_update":
if ($version_u > $v) {
$u_info = array_shift($version);
$u_info['content'] = array();
for ($i = 0, $m = count($u_info['file']); $i < $m; $i++) {
if (file_exists(ROOT_PATH . "/" . $u_info['file'][$i])) {
if (is_dir(ROOT_PATH . "/" . $u_info['file'][$i])) {
$u_info['content'][$i] = ".";
} else {
$u_info['content'][$i] = GetFile(ROOT_PATH . "/" . $u_info['file'][$i]);
$path_parts = pathinfo($u_info['file'][$i]);
if (!empty($cs) && strpos(".php,.tpl,.html,.htm,.sql", $path_parts["extension"]) !== false) {
$u_info['content'][$i] = str_ireplace(strtolower($setting['gen']['charset']), strtolower($cs), $u_info['content'][$i]);
$u_info['content'][$i] = str_ireplace(strtoupper($setting['gen']['charset']), strtoupper($cs), $u_info['content'][$i]);
$u_info['content'][$i] = chg_charset($u_info['content'][$i], $setting['gen']['charset'], $cs);
}
}
} else {
$u_info['content'][$i] = "";
}
}
}
echo base64_encode(serialize($u_info));
break;
default:
if (!empty($_SERVER["HTTP_REFERER"]) && isset($file_list)) {
$cache_file = ROOT_PATH . "/" . $setting['path']['cache'] . "/update/" . md5($p . $cs . $info['ver']);
if (file_exists($cache_file)) {
$update = GetFile($cache_file);
} else {
if (!empty($cs)) {
$sql_list = chg_charset($sql_list, $setting['gen']['charset'], $cs);
}
$update_info = array('sql' => $sql_list, 'file' => $file_list, 'content' => array());
for ($i = 0, $m = count($update_info['file']); $i < $m; $i++) {
$the_file = $plugin_path . "/" . $p . "/" . $update_info['file'][$i];
if (file_exists($the_file)) {
if (is_dir($the_file)) {
$update_info['content'][$i] = ".";
} else {
$update_info['content'][$i] = GetFile($the_file);
$path_parts = pathinfo($update_info['file'][$i]);
if (!empty($cs) && strpos(".php,.tpl,.html,.htm,.sql", $path_parts["extension"]) !== false) {
$update_info['content'][$i] = str_ireplace(strtolower($setting['gen']['charset']), strtolower($cs), $update_info['content'][$i]);
$update_info['content'][$i] = str_ireplace(strtoupper($setting['gen']['charset']), strtoupper($cs), $update_info['content'][$i]);
$update_info['content'][$i] = chg_charset($update_info['content'][$i], $setting['gen']['charset'], $cs);
}
}
} else {
$update_info['content'][$i] = "";
}
}
$update = base64_encode(serialize($update_info));
WriteFile($cache_file, $update, "wb");
}
echo $update;
function build_page($method)
{
global $mystep, $req, $db, $setting, $id, $mid, $record, $tpl_tmp;
$tpl_info = array("idx" => "main", "style" => "../plugin/" . basename(realpath(dirname(__FILE__))), "path" => ROOT_PATH . "/" . $setting['path']['template']);
if ($method == "list" || $method == "add" || $method == "edit") {
$tpl_info['style'] .= "/tpl/";
} else {
$tpl_info['style'] .= "/setting/";
}
$tpl = $mystep->getInstance("MyTpl", $tpl_info);
if ($method == "edit_data") {
$tpl_info['idx'] = $mid . "_edit_data";
} elseif ($method == "list_data") {
$tpl_info['idx'] = $mid . "_list_data";
} else {
$tpl_info['idx'] = $method;
}
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
if ($method == "confirm") {
global $para;
$record = $db->record($setting['db']['pre'] . "custom_form_" . $mid, "*", array("id", "n=", $id));
if ($record === false || !file_exists("setting/{$mid}.php")) {
$tpl->Set_Variable('main', showInfo("指定的记录不存在或配置文件缺失!", 0));
$mystep->show($tpl);
$mystep->pageEnd(false);
}
if (function_exists("ext_func")) {
ext_func();
}
$db->update($setting['db']['pre'] . "custom_form_" . $mid, array("mailed" => 1), array("id", "n=", $record['id']));
include "setting/" . $mid . ".php";
$tpl_info['idx'] = "{$mid}_mail_" . (empty($record['name']) && !empty($record['name_en']) ? "en" : "cn");
$tpl_tmp->ClearError();
$tpl_tmp->init($tpl_info);
if (empty($record['name'])) {
$record['name'] = $record['name_en'];
}
$tpl_tmp->Set_Variables($record, 'record');
$custom_form = $db->record($setting['db']['pre'] . "custom_form", "*", array("mid", "n=", $mid));
$tpl_tmp->Set_Variables($custom_form);
$tpl_tmp->allow_script = true;
} elseif ($method == "list_data") {
$page = $req->getGet("page");
$order = $req->getGet("order");
$tpl_tmp->Set_Variable('order', $order);
$order_type = $req->getGet("order_type");
if (empty($order_type)) {
$order_type = "desc";
}
include_once "setting/{$mid}.php";
$condition = array();
if (!empty($keyword)) {
if (is_numeric($keyword)) {
$condition[] = array("id", "n=", $keyword, "or");
}
foreach ($para as $key => $value) {
if ($para[$key]['search'] == 'true') {
switch ($para[$key]['type']) {
case "file":
case "textarea":
$condition[] = array($key, "like", $keyword, "or");
break;
case "radio":
case "select":
$condition[] = array($key, "=", $keyword, "or");
break;
case "text":
if ($para[$key]['format'] == "digital" || $para[$key]['format'] == "number") {
$condition[] = array($key, "=", $keyword, "or");
} else {
$condition[] = array($key, "like", $keyword, "or");
}
break;
case "checkbox":
break;
default:
$condition[] = array($key, "=", $keyword, "or");
break;
}
}
}
}
$key_file = array();
foreach ($para as $key => $value) {
if ($para[$key]['type'] == 'file') {
$key_file[] = $key;
}
}
//navigation
$counter = $db->result($setting['db']['pre'] . "custom_form_" . $mid, "count(*)", $condition);
list($page_arr, $page_start, $page_size) = GetPageList($counter, "?mid={$mid}&keyword={$keyword}&order={$order}&order_type={$order_type}", $page);
$tpl_tmp->Set_Variables($page_arr);
//main list
if (empty($order)) {
$order = "id";
}
$the_order = array();
$the_order[] = "{$order} {$order_type}";
if ($order != "id") {
$the_order[] = "id " . $order_type;
}
$db->select($setting['db']['pre'] . "custom_form_" . $mid, "*", $condition, array("order" => $the_order, "limit" => "{$page_start}, {$page_size}"));
while ($record = $db->GetRS()) {
HtmlTrans(&$record);
if (function_exists("ext_func")) {
ext_func();
}
if (empty($record['name']) && !empty($record['name_en'])) {
$record['name'] = $record['name_en'];
}
if (empty($record['company']) && !empty($record['company_en'])) {
$record['company'] = $record['company_en'];
}
foreach ($key_file as $key) {
if (empty($record[$key])) {
continue;
}
$cur_file = explode("::", $record[$key]);
if (strpos($cur_file[1], "image") !== false) {
$record[$key] = '<a href="file.php?mid=' . $mid . '&id=' . $record['id'] . '&f=' . $key . '" target="_blank"><img src="file.php?mid=' . $mid . '&id=' . $record['id'] . '&f=' . $key . '" width="120" alt="' . $cur_file[0] . '" /></a>';
} else {
$record[$key] = '<a href="file.php?mid=' . $mid . '&id=' . $record['id'] . '&f=' . $key . '" target="_blank">' . $cur_file[0] . '</a>';
}
}
$record['confirm'] = "";
if ($record['mailed'] != "已发") {
$record['confirm'] = ' <a href="?method=confirm&mid=' . $mid . '&id=' . $record['id'] . '">确认</a>';
}
$tpl_tmp->Set_Loop('record', $record);
}
$tpl_tmp->Set_Variable('custom_form_name', $db->result($setting['db']['pre'] . "custom_form", "name", array("mid", "n=", $mid)));
$tpl_tmp->Set_Variable('title', '表单信息浏览');
$tpl_tmp->Set_Variable('keyword', $keyword);
$tpl_tmp->Set_Variable('order_type_org', $order_type);
$order_type = $order_type == "asc" ? "desc" : "asc";
$tpl_tmp->Set_Variable('order_type', $order_type);
$tpl_tmp->Set_Variable('keyword', $keyword);
} elseif ($method == "edit_data") {
global $para, $record;
$keyword = mysql_real_escape_string($req->getGet("keyword"));
$record = $db->record($setting['db']['pre'] . "custom_form_" . $mid, "*", array("id", "n=", $id));
if ($record === false || !file_exists("setting/{$mid}.php")) {
$tpl->Set_Variable('main', showInfo("指定的记录不存在或配置文件缺失!", 0));
$mystep->show($tpl);
$mystep->pageEnd(false);
}
HtmlTrans(&$record);
if (function_exists("ext_func")) {
ext_func();
}
$tpl_tmp->Set_Variables($record, "record");
$tpl_tmp->Set_Variable('custom_form_name', $db->result($setting['db']['pre'] . "custom_form", "name", array("mid", "n=", $mid)));
$tpl_tmp->Set_Variable('title', '表单信息更新');
$tpl_tmp->Set_Variable('method', 'edit_data');
$tpl_tmp->Set_Variable('keyword', $keyword);
include "setting/{$mid}.php";
$tpl_tmp->allow_script = true;
} elseif ($method == "list") {
$db->select($setting['db']['pre'] . "custom_form", "*", "", array("order" => "mid desc"));
while ($record = $db->GetRS()) {
HtmlTrans(&$record);
if ($record['web_id'] == 0) {
$record['web_id'] = "仅管理面板";
} elseif ($record['web_id'] == 255) {
$record['web_id'] = "全部子站";
} else {
$webinfo = getParaInfo("website", "web_id", $record['web_id']);
$record['web_id'] = $webinfo['name'];
}
$record['link_submit'] = getUrl("cf_submit", $record['mid']);
$record['link_list'] = getUrl("cf_list", $record['mid']);
$tpl_tmp->Set_Loop('record', $record);
}
$tpl_tmp->Set_Variable('title', '表单浏览');
$tpl_tmp->Set_Variable('order_type_org', $order_type);
$order_type = $order_type == "asc" ? "desc" : "asc";
$tpl_tmp->Set_Variable('order_type', $order_type);
global $admin_cat;
$tpl_tmp->Set_Variable('admin_cat', toJson($admin_cat, $setting['gen']['charset']));
} elseif ($method == "edit") {
$record = $db->record($setting['db']['pre'] . "custom_form", "*", array("mid", "n=", $mid));
if ($record === false) {
$tpl->Set_Variable('main', showInfo("指定的记录不存在!", 0));
$mystep->show($tpl);
$mystep->pageEnd(false);
}
if (function_exists("ext_func")) {
ext_func();
}
$tpl_tmp->Set_Variables($record);
$tpl_tmp->Set_Variable('title', '修改表单项目');
$tpl_tmp->Set_Variable('method', 'edit');
$max_count = count($GLOBALS['website']);
for ($i = 0; $i < $max_count; $i++) {
$tpl_tmp->Set_Loop("website", $GLOBALS['website'][$i]);
}
include "setting/{$mid}.php";
$tpl_tmp->Set_Variable('cf_item', toJson($para, $setting['gen']['charset']));
$tpl_tmp->Set_Variable('tpl_cf_submit_cn', htmlspecialchars(GetFile("setting/{$mid}_cf_submit_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_submit_en', htmlspecialchars(GetFile("setting/{$mid}_cf_submit_en.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_print_cn', htmlspecialchars(GetFile("setting/{$mid}_cf_print_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_print_en', htmlspecialchars(GetFile("setting/{$mid}_cf_print_en.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_list_cn', htmlspecialchars(GetFile("setting/{$mid}_cf_list_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_list_en', htmlspecialchars(GetFile("setting/{$mid}_cf_list_en.tpl")));
$tpl_tmp->Set_Variable('tpl_block_cf_list_cn', htmlspecialchars(GetFile("setting/{$mid}_block_cf_list_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_block_cf_list_en', htmlspecialchars(GetFile("setting/{$mid}_block_cf_list_en.tpl")));
$tpl_tmp->Set_Variable('tpl_mail_cn', htmlspecialchars(GetFile("setting/{$mid}_mail_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_mail_en', htmlspecialchars(GetFile("setting/{$mid}_mail_en.tpl")));
$tpl_tmp->Set_Variable('tpl_edit_data', htmlspecialchars(GetFile("setting/{$mid}_edit_data.tpl")));
$tpl_tmp->Set_Variable('tpl_list_data', htmlspecialchars(GetFile("setting/{$mid}_list_data.tpl")));
$tpl_tmp->Set_Variable('ext_script', htmlspecialchars(GetFile("setting/{$mid}_ext_script.php")));
} elseif ($method == "add") {
$tpl_tmp->Set_Variable('title', '添加表单');
$tpl_tmp->Set_Variable('method', 'add');
$max_count = count($GLOBALS['website']);
for ($i = 0; $i < $max_count; $i++) {
$tpl_tmp->Set_Loop("website", $GLOBALS['website'][$i]);
}
if (file_exists("setting/" . $mid . ".php")) {
include "setting/" . $mid . ".php";
$tpl_tmp->Set_Variable('tpl_cf_submit_cn', htmlspecialchars(GetFile("setting/" . $mid . "_cf_submit_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_submit_en', htmlspecialchars(GetFile("setting/" . $mid . "_cf_submit_en.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_print_cn', htmlspecialchars(GetFile("setting/" . $mid . "_cf_print_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_print_en', htmlspecialchars(GetFile("setting/" . $mid . "_cf_print_en.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_list_cn', htmlspecialchars(GetFile("setting/" . $mid . "_cf_list_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_list_en', htmlspecialchars(GetFile("setting/" . $mid . "_cf_list_en.tpl")));
$tpl_tmp->Set_Variable('tpl_block_cf_list_cn', htmlspecialchars(GetFile("setting/" . $mid . "_block_cf_list_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_block_cf_list_en', htmlspecialchars(GetFile("setting/" . $mid . "_block_cf_list_en.tpl")));
$tpl_tmp->Set_Variable('tpl_mail_cn', htmlspecialchars(GetFile("setting/" . $mid . "_mail_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_mail_en', htmlspecialchars(GetFile("setting/" . $mid . "_mail_en.tpl")));
$tpl_tmp->Set_Variable('tpl_edit_data', htmlspecialchars(GetFile("setting/" . $mid . "_edit_data.tpl")));
$tpl_tmp->Set_Variable('tpl_list_data', htmlspecialchars(GetFile("setting/" . $mid . "_list_data.tpl")));
$tpl_tmp->Set_Variable('ext_script', htmlspecialchars(GetFile("setting/" . $mid . "_ext_script.php")));
} else {
include "setting/default.php";
$tpl_tmp->Set_Variable('tpl_cf_submit_cn', htmlspecialchars(GetFile("tpl/default_cf_submit_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_submit_en', htmlspecialchars(GetFile("tpl/default_cf_submit_en.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_print_cn', htmlspecialchars(GetFile("tpl/default_cf_print_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_print_en', htmlspecialchars(GetFile("tpl/default_cf_print_en.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_list_cn', htmlspecialchars(GetFile("tpl/default_cf_list_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_cf_list_en', htmlspecialchars(GetFile("tpl/default_cf_list_en.tpl")));
$tpl_tmp->Set_Variable('tpl_block_cf_list_cn', htmlspecialchars(GetFile("tpl/block_cf_list_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_block_cf_list_en', htmlspecialchars(GetFile("tpl/block_cf_list_en.tpl")));
$tpl_tmp->Set_Variable('tpl_mail_cn', htmlspecialchars(GetFile("tpl/default_mail_cn.tpl")));
$tpl_tmp->Set_Variable('tpl_mail_en', htmlspecialchars(GetFile("tpl/default_mail_en.tpl")));
$tpl_tmp->Set_Variable('tpl_edit_data', htmlspecialchars(GetFile("tpl/edit_data.tpl")));
$tpl_tmp->Set_Variable('tpl_list_data', htmlspecialchars(GetFile("tpl/list_data.tpl")));
$tpl_tmp->Set_Variable('ext_script', htmlspecialchars(GetFile("setting/ext_script.php")));
}
$tpl_tmp->Set_Variable('cf_item', toJson($para, $setting['gen']['charset']));
if (function_exists("ext_func")) {
ext_func();
}
}
$tpl_tmp->Set_Variable('mid', $mid);
$tpl->Set_Variable('path_admin', $setting['path']['admin']);
$tpl->Set_Variable('main', $tpl_tmp->Get_Content('$setting, $para'));
$db->Free();
unset($tpl_tmp);
$mystep->show($tpl);
return;
}
