function action_runscript()
{
header('Content-type: text/html;charset=utf-8');
set_time_limit(0);
if (!($file = $_POST['file']) || !file_exists(CORE_DIR . '/updatescripts/' . $file)) {
echo 'missing file' . $_POST['file'];
return;
}
if (!file_exists(HOME_DIR . '/logs/upgrade_' . substr($_POST['file'], 0, -4) . '_' . $_POST['timeline'] . '.log.php')) {
error_log('#<?php exit()?>' . " \n \n", 3, HOME_DIR . '/logs/upgrade_' . substr($_POST['file'], 0, -4) . '_' . $_POST['timeline'] . '.log.php');
}
switch (ext_name($file)) {
case '.php':
include CORE_DIR . '/updatescripts/' . $file;
if (class_exists('UpgradeScript')) {
$oUpgrade = new UpgradeScript();
$oUpgrade->step = $_POST['step'] ? $_POST['step'] : '1';
$oUpgrade->runFunc = $_POST['runFunc'] ? $_POST['runFunc'] : 'first';
$oUpgrade->status = $_POST['runStatus'] ? $_POST['runStatus'] : 'all-finish';
$oUpgrade->version = substr($file, 0, -4);
// $oUpgrade->runFunc = $runFunc;
$oUpgrade->__Upgrade();
}
break;
case '.sql':
$this->run_update_sql($file);
break;
}
$this->setDbver(substr($file, 0, -4));
}
function _get_ident($file, $type, $addons, &$url, &$path)
{
$addons = implode('-', $addons);
$dir = ($type ? $type . '/' : '') . date('Ymd') . '/';
$uri = $dir . substr(md5(($addons ? $addons : $file) . microtime()), 0, 16) . ext_name(basename($addons ? $addons : $file));
$path = $this->_ident($uri);
$url = 'http://' . S_NAME . $path;
return $uri;
}
function _get_ident($file, $type, $addons, &$url, &$path)
{
$addons = implode('-', $addons);
$dir = '/' . $type . '/' . date('Ymd') . '/';
$uri = $dir . substr(md5(($addons ? $addons : $file) . microtime()), 0, 16) . ext_name(basename($addons ? $addons : $file));
$path = MEDIA_DIR . $uri;
$url = 'images' . $uri;
if (file_exists($path) && !unlink($path)) {
return false;
}
$dir = dirname($path);
if (!is_dir($dir)) {
if (!mkdir_p($dir)) {
return false;
}
}
return $uri;
}
function saveImage($gid, $imgThumbnail, $imgDefault, $aImgFile, $imgUdf = 'false', &$newThumbnail)
{
foreach ($aImgFile as $k => $v) {
if (!$v) {
unset($aImgFile[$k]);
}
}
if (!isset($aImgFile[0])) {
$aImgFile = array(0);
}
$this->clean($gid, $aImgFile);
$this->_gen_all_size('gimage_id in (' . implode(',', $aImgFile) . ')', $gid);
if (!($row = $this->db->selectrow('select gimage_id,small,thumbnail,big from sdb_gimages where gimage_id=' . intval($imgDefault)))) {
$row = $this->db->selectrow('select gimage_id,small,thumbnail,big from sdb_gimages where goods_id=' . intval($gid));
$imgDefault = $row['gimage_id'];
}
if (substr($newThumbnail, 0, 4) == 'http') {
$row['thumbnail'] = $newThumbnail;
}
$data = array('thumbnail_pic' => $row['thumbnail'], 'small_pic' => $row['small'], 'big_pic' => $row['big'], 'image_default' => $imgDefault, 'goods_id' => $gid, 'udfimg' => $imgUdf);
$old_img = $this->db->selectrow('select udfimg,thumbnail_pic from sdb_goods where goods_id=' . intval($gid));
if ($imgUdf == 'true' && $newThumbnail['goods_thumbnail_pic'] && substr($newThumbnail, 0, 4) != 'http') {
//?????
$data['thumbnail_pic'] = parent::save_upload($newThumbnail['goods_thumbnail_pic'], 'goods', substr(md5(implode(',', microtime() . rand(0, time()))), 0, 16) . ext_name($newThumbnail['goods_thumbnail_pic']['name']));
if ($this->elmar_storage) {
if ($w = strpos($old_img['thumbnail_pic'], '|img_id:')) {
$old_img_id = substr($old_img['thumbnail_pic'], $w + strlen('|img_id:'));
if ($old_img_id) {
$file = BASE_DIR . '/' . substr($data['thumbnail_pic'], 0, strpos($data['thumbnail_pic'], '|'));
if (!$this->elmar_storage->update($old_img_id, $file, 'thumb')) {
trigger_error("更新图库信息失败", E_USER_WARNING);
}
$elmer_t_url = explode('|', $old_img['thumbnail_pic']);
$data['thumbnail_pic'] .= '|' . $elmer_t_url[3] . '|img_id:' . $old_img_id;
}
}
}
if ($old_img['udfimg'] == 'true') {
$this->remove($old_img['thumbnail_pic']);
}
} else {
//???
if ($imgUdf == 'false' && $old_img['udfimg'] == 'true') {
$this->remove($old_img['thumbnail_pic']);
}
if ($imgUdf == 'true' && $old_img['udfimg'] == 'true') {
unset($data['thumbnail_pic']);
}
}
return $this->toUpdateImages($data);
}
<p id="logged"><a href="<?php
echo ABS_PATH;
?>
">Logged in</a> as <strong><?php
echo $_SESSION['login'];
?>
</strong> —
<a id="logout" class="smallround" href="<?php
echo ADMIN_PATH;
?>
sys/logout.php">disconnect</a></p>
</div><!-- end header -->
<div id="nav">
<ul>
<?php
$basedir = filename_to_str(ext_name());
$basecss = $basedir == "admin" ? ' class="current"' : null;
// display always the dashboard
echo '<li' . $basecss . '><a href="' . ADMIN_PATH . '">Dashboard</a></li>';
// display allowed sections
echo ext_format();
?>
</ul>
</div><!-- end nav -->
<div id="global">
<?php
// Custom admin content ("extension" from here onwards) should start here
function save_upload($file, $type = null, $addons = '', &$msg)
{
$file['name'] = strtolower($file['name']);
if ($file['error']) {
$msg = $this->__check_upload($file);
trigger_error($msg, E_USER_ERROR);
return false;
} else {
$limited = $this->get_pic_upload_max();
if ($file['size'] > $limited['size']) {
$msg = __('上传的文件大小不能超过') . $limited['desc'] . __(',请处理后重新上传!');
trigger_error(__('上传的文件大小不能超过') . $limited['desc'] . __(',请处理后重新上传!'), E_USER_ERROR);
return false;
}
$allow_upload = array('.gif' => 1, '.jpg' => 1, '.jpeg' => 1, '.png' => 1, '.bmp' => 1, '.swf' => 1);
if (!isset($allow_upload[ext_name($file['name'])])) {
$msg = __('上传文件类型错误。');
trigger_error(__('上传文件类型错误。'), E_USER_ERROR);
return false;
}
if ($addons) {
if (is_array($addons)) {
$addons[] = $file['name'];
} else {
$addons = array($addons, $file['name']);
}
} else {
$addons = array($file['name']);
}
if (method_exists($this->worker, 'save_upload')) {
if ($id = $this->worker->save_upload($file['tmp_name'], $url, $type, $addons)) {
return $url . '|' . $id . '|' . $this->class_name;
} else {
return false;
}
} else {
if ($id = $this->worker->save($file['tmp_name'], $url, $type, $addons)) {
return $url . '|' . $id . '|' . $this->class_name;
} else {
return false;
}
}
}
}
function saveImage($gid, $imgThumbnail, $imgDefault, $aImgFile, $imgUdf = 'false', &$newThumbnail)
{
foreach ($aImgFile as $k => $v) {
if (!$v) {
unset($aImgFile[$k]);
}
}
if (!isset($aImgFile[0])) {
$aImgFile = array(0);
}
$this->clean($gid, $aImgFile);
$this->_gen_all_size('gimage_id in (' . implode(',', $aImgFile) . ')', $gid);
if (!($row = $this->db->selectrow('select gimage_id,small,thumbnail,big from sdb_gimages where gimage_id=' . intval($imgDefault)))) {
$row = $this->db->selectrow('select gimage_id,small,thumbnail,big from sdb_gimages where goods_id=' . intval($gid));
$imgDefault = $row['gimage_id'];
}
if (substr($newThumbnail, 0, 4) == 'http') {
$row['thumbnail'] = $newThumbnail;
}
$data = array('thumbnail_pic' => $row['thumbnail'], 'small_pic' => $row['small'], 'big_pic' => $row['big'], 'image_default' => $imgDefault, 'goods_id' => $gid, 'udfimg' => $imgUdf);
$old_img = $this->db->selectrow('select udfimg,thumbnail_pic from sdb_goods where goods_id=' . intval($gid));
if ($imgUdf == 'true' && $newThumbnail['goods_thumbnail_pic'] && substr($newThumbnail, 0, 4) != 'http') {
if ($newThumbnail['goods_thumbnail_pic']['img_source'] == 'local') {
$data['thumbnail_pic'] = parent::save($newThumbnail['goods_thumbnail_pic']['name'], 'goods', substr(md5(implode(',', microtime() . rand(0, time()))), 0, 16) . ext_name($newThumbnail['goods_thumbnail_pic']['name']));
} else {
$data['thumbnail_pic'] = parent::save_upload($newThumbnail['goods_thumbnail_pic'], 'goods', substr(md5(implode(',', microtime() . rand(0, time()))), 0, 16) . ext_name($newThumbnail['goods_thumbnail_pic']['name']));
}
if ($old_img['udfimg'] == 'true') {
$old_gimg = $this->db->selectrow('select thumbnail from sdb_gimages where goods_id=' . intval($gid));
if ($old_gimg['thumbnail'] != $old_img['thumbnail_pic']) {
$this->remove($old_img['thumbnail_pic']);
}
}
} else {
//没有上传缩略图
if ($imgUdf == 'false' && $old_img['udfimg'] == 'true') {
$this->remove($old_img['thumbnail_pic']);
}
if ($imgUdf == 'true' && $old_img['udfimg'] == 'true') {
unset($data['thumbnail_pic']);
}
}
return $this->toUpdateImages($data);
}
function do_upload_bg()
{
$this->begin('index.php?ctl=order/delivery_printer&act=do_upload_bg&p[0]=0');
$extname = strtolower(ext_name($_FILES['background']['name']));
if ($extname == '.jpg' || $extname == '.jpeg') {
$file = tempnam(HOME_DIR . '/tmp', 'dly_');
unlink($file);
$file .= '.jpg';
$rs = move_uploaded_file($_FILES['background']['tmp_name'], $file);
} else {
$this->splash('failed', 'index.php?ctl=order/delivery_printer&act=upload_bg', __('必须是.jpg的图片'));
}
$this->end($rs, __('快递单背景图片保存成功'), 'index.php?ctl=order/delivery_printer&act=done_upload_bg&p[0]=' . DPGB_TMP_MODE . '&p[1]=' . basename($file));
}
/**
* Gets all allowed CMS extensions for the current user.
* @return array Array of strings (sections)
*/
function is_allowed()
{
// check current user's role
if ($_SESSION['role_id'] > 0) {
$user = db_select(TBL_PREFIX . TBL_USERS, "role_id", "login = '******'login'] . "'");
if ((int) $user['role_id'] !== 1) {
$current = ext_name();
// check if current section is allowed
return strpos($current, $_SESSION['ext_allowed']) !== false;
} else {
return true;
}
} else {
return false;
}
}
if (isset($_COOKIE['smt-login'])) {
$_SESSION['login'] = $_COOKIE['smt-login'];
}
if (empty($_SESSION['login'])) {
// redirect to root dir, where user authentication will prompt
$_SESSION['error'] = "NOT_LOGGED";
header("Location: " . ABS_PATH . "?redirect=" . urlencode(url_get_current(true)));
exit;
} else {
// check current session login
$user = db_select(TBL_PREFIX . TBL_USERS, "role_id", "login='******'login'] . "'");
$role = db_select(TBL_PREFIX . TBL_ROLES, "ext_allowed", "id='" . $user['role_id'] . "'");
// save session
$_SESSION['role_id'] = (int) $user['role_id'];
$_SESSION['allowed'] = explode(",", $role['ext_allowed']);
// root user have wide access
if ($_SESSION['role_id'] === 1) {
$_SESSION['allowed'] = ext_available();
}
// always set available the dashboard!
array_push($_SESSION['allowed'], "admin");
if (!in_array(ext_name(), $_SESSION['allowed'])) {
// redirect to admin dir
$_SESSION['error'] = "NOT_ALLOWED";
header("Location: " . ADMIN_PATH);
exit;
} else {
// update status
db_update(TBL_PREFIX . TBL_USERS, "last_access = NOW()", "login = '******'login'] . "'");
}
}
return;
}
if (!isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) || strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) < NOW_TIME - $second) {
//过期了
header('Cache-Control: max-age=' . $second);
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', NOW_TIME) . ' GMT');
header('Pragma: max-age=' . $second);
header('Expires:' . gmdate('D, d M Y H:i:s', NOW_TIME + $second) . ' GMT');
} else {
header('Last-Modified: ' . $_SERVER['HTTP_IF_MODIFIED_SINCE'], true, 304);
exit;
}
}
function ext_name($file)
{
return strtolower(substr($file, strrpos($file, '.') + 1));
}
foreach ($getfiles as $file) {
if ($gettype == ext_name($file)) {
if ($file[0] == '/') {
$file = __DIR__ . '/..' . $file;
}
readfile($file);
} else {
echo PHP_EOL . '/* not allowed file type:' . $file . ' */' . PHP_EOL;
}
}
//输出buffer中的内容,即压缩后的css文件
if (extension_loaded('zlib')) {
ob_end_flush();
}