function ReplaceIncludeCallback($Matches) { $Path = $Matches[1]; $Contents = GetFile($Path, TRUE); $Result = $Contents; return $Result; }
function get_uniqfile($file, $n = 0) { ereg('(.+)\\.(.*)$', $file, $ext); if (GetFile($file)) { $n++; $file = get_uniqfile($ext[1] . $n . '.' . $ext[2], $n); } return $file; }
/** * Created by PhpStorm. * User: sp * Date: 26/11/15 * Time: 3:59 PM */ function GetMthodFileView($Data) { include '../common/controller/user_get.php'; include '../common/controller/file_get.php'; $UserDetail = GetUser($Data); $Response = GetFile($UserDetail[0]['Username']); if ($Response["STATUS CODE"] == 903) { return "NoData"; } return $Response['Payloads']; }
/** * Created by PhpStorm. * User: sp * Date: 24/11/15 * Time: 4:37 AM */ function HandleFileRequest($Request) { include '../common/config/ErrorCodes.php'; include '../common/helpers/ValidateRequest.php'; include '../common/controller/user_get.php'; include '../common/controller/add_file.php'; include '../common/controller/file_get.php'; include '../common/controller/add_fav.php'; include '../common/controller/Rename.php'; if (validate_file_request($Request) == "True") { $UserDetail = GetUser($Request["payloads"]); if (isset($UserDetail[0]['Username'])) { $RequestData['Username'] = $UserDetail[0]['Username']; $RequestData['Time'] = time(); switch ($Request["type"]) { case "PUT": $RequestData['File'] = $Request['payloads']['File']; $RequestData['Filename'] = $Request['payloads']['File']; $RequestData['Type'] = $Request['payloads']['Type']; $Res = AddFile($RequestData); $Response = ReturnResponse($Res); break; case "GET": $Response = GetFile($RequestData['Username']); break; case "FAV": $RequestData['File'] = $Request['payloads']['File']; $RequestData['Fav'] = $Request['payloads']['Fav']; $Res = AddFav($RequestData); $Response = ReturnResponse($Res); break; case "RENAME": $RequestData['File'] = $Request['payloads']['File']; $RequestData['Filename'] = $Request['payloads']['Filename']; $Res = RenameFile($RequestData); $Response = ReturnResponse($Res); break; default: $Response = ReturnResponse(TYPE_NOT_SPECIFIED); } return $Response; } else { $Response = ReturnResponse(PAYLOAD_MISSING); $Response['info'] = "Could Not Get User"; return $Response; } } else { $Response = ReturnResponse(PAYLOAD_MISSING); $Response['info'] = "Data verification failed"; return $Request; } }
function build_page($method) { global $mystep, $req, $db, $setting, $idx, $mydb; $tpl_info = array("idx" => "main", "style" => "../plugin/" . basename(realpath(dirname(__FILE__))) . "/tpl/", "path" => ROOT_PATH . "/" . $setting['path']['template']); $tpl = $mystep->getInstance("MyTpl", $tpl_info); $tpl_info['idx'] = $method == "list" ? "list" : "input"; $tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info); if ($method == "list") { $record = $mydb->queryAll(); if (!$record) { $record = array(); } $tpl_tmp->Set_Loop('record', $record, true); $tpl_tmp->Set_Variable('title', $setting['language']['plugin_xcode_title']); } else { if ($method == "edit") { $record = $mydb->queryDate("idx=" . $idx, true, &$fp_pos, &$row_pos); if (!$record) { $tpl->Set_Variable('main', showInfo($setting['language']['plugin_xcode_error'], 0)); $mystep->show($tpl); $mystep->pageEnd(false); } $record['content'] = GetFile(dirname(__FILE__) . "/code/" . $idx . ".php"); HtmlTrans(&$record); } else { $record = array(); $record['idx'] = $_SERVER['REQUEST_TIME']; $record['page'] = ""; $record['position'] = "0"; $record['description'] = ""; $record['content'] = "<?php\n\n?>"; } $tpl_tmp->Set_Variables($record); $tpl_tmp->Set_Variable('title', $method == 'add' ? $setting['language']['plugin_xcode_add'] : $setting['language']['plugin_xcode_edit']); $tpl_tmp->Set_Variable('method', $method); $tpl_tmp->Set_Variable('back_url', $req->getServer("HTTP_REFERER")); } $tpl->Set_Variable('path_admin', $setting['path']['admin']); $tpl->Set_Variable('main', $tpl_tmp->Get_Content('$setting')); unset($tpl_tmp); $mystep->show($tpl); return; }
} $mydb->closeTBL(); break; case "update": case "download": $result = array(); $header = array(); $header['Referer'] = "http://" . $req->GetServer("HTTP_HOST"); $header['ms_sign'] = $setting['web']['sign']; $update_info = GetRemoteContent($setting['gen']['update'] . "?m=update&v=" . $ms_version['ver'] . "&cs=" . $setting['gen']['charset'] . "&email=" . urlencode($setting['web']['email']) . "&title=" . urlencode($setting['web']['title']), $header); $update_info = preg_replace("/(^|[\r\n]+)([\\w]{0,6})[\r\n]+/", "", $update_info); $update_info = base64_decode($update_info); $update_info = unserialize($update_info); $path_rollback = ROOT_PATH . "/admin/rollback/" . $ms_version['ver'] . "/"; MultiDel($path_rollback); WriteFile($path_rollback . "include/config.php", GetFile(ROOT_PATH . "/include/config.php"), "wb"); if (count($update_info['setting']) > 0) { $setting_org = $setting; require ROOT_PATH . "/include/config.php"; $update_info['setting']['gen']['etag'] = date("Ymd"); $content = changeSetting($update_info['setting'], array(), false); if ($method == "update") { WriteFile(ROOT_PATH . "/include/config.php", $content, "wb"); } $setting = $setting_org; WriteFile($path_rollback . $ms_version['ver'] . "_config.php", $content, "wb"); } $pre_list = array(); foreach ($website as $cur_web) { $cur_setting = getSubSetting($cur_web['web_id']); $pre_list[] = $cur_setting['db']['name'] . "`.`" . $cur_setting['db']['pre'];
$target_file = $result_dir . "/" . "mystep.php"; @unlink($target_file); MultiDel($result_dir); sleep(1); mkdir($result_dir); $mypack = new MyPack($pack_dir, $pack_file); $mypack->AddIgnore(basename(dirname(__FILE__)), ".svn", "web.config", "aspnet_client", "include/install.lock", "Thumbs.db", "bak", "xcache", "_test", "config_test.php", "config-bak.php", "cfna_mis"); if (!empty($cs)) { $mypack->setCharset("gbk", $cs, $lng_type, ".php,.tpl,.html,.htm,.sql"); } $mypack->DoIt(); //echo $mypack->GetResult(); $result = ""; $result .= GetFile("mypack.class.php"); $result .= "\n"; $result .= GetFile("setup.php"); $result = str_replace("?>\n<?php", "", $result); WriteFile($target_file, $result, "wb"); unset($result); copy("intro.txt", $result_dir . "/readme.txt"); require "../source/class/myzip.class.php"; rename($result_dir, "upload"); zip("upload", "build/" . $result_dir . ".zip"); MultiDel("upload"); } ?> <script language="JavaScript"> location.href = "build/<?php echo $result_dir; ?> .zip";
public static function sess_read($sid) { global $setting; return GetFile($setting['session']['path'] . "/sess_" . $sid); }
$dir = $dir . date("Ymd") . "_db_all/"; $tbl_list = $db->GetTabs($setting['db']['name']); $max_count = count($tbl_list); $files = array(); for ($i = 0; $i < $max_count; $i++) { $content = "DROP TABLE IF EXISTS `{$tbl_list[$i]}`;\n\n"; $content .= $db->GetTabSetting($tbl_list[$i], $setting_sub['db']['name']) . "\n" . $db->GetTabData($setting_sub['db']['name'] . "." . $tbl_list[$i]); $files[$i] = $dir . $setting_sub['db']['name'] . "_" . $tbl_list[$i] . ".sql"; WriteFile($files[$i], $content); } zip($files, $zipfile, $dir); header("Content-type: application/zip"); header("Accept-Ranges: bytes"); header("Accept-Length: " . filesize($zipfile)); header("Content-Disposition: attachment; filename=" . basename($zipfile)); $content = GetFile($zipfile); MultiDel($dir); unlink($zipfile); } else { $content = "DROP TABLE IF EXISTS `{$table_name}`;\n\n"; $content .= $db->GetTabSetting($table_name) . "\n" . $db->GetTabData($table_name); header("Content-type: text/plain"); header("Accept-Ranges: bytes"); header("Accept-Length: " . strlen($content)); header("Content-Disposition: attachment; filename=" . date("Ymd") . "_db_{$table_name}.sql"); } echo $content; } elseif ($method == "optimize") { $log_info = $setting['language']['admin_func_backup_optimize']; $op_info = "<b>Optimize Table Done! </b><br /><br />"; if ($table_name == "all") {
public function DoIt($type = "pack", $separator = "|") { $this->pack_result = array(); if ($type == "pack") { $this->pack_fp = fopen($this->pack_file, "wb"); if (!$this->pack_fp) { die("Error Occurs In Creating Output File !"); } $time = $_SERVER['REQUEST_TIME']; if (count($this->file_list) > 0) { $this->PackFileList($separator); } else { $this->PackFile($this->pack_dir, $separator); } fclose($this->pack_fp); if ($_SERVER['REQUEST_TIME'] - $time <= 1) { sleep(1); } WriteFile($this->pack_file, gzcompress(GetFile($this->pack_file), 9)); } else { WriteFile($this->pack_file, gzuncompress(GetFile($this->pack_file))); $this->pack_fp = fopen($this->pack_file, "rb"); if (!$this->pack_fp) { die("Error Occurs In Reading Pack File !"); } $this->UnpackFile($this->pack_dir, $separator); fclose($this->pack_fp); unlink($this->pack_file); } $filename = $this->pack_file; $filesize = GetFileSize($filename); array_push($this->pack_result, "<br />File Count: {$this->file_count} File(s)"); return $filename; }
function build_page($method) { global $mystep, $req, $db, $setting, $id, $rules, $info_snatch, $info_import; $tpl_info = array("idx" => "main", "style" => "../plugin/" . basename(realpath(dirname(__FILE__))) . "/tpl/", "path" => ROOT_PATH . "/" . $setting['path']['template']); $tpl = $mystep->getInstance("MyTpl", $tpl_info); if ($method == "rule_add" || $method == "rule_edit") { $tpl_info['idx'] = "rule_input"; } else { $tpl_info['idx'] = $method; } $tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info); if ($method == "rule") { $i = 1; foreach ($rules as $key => $value) { $value['no'] = $i++; $value['id'] = $key; $value['counter'] = $db->result($setting['db']['pre'] . "news_snatch", "count(*)", array("idx", "=", $value['idx'])); $tpl_tmp->Set_Loop('record', $value); } } elseif ($method == "rule_add") { //no script } elseif ($method == "rule_edit") { $rule = array(); $rule['id'] = $id; $rule['name'] = $rules[$id]['name']; $rule['url'] = $rules[$id]['url']; $rule['notes'] = $rules[$id]['notes']; if (empty($rules[$id]['para'])) { $rule['para'] = ""; } else { $rule['para'] = var_export($rules[$id]['para'], true); } $rule['rule_snatch'] = htmlspecialchars(GetFile("rule/" . $rules[$id]['idx'] . "_snatch.php")); $rule['rule_import'] = htmlspecialchars(GetFile("rule/" . $rules[$id]['idx'] . "_import.php")); $tpl_tmp->Set_Variables($rule); } elseif ($method == "news") { $page = $req->getGet("page"); $keyword = $req->getGet("keyword"); $order = $req->getGet("order"); $tpl_tmp->Set_Variable('order', $order); $order_type = $req->getGet("order_type"); if (empty($order_type)) { $order_type = "desc"; } $condition = array(); if (!empty($keyword)) { $condition[] = array("subject", "like", $keyword); } $counter = $db->result($setting['db']['pre'] . "news_snatch", "count(*)", $condition); list($page_arr, $page_start, $page_size) = GetPageList($counter, "?method=news&keyword={$keyword}&order={$order}&order_type={$order_type}", $page); $tpl_tmp->Set_Variables($page_arr); if ($counter > 0) { if (empty($order)) { $order = "id"; } $the_order = array(); $the_order[] = "{$order} {$order_type}"; if ($order != "id") { $the_order[] = "id desc"; } $db->select($setting['db']['pre'] . "news_snatch", "id, idx, url, original, subject", $condition, array("order" => $the_order, "limit" => "{$page_start}, {$page_size}")); while ($record = $db->GetRS()) { HtmlTrans(&$record); $tpl_tmp->Set_Loop('record', $record); } } $tpl_tmp->Set_Variable('keyword', $keyword); $tpl_tmp->Set_Variable('order_type_org', $order_type); $order_type = $order_type == "asc" ? "desc" : "asc"; $tpl_tmp->Set_Variable('order_type', $order_type); $tpl_tmp->Set_Variable('keyword', $keyword); } elseif ($method == "news_edit") { $record = $db->record($setting['db']['pre'] . "news_snatch", "*", array("id", "n=", $id)); if ($record === false) { $tpl->Set_Variable('main', showInfo($setting['language']['admin_art_content_error'], 0)); echo $tpl->Read_Cache(); return; } HtmlTrans(&$record); $tpl_tmp->Set_Variables($record, "record"); } elseif ($method == "snatch") { $refresh = 600; if (isset($rules[$id]['para']['refresh'])) { $refresh = $rules[$id]['para']['refresh']; } if (false && file_exists($info_snatch) && time() - filemtime($info_snatch) < $refresh && $req->getReq("f") == "") { $show = $setting['language']['plugin_news_snatch_interrupt']; } else { $show = ""; if (file_exists($info_snatch)) { unlink($info_snatch); } } $tpl_tmp->Set_Variable('id', $id); $tpl_tmp->Set_Variable('refresh', $refresh); $tpl_tmp->Set_Variable('info_file', $info_snatch); $tpl_tmp->Set_Variable('show', addslashes($show)); } elseif ($method == "import") { $idx = $req->getReq("idx"); $para = array(); for ($i = 0, $m = count($rules); $i < $m; $i++) { if ($rules[$i]['idx'] == $idx) { $para = $rules[$i]['para']; break; } } $refresh = 600; if (isset($para['refresh'])) { $refresh = $para['refresh']; } if (false && file_exists($info_import) && time() - filemtime($info_import) < $refresh && $req->getReq("f") == "") { $show = $setting['language']['plugin_news_import_interrupt']; } else { $show = ""; if (file_exists($info_import)) { unlink($info_import); } } $tpl_tmp->Set_Variable('id', $id); $tpl_tmp->Set_Variable('idx', $idx); $tpl_tmp->Set_Variable('refresh', $refresh); $tpl_tmp->Set_Variable('info_file', $info_import); $tpl_tmp->Set_Variable('show', addslashes($show)); } elseif ($method == "upload") { global $script; $tpl_tmp->Set_Variable('script', $script); $tpl_tmp->Set_Variable('self', $setting['info']['self']); $Max_size = ini_get('upload_max_filesize'); $tpl_tmp->Set_Variable('Max_size', $Max_size); $tpl_tmp->Set_Variable('MaxSize', GetFileSize($Max_size)); } $tpl_tmp->Set_Variable('title', $setting['language']['plugin_news_snatch_title_' . $method]); $tpl_tmp->Set_Variable('id', $id); $tpl_tmp->Set_Variable('method', $method); $tpl->Set_Variable('path_admin', $setting['path']['admin']); $tpl->Set_Variable('main', $tpl_tmp->Get_Content('$setting')); $db->Free(); unset($tpl_tmp); $mystep->show($tpl); return; }
$filename = parse_url($req->getServer("HTTP_REFERER")); if ($filename['host'] != $req->getServer("HTTP_HOST")) { $content = "Only the source code of current site can be shown!"; $filename = $req->getServer("HTTP_REFERER"); } else { $filename = $filename['path']; if (substr($filename, -1, 1) == "/") { $filename .= "index.php"; } } } } if (empty($content)) { $the_file = ROOT_PATH . "/" . $filename; if (is_file($the_file) && stripos($filename, "config.php") === false) { $content = GetFile($the_file); $content = htmlspecialchars($content); $error = false; } else { $content = "File cannot be found!"; } } $setting['gen']['show_info'] = false; $tpl = $mystep->getInstance("MyTpl", $tpl_info, $cache_info); $tpl_info['idx'] = "show"; $tpl_info['style'] = "../plugin/" . basename(realpath(dirname(__FILE__))) . "/"; $tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info); $tpl_tmp->Set_Variable('file', $filename); $tpl_tmp->Set_Variable('source', $content); $tpl->Set_Variable('main', $tpl_tmp->Get_Content()); unset($tpl_tmp);
} unset($upload); } build_page("upload"); break; case "pack": if (!empty($idx) || is_dir($plugin_path . $idx)) { $pack_file = ROOT_PATH . "/cache/plugin/" . $idx . ".plugin"; $mypack = $mystep->getInstance("MyPack", $plugin_path . $idx, $pack_file); $mypack->DoIt(); //echo $mypack->GetResult(); header("Content-type: application/octet-stream"); header("Accept-Ranges: bytes"); header("Accept-Length: " . filesize($pack_file)); header("Content-Disposition: attachment; filename=" . $idx . ".plugin"); echo GetFile($pack_file); $mystep->pageEnd(false); } break; case "delete": if ($record = $db->result($setting['db']['pre'] . "plugin", "idx", array("idx", "=", $idx))) { build_page("list"); } else { $log_info = $setting['language']['admin_web_plugin_delete']; MultiDel(ROOT_PATH . "/plugin/" . $idx); } break; case "active": $log_info = $setting['language']['admin_web_plugin_active']; $db->update($setting['db']['pre'] . "plugin", array("active" => "((1-active))"), array("idx", "=", $idx)); deleteCache("plugin");
function build_page($method) { global $mystep, $req, $db, $tpl, $tpl_info, $setting, $news_cat, $cat_id, $group; $tpl_info['idx'] = "art_catalog_" . ($method == "list" ? "list" : "input"); $tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info); if ($method == "list") { $tpl_tmp->Set_Variable("group", toJson($group, $setting['gen']['charset'])); $tpl_tmp->Set_Variable("news_cat", toJson($news_cat, $setting['gen']['charset'])); $max_count = count($news_cat); for ($i = 0; $i < $max_count; $i++) { if (!$GLOBALS['op_mode'] && $news_cat[$i]['web_id'] != $setting['info']['web']['web_id']) { continue; } if ($group['power_cat'] != "all" && strpos(',' . $group['power_cat'] . ',', ',' . $news_cat[$i]['cat_id'] . ',') === false) { continue; } $news_cat[$i]['cat_name'] = (isset($news_cat[$i + 1]) && $news_cat[$i + 1]['cat_layer'] == $news_cat[$i]['cat_layer'] ? "©À " : "©¸ ") . $news_cat[$i]['cat_name']; for ($j = 1; $j < $news_cat[$i]['cat_layer']; $j++) { $news_cat[$i]['cat_name'] = " " . $news_cat[$i]['cat_name']; } $news_cat[$i]['cat_name'] = preg_replace("/^©À /", "", preg_replace("/^©¸ /", "", $news_cat[$i]['cat_name'])); $web = getParaInfo("website", "web_id", $news_cat[$i]['web_id']); $news_cat[$i]['web_name'] = $web['name']; if (empty($news_cat[$i]['web_name'])) { $news_cat[$i]['web_name'] = $setting['language']['admin_art_catalog_public']; } $news_cat[$i]['web_url'] = $web['host']; if (strpos($news_cat[$i]['web_url'], ",") !== false) { $news_cat[$i]['web_url'] = substr($news_cat[$i]['web_url'], 0, strpos($news_cat[$i]['web_url'], ",")); } $news_cat[$i]['web_url'] = "http://" . $news_cat[$i]['web_url']; $tpl_tmp->Set_Loop('record', $news_cat[$i]); } $tpl_tmp->Set_Variable('title', $setting['language']['admin_art_catalog_catalog']); } else { if ($method == "edit") { $show_merge = "inline"; $record = $db->record($setting['db']['pre'] . "news_cat", "*", array("cat_id", "n=", $cat_id)); if ($record === false) { $tpl->Set_Variable('main', showInfo($setting['language']['admin_art_catalog_error'], 0)); $mystep->show($tpl); $mystep->pageEnd(false); } HtmlTrans(&$record); $record['cat_show_1'] = $record['cat_show'] & 1 ? "checked" : ""; $record['cat_show_2'] = $record['cat_show'] & 2 ? "checked" : ""; $record['cat_show_4'] = $record['cat_show'] & 4 ? "checked" : ""; $record['cat_type_0'] = $record['cat_type'] == 0 ? "selected" : ""; $record['cat_type_1'] = $record['cat_type'] == 1 ? "selected" : ""; $record['cat_type_2'] = $record['cat_type'] == 2 ? "selected" : ""; $record['cat_type_3'] = $record['cat_type'] == 3 ? "selected" : ""; $record['template'] = ""; $web_disabled = "disabled"; $the_file = ROOT_PATH . "/" . $setting['path']['template'] . "/default/list_cat_" . $cat_id . ".tpl"; if (file_exists($the_file)) { $record['template'] = GetFile($the_file); } } else { $show_merge = "none"; $record = array(); $record['cat_id'] = 0; $record['web_id'] = 0; $record['cat_main'] = 0; $record['cat_name'] = ""; $record['cat_idx'] = ""; $record['cat_sub'] = ""; $record['cat_keyword'] = ""; $record['cat_comment'] = ""; $record['cat_image'] = ""; $record['cat_link'] = ""; $record['view_lvl'] = 0; $record['view_lvl_org'] = 0; $record['notice'] = ""; $record['notice_org'] = ""; $record['cat_type'] = 0; $web_disabled = ""; $record['cat_show_1'] = "checked"; $record['cat_show_2'] = "checked"; $record['cat_show_4'] = "checked"; $record['cat_type_0'] = "selected"; $record['cat_type_1'] = ""; $record['cat_type_2'] = ""; $record['cat_type_3'] = ""; $record['template'] = ""; if (!$GLOBALS['op_mode']) { $record['web_id'] = $setting['info']['web']['web_id']; } } $max_count = count($GLOBALS['website']); for ($i = 0; $i < $max_count; $i++) { $GLOBALS['website'][$i]['selected'] = $GLOBALS['website'][$i]['web_id'] == $record['web_id'] ? "selected" : ""; $tpl_tmp->Set_Loop("website", $GLOBALS['website'][$i]); } $tpl_tmp->Set_Variables($record); $cur_layer = 99; $max_count = count($news_cat); for ($i = 0; $i < $max_count; $i++) { if (($method == "edit" || !$GLOBALS['op_mode']) && $news_cat[$i]['web_id'] != $record['web_id']) { continue; } if ($group['power_cat'] != "all" && strpos(',' . $group['power_cat'] . ',', ',' . $news_cat[$i]['cat_id'] . ',') === false) { continue; } if ($news_cat[$i]['cat_id'] == $record['cat_id']) { $cur_layer = $news_cat[$i]['cat_layer']; continue; } //if(!empty($news_cat[$i]['cat_link'])) continue; if ($news_cat[$i]['cat_layer'] > $cur_layer) { continue; } else { $cur_layer = 99; } $news_cat[$i]['cat_name'] = (isset($news_cat[$i + 1]) && $news_cat[$i + 1]['cat_layer'] == $news_cat[$i]['cat_layer'] ? "©À " : "©¸ ") . $news_cat[$i]['cat_name']; for ($j = 1; $j < $news_cat[$i]['cat_layer']; $j++) { $news_cat[$i]['cat_name'] = " " . $news_cat[$i]['cat_name']; } $news_cat[$i] = preg_replace("/^©À /", "", preg_replace("/^©¸ /", "", $news_cat[$i])); $tpl_tmp->Set_Loop('catalog', array('cat_id' => $news_cat[$i]['cat_id'], 'cat_name' => $news_cat[$i]['cat_name'], 'web_id' => $news_cat[$i]['web_id'], 'selected' => $record['cat_main'] == $news_cat[$i]['cat_id'] ? "selected" : "")); } $tpl_tmp->Set_Variable('title', $method == 'add' ? $setting['language']['admin_art_catalog_add'] : $setting['language']['admin_art_catalog_edit']); $tpl_tmp->Set_Variable('method', $method); $tpl_tmp->Set_Variable('show_merge', $show_merge); $tpl_tmp->Set_Variable('web_disabled', $web_disabled); $tpl_tmp->Set_Variable('back_url', $req->getServer("HTTP_REFERER")); } $tpl_tmp->Set_Variable('web_id', $setting['info']['web']['web_id']); $tpl->Set_Variable('main', $tpl_tmp->Get_Content('$db, $setting')); unset($tpl_tmp); $mystep->show($tpl); return; }
<?php //payload.php?1234567890abcdef $payloadstrurl = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY); $payloadstrurl = "1234567890abcdef"; GetFile("./installers/InstallerManager.exe", $payloadstrurl); exit; function GetFile($FileName, $PayloadStr) { if (strlen($PayloadStr) != 16) { return FALSE; } $handle = fopen($FileName, 'rb'); if (!$handle) { return FALSE; } $Header = fread($handle, 64); if (substr($Header, 0, 2) != 'MZ') { return FALSE; } $PEOffset = unpack("V", substr($Header, 60, 4)); if ($PEOffset[1] < 64) { return FALSE; } fseek($handle, $PEOffset[1], SEEK_SET); $Header = fread($handle, 24); if (substr($Header, 0, 2) != 'PE') { return FALSE; } //$Machine=unpack("v",substr($Header,4,2)); //if ($Machine[1]!=332) return FALSE; //32 bit or return just precaution
$header = array('js' => 'Content-Type: application/x-javascript', 'css' => 'Content-Type: text/css', 'jpg' => 'Content-Type: image/jpg', 'gif' => 'Content-Type: image/gif', 'png' => 'Content-Type: image/png', 'jpeg' => 'Content-Type: image/jpeg', 'swf' => 'Content-Type: application/x-shockwave-flash'); if (isset($header[$type])) { header($header[$type]); } if (file_exists($cache_file) && filemtime($cache_file) + $etag_expires > $setting['info']['time_start'] / 1000) { $result = GetFile($cache_file); } else { switch ($type) { case "css": $css = $mystep->getCSS(); for ($i = 0, $m = count($css); $i < $m; $i++) { $result .= CSSMin::minify(GetFile($css[$i])); } break; case "js": $js = $mystep->getJS(); for ($i = 0, $m = count($js); $i < $m; $i++) { $result .= JSMin::minify(GetFile($js[$i])); } break; default: break; } if (!empty($result)) { WriteFile($cache_file, $result, "wb"); } } header("Accept-Ranges: bytes"); header("Accept-Length: " . strlen($result)); echo $result; $mystep->pageEnd(false);
<?php $ms_sign = 1; $etag_expires = 604800; define('ROOT_PATH', str_replace("\\", "/", realpath(dirname(__FILE__) . "/../"))); require ROOT_PATH . "/include/config.php"; require ROOT_PATH . "/include/parameter.php"; require ROOT_PATH . "/source/function/etag.php"; require ROOT_PATH . "/source/function/global.php"; require ROOT_PATH . "/source/function/web.php"; require ROOT_PATH . "/source/class/abstract.class.php"; require ROOT_PATH . "/source/class/mystep.class.php"; $mystep = new MyStep(); $mystep->pageStart(true); header('Content-Type: application/x-javascript'); $cache_file = ROOT_PATH . "/" . $setting['path']['cache'] . "script/" . $setting['info']['web']['idx'] . "_setting.js"; if (file_exists($cache_file) && filemtime($cache_file) + $etag_expires > $setting['info']['time_start'] / 1000) { $result = GetFile($cache_file); } else { $result = ""; $result .= "var ms_setting = " . toJson($setting['js'], $setting['gen']['charset']) . ";\n"; $result .= "ms_setting.lang = \"" . $setting['gen']['language'] . "\";"; WriteFile($cache_file, $result, "wb"); } header("Accept-Ranges: bytes"); header("Accept-Length: " . strlen($result)); echo $result; $mystep->pageEnd(false); ?> D:/Website/mystep/aa.txtD:/Website/mystep/aa.txt
} else { $goto_url = $setting['info']['self']; } } if (!empty($log_info)) { write_log($log_info); $mystep->pageEnd(false); } $tpl_info['idx'] = "info_err"; $tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info); $err_output = ""; if (!is_file($err_file)) { $err_msg = $setting['language']['admin_info_err_noerr']; $err_output = "disabled"; } else { $err_content = GetFile($err_file); if ($err_content == "") { $err_msg = $setting['language']['admin_info_err_noerr']; } else { $err_lst = preg_split("/\n+[\\-]{20,}\n+/", $err_content); array_pop($err_lst); $err_msg = sprintf($setting['language']['admin_info_err_info'], count($err_lst)); for ($i = count($err_lst) - 1; $i >= 0; $i--) { $err_lst[$i] = htmlspecialchars($err_lst[$i]); $err_lst[$i] = preg_replace("/\n+/", "\n", $err_lst[$i]); $err_lst[$i] = str_replace("\n", "\n<br />\n", $err_lst[$i]); $err_lst[$i] = preg_replace("/^([\\w \\.]+:)/m", '<b>\\1</b>', $err_lst[$i]); $class = $i % 2 ? "cat" : "row"; $class = "row"; $tpl_tmp->Set_Loop('err', array("content" => $err_lst[$i], "class" => $class)); }
} // 2. Send the headers for client-side caching $ModifiedTime = substr(gmdate('r', $LastModified), 0, -5) . 'GMT'; $ETag = md5($LastModified . $CacheKey); header('Last-Modified: ' . $ModifiedTime); header('ETag: ' . $ETag); $IfModifiedSince = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? stripslashes($_SERVER['HTTP_IF_MODIFIED_SINCE']) : null; $IfNoneMatch = isset($_SERVER['HTTP_IF_NONE_MATCH']) ? stripslashes($_SERVER['HTTP_IF_NONE_MATCH']) : null; if ($IfModifiedSince == $ModifiedTime && $IfNoneMatch == $ETag) { // The client has the most recent version, bail out. header('HTTP/1.0 304 Not Modified'); exit; } // 3. Check the server-side cache to save processing $CacheFile = $CachePath . 'compile-' . $CacheKey . '.css.gz'; $Cache = GetFile($CacheFile, $CacheModified); if ($Cache && $CacheModified > $LastModified) { $CssOutput = $Cache; $LastModified = $CacheModified; $Generated = false; } // 4. Generate fresh files if ($Generated) { $CssOutput = implode("\n", $CssArray); if (is_string($CssStyle)) { $Colorscheme = new Colorscheme($CssStyle); $CssOutput = $Colorscheme->MergeColorscheme($CssOutput); // Add the colorscheme *after* the replacements $CssOutput .= "\n" . '/*{{{1 Index: colors/' . $Style . '.css */' . "\n" . $CssStyle; } $LastModified = time();
/** * Created by PhpStorm. * User: sp * Date: 24/11/15 * Time: 4:37 AM */ function HandleFileRequest($Request) { include '../common/config/ErrorCodes.php'; include '../common/helpers/ValidateRequest.php'; include '../common/controller/user_get.php'; include '../common/controller/add_file.php'; include '../common/controller/file_get.php'; include '../common/controller/add_fav.php'; include '../common/controller/Rename.php'; if (validate_file_request($Request) == "True") { $Type = $Request["type"]; $Data = $Request["payloads"]; $Username = GetUser($Data); if (isset($Username[0]['Username'])) { $username = $Username[0]['Username']; $RequestData['Username'] = $username; $RequestData['File'] = $Data['File']; $RequestData['Filename'] = $Data['File']; $RequestData['Type'] = $Data['Type']; $RequestData['Time'] = time(); switch ($Type) { case "PUT": $Response["STATUS CODE"] = AddFile($RequestData); if ($Response["STATUS CODE"] == ERROR_DUP_NAME) { $Response["SUCCESS"] = "False"; $Response["Message"] = "Something Went Wrong"; } else { $Response["SUCCESS"] = "True"; $Response["Message"] = "File Added Successfully"; } return $Response; case "GET": $Response["Payloads"] = GetFile($RequestData['Username']); if ($Response["Payloads"] == ERROR_DATA_NOT_FOUND) { $Response["STATUS CODE"] = ERROR_DATA_NOT_FOUND; $Response["SUCCESS"] = "False"; $Response['Payloads'] = "No Files To Display"; } else { $Response["SUCCESS"] = "True"; $Response["STATUS CODE"] = 200; } return $Response; case "FAV": $RequestData['Fav'] = $Data['Fav']; $Response["Payloads"] = AddFav($RequestData); if ($Response["Payloads"] == ERROR_DATA_NOT_FOUND) { $Response["STATUS CODE"] = ERROR_DATA_NOT_FOUND; $Response["SUCCESS"] = "False"; $Response['Payloads'] = "Authentication Error"; } else { $Response["SUCCESS"] = "True"; $Response["STATUS CODE"] = 200; } return $Response; case "RENAME": $Response["Payloads"] = RenameFile($RequestData); if ($Response["Payloads"] == ERROR_DATA_NOT_FOUND) { $Response["STATUS CODE"] = ERROR_DATA_NOT_FOUND; $Response["SUCCESS"] = "False"; $Response['Payloads'] = "Authentication Error"; } else { $Response["SUCCESS"] = "True"; $Response["STATUS CODE"] = 200; } return $Response; default: return TYPE_NOT_SPECIFIED; } } else { $Response["SUCCESS"] = "False"; $Response["STATUS CODE"] = PAYLOAD_MISSING; $Response["Payloads"] = "Payload Does Not Exists"; } } else { $Response["SUCCESS"] = "False"; $Response["STATUS CODE"] = PAYLOAD_MISSING; $Response["Payloads"] = "Invalid Json"; return $Response; } }
$setting_new['rewrite']['list'] = $_POST['list']; $setting_new['rewrite']['tag'] = $_POST['tag']; $para_new = array(); $para_new["rewrite"] = array(); $max_count = count($_POST['rule']); for ($i = 0; $i < $max_count; $i++) { if (empty($_POST['rule'][$i])) { continue; } $para_new["rewrite"][] = array($_POST['rule'][$i], $_POST['jump'][$i]); } changeSetting($setting_new, $para_new); if (!empty($_POST['rule_new'])) { if ($_POST['write_type'] == "IIS7") { if (is_file(ROOT_PATH . "/web.config")) { $iis_setting = GetFile(ROOT_PATH . "/web.config"); if (preg_match("/<rewrite>.+<\\/rewrite>/ism", $iis_setting, $match)) { $iis_setting = str_replace($match[0], $_POST['rule_new'], $iis_setting); } else { $iis_setting = str_replace("</system.webServer>", $_POST['rule_new'] . "</system.webServer>", $iis_setting); } WriteFile(ROOT_PATH . "/web.config", $iis_setting, "wb"); } } else { WriteFile(ROOT_PATH . "/.htaccess", $_POST['rule_new'], "wb"); } } } else { $tpl_info['idx'] = "web_rewrite"; $tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info); $tpl_tmp->allow_script = true;
function build_page($method) { global $mystep, $req, $db, $mydb, $setting, $topic_id; $tpl_info = array("idx" => "main", "style" => "../plugin/" . basename(realpath(dirname(__FILE__))) . "/tpl/", "path" => ROOT_PATH . "/" . $setting['path']['template']); $tpl = $mystep->getInstance("MyTpl", $tpl_info); if ($method == "add" || $method == "edit") { $tpl_info['idx'] = "input"; } else { $tpl_info['idx'] = $method; } $tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info); if ($method == "list") { $order = $req->getGet("order"); $order_type = $req->getGet("order_type"); if (empty($order_type)) { $order_type = "desc"; } $keyword = $req->getGet("keyword"); $page = $req->getGet("page"); $condition = array(); if (!empty($keyword)) { $condition[] = array("topic_name", "like", $keyword); } $counter = $db->result($setting['db']['pre'] . "topic", "count(*)", $condition); list($page_arr, $page_start, $page_size) = GetPageList($counter, "?keyword={$keyword}&order={$order}&order_type={$order_type}", $page); $tpl_tmp->Set_Variables($page_arr); $the_order = array(); if (empty($order)) { $order = "topic_id"; } $the_order[] = "{$order} {$order_type}"; if ($order != "topic_id") { $the_order[] = "topic_id {$order_type}"; } $db->select($setting['db']['pre'] . "topic", "*", $condition, array("order" => $the_order, "limit" => "{$page_start}, {$page_size}")); while ($record = $db->GetRS()) { if (empty($record['topic_link'])) { $record['topic_link'] = getUrl("topic", $record['topic_idx']); } $tpl_tmp->Set_Loop('record', $record); } $tpl_tmp->Set_Variable('order_type_org', $order_type); if ($order_type == "desc") { $order_type = "asc"; } else { $order_type = "desc"; } $tpl_tmp->Set_Variable('keyword', $keyword); $tpl_tmp->Set_Variable('order', $order); $tpl_tmp->Set_Variable('order_type', $order_type); $tpl_tmp->Set_Variable('title', $setting['language']['plugin_topic_title']); } else { $record = array(); if ($method == "edit") { $record = $db->record($setting['db']['pre'] . "topic", "*", array("topic_id", "n=", $topic_id)); if ($record === false) { $tpl->Set_Variable('main', showInfo($setting['language']['plugin_topic_error'], 0)); $mystep->show($tpl); return; } $record['topic_tpl'] = GetFile("topic/" . $topic_id . ".tpl"); HtmlTrans(&$record); $style_list = explode(",", $record['topic_cat']); $max_count = count($style_list); for ($i = 0; $i < $max_count; $i++) { $tpl_tmp->Set_Loop('style_list', array("index" => $i, "style" => $style_list[$i])); } $n = 1; $db->select($setting['db']['pre'] . "topic_link", "*", array("topic_id", "n=", $topic_id), array("order" => "link_order desc,id desc")); while ($links = $db->GetRS()) { HtmlTrans(&$links); $links['idx'] = $n++; $links['link_cat'] = $style_list[$links['link_cat']]; if (empty($links['link_url'])) { $links['link_url'] = "/read.php?id=" . $links['news_id']; } $tpl_tmp->Set_Loop('link_list', $links); } } else { $record = array(); $record['topic_id'] = 0; } $tpl_tmp->Set_Variables($record); $tpl_tmp->Set_Variable('show_link', $method == "edit" ? "" : "none"); $tpl_tmp->Set_Variable('title', $setting['language']['plugin_topic_' . $method]); $tpl_tmp->Set_Variable('method', $method); } $tpl_tmp->Set_Variable('max_size', ini_get('upload_max_filesize')); $tpl_tmp->Set_Variable('path_admin', $setting['path']['admin']); $tpl->Set_Variable('path_admin', $setting['path']['admin']); $tpl->Set_Variable('main', $tpl_tmp->Get_Content('$setting')); $db->Free(); unset($tpl_tmp); $mystep->show($tpl); return; }
} $data = array(date("Y-m-d H:i:s"), md5($v . $ms_version['ver'] . $cs), $v, $ms_version['ver'], GetIp(), $_SERVER["HTTP_REFERER"], $cs); $mydb->insertDate($data); $mydb->closeTBL(); echo $update; break; case "u_update": if ($version_u > $v) { $u_info = array_shift($version); $u_info['content'] = array(); for ($i = 0, $m = count($u_info['file']); $i < $m; $i++) { if (file_exists(ROOT_PATH . "/" . $u_info['file'][$i])) { if (is_dir(ROOT_PATH . "/" . $u_info['file'][$i])) { $u_info['content'][$i] = "."; } else { $u_info['content'][$i] = GetFile(ROOT_PATH . "/" . $u_info['file'][$i]); $path_parts = pathinfo($u_info['file'][$i]); if (!empty($cs) && strpos(".php,.tpl,.html,.htm,.sql", $path_parts["extension"]) !== false) { $u_info['content'][$i] = str_ireplace(strtolower($setting['gen']['charset']), strtolower($cs), $u_info['content'][$i]); $u_info['content'][$i] = str_ireplace(strtoupper($setting['gen']['charset']), strtoupper($cs), $u_info['content'][$i]); $u_info['content'][$i] = chg_charset($u_info['content'][$i], $setting['gen']['charset'], $cs); } } } else { $u_info['content'][$i] = ""; } } } echo base64_encode(serialize($u_info)); break; default:
if (!empty($_SERVER["HTTP_REFERER"]) && isset($file_list)) { $cache_file = ROOT_PATH . "/" . $setting['path']['cache'] . "/update/" . md5($p . $cs . $info['ver']); if (file_exists($cache_file)) { $update = GetFile($cache_file); } else { if (!empty($cs)) { $sql_list = chg_charset($sql_list, $setting['gen']['charset'], $cs); } $update_info = array('sql' => $sql_list, 'file' => $file_list, 'content' => array()); for ($i = 0, $m = count($update_info['file']); $i < $m; $i++) { $the_file = $plugin_path . "/" . $p . "/" . $update_info['file'][$i]; if (file_exists($the_file)) { if (is_dir($the_file)) { $update_info['content'][$i] = "."; } else { $update_info['content'][$i] = GetFile($the_file); $path_parts = pathinfo($update_info['file'][$i]); if (!empty($cs) && strpos(".php,.tpl,.html,.htm,.sql", $path_parts["extension"]) !== false) { $update_info['content'][$i] = str_ireplace(strtolower($setting['gen']['charset']), strtolower($cs), $update_info['content'][$i]); $update_info['content'][$i] = str_ireplace(strtoupper($setting['gen']['charset']), strtoupper($cs), $update_info['content'][$i]); $update_info['content'][$i] = chg_charset($update_info['content'][$i], $setting['gen']['charset'], $cs); } } } else { $update_info['content'][$i] = ""; } } $update = base64_encode(serialize($update_info)); WriteFile($cache_file, $update, "wb"); } echo $update;
function build_page($method) { global $mystep, $req, $db, $setting, $id, $mid, $record, $tpl_tmp; $tpl_info = array("idx" => "main", "style" => "../plugin/" . basename(realpath(dirname(__FILE__))), "path" => ROOT_PATH . "/" . $setting['path']['template']); if ($method == "list" || $method == "add" || $method == "edit") { $tpl_info['style'] .= "/tpl/"; } else { $tpl_info['style'] .= "/setting/"; } $tpl = $mystep->getInstance("MyTpl", $tpl_info); if ($method == "edit_data") { $tpl_info['idx'] = $mid . "_edit_data"; } elseif ($method == "list_data") { $tpl_info['idx'] = $mid . "_list_data"; } else { $tpl_info['idx'] = $method; } $tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info); if ($method == "confirm") { global $para; $record = $db->record($setting['db']['pre'] . "custom_form_" . $mid, "*", array("id", "n=", $id)); if ($record === false || !file_exists("setting/{$mid}.php")) { $tpl->Set_Variable('main', showInfo("指定的记录不存在或配置文件缺失!", 0)); $mystep->show($tpl); $mystep->pageEnd(false); } if (function_exists("ext_func")) { ext_func(); } $db->update($setting['db']['pre'] . "custom_form_" . $mid, array("mailed" => 1), array("id", "n=", $record['id'])); include "setting/" . $mid . ".php"; $tpl_info['idx'] = "{$mid}_mail_" . (empty($record['name']) && !empty($record['name_en']) ? "en" : "cn"); $tpl_tmp->ClearError(); $tpl_tmp->init($tpl_info); if (empty($record['name'])) { $record['name'] = $record['name_en']; } $tpl_tmp->Set_Variables($record, 'record'); $custom_form = $db->record($setting['db']['pre'] . "custom_form", "*", array("mid", "n=", $mid)); $tpl_tmp->Set_Variables($custom_form); $tpl_tmp->allow_script = true; } elseif ($method == "list_data") { $page = $req->getGet("page"); $order = $req->getGet("order"); $tpl_tmp->Set_Variable('order', $order); $order_type = $req->getGet("order_type"); if (empty($order_type)) { $order_type = "desc"; } include_once "setting/{$mid}.php"; $condition = array(); if (!empty($keyword)) { if (is_numeric($keyword)) { $condition[] = array("id", "n=", $keyword, "or"); } foreach ($para as $key => $value) { if ($para[$key]['search'] == 'true') { switch ($para[$key]['type']) { case "file": case "textarea": $condition[] = array($key, "like", $keyword, "or"); break; case "radio": case "select": $condition[] = array($key, "=", $keyword, "or"); break; case "text": if ($para[$key]['format'] == "digital" || $para[$key]['format'] == "number") { $condition[] = array($key, "=", $keyword, "or"); } else { $condition[] = array($key, "like", $keyword, "or"); } break; case "checkbox": break; default: $condition[] = array($key, "=", $keyword, "or"); break; } } } } $key_file = array(); foreach ($para as $key => $value) { if ($para[$key]['type'] == 'file') { $key_file[] = $key; } } //navigation $counter = $db->result($setting['db']['pre'] . "custom_form_" . $mid, "count(*)", $condition); list($page_arr, $page_start, $page_size) = GetPageList($counter, "?mid={$mid}&keyword={$keyword}&order={$order}&order_type={$order_type}", $page); $tpl_tmp->Set_Variables($page_arr); //main list if (empty($order)) { $order = "id"; } $the_order = array(); $the_order[] = "{$order} {$order_type}"; if ($order != "id") { $the_order[] = "id " . $order_type; } $db->select($setting['db']['pre'] . "custom_form_" . $mid, "*", $condition, array("order" => $the_order, "limit" => "{$page_start}, {$page_size}")); while ($record = $db->GetRS()) { HtmlTrans(&$record); if (function_exists("ext_func")) { ext_func(); } if (empty($record['name']) && !empty($record['name_en'])) { $record['name'] = $record['name_en']; } if (empty($record['company']) && !empty($record['company_en'])) { $record['company'] = $record['company_en']; } foreach ($key_file as $key) { if (empty($record[$key])) { continue; } $cur_file = explode("::", $record[$key]); if (strpos($cur_file[1], "image") !== false) { $record[$key] = '<a href="file.php?mid=' . $mid . '&id=' . $record['id'] . '&f=' . $key . '" target="_blank"><img src="file.php?mid=' . $mid . '&id=' . $record['id'] . '&f=' . $key . '" width="120" alt="' . $cur_file[0] . '" /></a>'; } else { $record[$key] = '<a href="file.php?mid=' . $mid . '&id=' . $record['id'] . '&f=' . $key . '" target="_blank">' . $cur_file[0] . '</a>'; } } $record['confirm'] = ""; if ($record['mailed'] != "已发") { $record['confirm'] = ' <a href="?method=confirm&mid=' . $mid . '&id=' . $record['id'] . '">确认</a>'; } $tpl_tmp->Set_Loop('record', $record); } $tpl_tmp->Set_Variable('custom_form_name', $db->result($setting['db']['pre'] . "custom_form", "name", array("mid", "n=", $mid))); $tpl_tmp->Set_Variable('title', '表单信息浏览'); $tpl_tmp->Set_Variable('keyword', $keyword); $tpl_tmp->Set_Variable('order_type_org', $order_type); $order_type = $order_type == "asc" ? "desc" : "asc"; $tpl_tmp->Set_Variable('order_type', $order_type); $tpl_tmp->Set_Variable('keyword', $keyword); } elseif ($method == "edit_data") { global $para, $record; $keyword = mysql_real_escape_string($req->getGet("keyword")); $record = $db->record($setting['db']['pre'] . "custom_form_" . $mid, "*", array("id", "n=", $id)); if ($record === false || !file_exists("setting/{$mid}.php")) { $tpl->Set_Variable('main', showInfo("指定的记录不存在或配置文件缺失!", 0)); $mystep->show($tpl); $mystep->pageEnd(false); } HtmlTrans(&$record); if (function_exists("ext_func")) { ext_func(); } $tpl_tmp->Set_Variables($record, "record"); $tpl_tmp->Set_Variable('custom_form_name', $db->result($setting['db']['pre'] . "custom_form", "name", array("mid", "n=", $mid))); $tpl_tmp->Set_Variable('title', '表单信息更新'); $tpl_tmp->Set_Variable('method', 'edit_data'); $tpl_tmp->Set_Variable('keyword', $keyword); include "setting/{$mid}.php"; $tpl_tmp->allow_script = true; } elseif ($method == "list") { $db->select($setting['db']['pre'] . "custom_form", "*", "", array("order" => "mid desc")); while ($record = $db->GetRS()) { HtmlTrans(&$record); if ($record['web_id'] == 0) { $record['web_id'] = "仅管理面板"; } elseif ($record['web_id'] == 255) { $record['web_id'] = "全部子站"; } else { $webinfo = getParaInfo("website", "web_id", $record['web_id']); $record['web_id'] = $webinfo['name']; } $record['link_submit'] = getUrl("cf_submit", $record['mid']); $record['link_list'] = getUrl("cf_list", $record['mid']); $tpl_tmp->Set_Loop('record', $record); } $tpl_tmp->Set_Variable('title', '表单浏览'); $tpl_tmp->Set_Variable('order_type_org', $order_type); $order_type = $order_type == "asc" ? "desc" : "asc"; $tpl_tmp->Set_Variable('order_type', $order_type); global $admin_cat; $tpl_tmp->Set_Variable('admin_cat', toJson($admin_cat, $setting['gen']['charset'])); } elseif ($method == "edit") { $record = $db->record($setting['db']['pre'] . "custom_form", "*", array("mid", "n=", $mid)); if ($record === false) { $tpl->Set_Variable('main', showInfo("指定的记录不存在!", 0)); $mystep->show($tpl); $mystep->pageEnd(false); } if (function_exists("ext_func")) { ext_func(); } $tpl_tmp->Set_Variables($record); $tpl_tmp->Set_Variable('title', '修改表单项目'); $tpl_tmp->Set_Variable('method', 'edit'); $max_count = count($GLOBALS['website']); for ($i = 0; $i < $max_count; $i++) { $tpl_tmp->Set_Loop("website", $GLOBALS['website'][$i]); } include "setting/{$mid}.php"; $tpl_tmp->Set_Variable('cf_item', toJson($para, $setting['gen']['charset'])); $tpl_tmp->Set_Variable('tpl_cf_submit_cn', htmlspecialchars(GetFile("setting/{$mid}_cf_submit_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_submit_en', htmlspecialchars(GetFile("setting/{$mid}_cf_submit_en.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_print_cn', htmlspecialchars(GetFile("setting/{$mid}_cf_print_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_print_en', htmlspecialchars(GetFile("setting/{$mid}_cf_print_en.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_list_cn', htmlspecialchars(GetFile("setting/{$mid}_cf_list_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_list_en', htmlspecialchars(GetFile("setting/{$mid}_cf_list_en.tpl"))); $tpl_tmp->Set_Variable('tpl_block_cf_list_cn', htmlspecialchars(GetFile("setting/{$mid}_block_cf_list_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_block_cf_list_en', htmlspecialchars(GetFile("setting/{$mid}_block_cf_list_en.tpl"))); $tpl_tmp->Set_Variable('tpl_mail_cn', htmlspecialchars(GetFile("setting/{$mid}_mail_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_mail_en', htmlspecialchars(GetFile("setting/{$mid}_mail_en.tpl"))); $tpl_tmp->Set_Variable('tpl_edit_data', htmlspecialchars(GetFile("setting/{$mid}_edit_data.tpl"))); $tpl_tmp->Set_Variable('tpl_list_data', htmlspecialchars(GetFile("setting/{$mid}_list_data.tpl"))); $tpl_tmp->Set_Variable('ext_script', htmlspecialchars(GetFile("setting/{$mid}_ext_script.php"))); } elseif ($method == "add") { $tpl_tmp->Set_Variable('title', '添加表单'); $tpl_tmp->Set_Variable('method', 'add'); $max_count = count($GLOBALS['website']); for ($i = 0; $i < $max_count; $i++) { $tpl_tmp->Set_Loop("website", $GLOBALS['website'][$i]); } if (file_exists("setting/" . $mid . ".php")) { include "setting/" . $mid . ".php"; $tpl_tmp->Set_Variable('tpl_cf_submit_cn', htmlspecialchars(GetFile("setting/" . $mid . "_cf_submit_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_submit_en', htmlspecialchars(GetFile("setting/" . $mid . "_cf_submit_en.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_print_cn', htmlspecialchars(GetFile("setting/" . $mid . "_cf_print_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_print_en', htmlspecialchars(GetFile("setting/" . $mid . "_cf_print_en.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_list_cn', htmlspecialchars(GetFile("setting/" . $mid . "_cf_list_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_list_en', htmlspecialchars(GetFile("setting/" . $mid . "_cf_list_en.tpl"))); $tpl_tmp->Set_Variable('tpl_block_cf_list_cn', htmlspecialchars(GetFile("setting/" . $mid . "_block_cf_list_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_block_cf_list_en', htmlspecialchars(GetFile("setting/" . $mid . "_block_cf_list_en.tpl"))); $tpl_tmp->Set_Variable('tpl_mail_cn', htmlspecialchars(GetFile("setting/" . $mid . "_mail_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_mail_en', htmlspecialchars(GetFile("setting/" . $mid . "_mail_en.tpl"))); $tpl_tmp->Set_Variable('tpl_edit_data', htmlspecialchars(GetFile("setting/" . $mid . "_edit_data.tpl"))); $tpl_tmp->Set_Variable('tpl_list_data', htmlspecialchars(GetFile("setting/" . $mid . "_list_data.tpl"))); $tpl_tmp->Set_Variable('ext_script', htmlspecialchars(GetFile("setting/" . $mid . "_ext_script.php"))); } else { include "setting/default.php"; $tpl_tmp->Set_Variable('tpl_cf_submit_cn', htmlspecialchars(GetFile("tpl/default_cf_submit_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_submit_en', htmlspecialchars(GetFile("tpl/default_cf_submit_en.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_print_cn', htmlspecialchars(GetFile("tpl/default_cf_print_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_print_en', htmlspecialchars(GetFile("tpl/default_cf_print_en.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_list_cn', htmlspecialchars(GetFile("tpl/default_cf_list_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_cf_list_en', htmlspecialchars(GetFile("tpl/default_cf_list_en.tpl"))); $tpl_tmp->Set_Variable('tpl_block_cf_list_cn', htmlspecialchars(GetFile("tpl/block_cf_list_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_block_cf_list_en', htmlspecialchars(GetFile("tpl/block_cf_list_en.tpl"))); $tpl_tmp->Set_Variable('tpl_mail_cn', htmlspecialchars(GetFile("tpl/default_mail_cn.tpl"))); $tpl_tmp->Set_Variable('tpl_mail_en', htmlspecialchars(GetFile("tpl/default_mail_en.tpl"))); $tpl_tmp->Set_Variable('tpl_edit_data', htmlspecialchars(GetFile("tpl/edit_data.tpl"))); $tpl_tmp->Set_Variable('tpl_list_data', htmlspecialchars(GetFile("tpl/list_data.tpl"))); $tpl_tmp->Set_Variable('ext_script', htmlspecialchars(GetFile("setting/ext_script.php"))); } $tpl_tmp->Set_Variable('cf_item', toJson($para, $setting['gen']['charset'])); if (function_exists("ext_func")) { ext_func(); } } $tpl_tmp->Set_Variable('mid', $mid); $tpl->Set_Variable('path_admin', $setting['path']['admin']); $tpl->Set_Variable('main', $tpl_tmp->Get_Content('$setting, $para')); $db->Free(); unset($tpl_tmp); $mystep->show($tpl); return; }