function RepSpeRssStr($str)
{
$str = stripSlashes($str);
$str = ehtmlspecialchars($str, ENT_QUOTES);
$str = str_replace(array('[!--empirenews.page--]', '[/!--empirenews.page--]', '[', ']'), array('', '', '', ''), $str);
return $str;
}
function RepPostVar($val)
{
$val = str_replace(" ", "", $val);
$val = str_replace("'", "", $val);
$val = str_replace("\"", "", $val);
$val = addslashes(stripSlashes($val));
return $val;
}
protected function unserializeData()
{
$data = $this->getData();
$result = null;
$dataType = gettype($data);
switch ($dataType) {
case 'object':
$dataType = get_class($data);
case 'TSimpleHttpResponse':
$format = $this->getServiceProtocol();
if ($data->isHeader('X-MCP-API-ResonseServiceProtocol')) {
$format = $data->getHeader('X-MCP-API-ResonseServiceProtocol');
}
if (!in_array($format, array($this->getServiceProtocol(), TServiceProtocol::NONE, TServiceProtocol::UNKNOWN))) {
throw new TDispatchAdapterException('adapter_protocol_not_supported', __CLASS__, $format);
}
$result = TNvpSerializer::unserialize($data->getBody());
break;
case 'boolean':
case 'integer':
case 'boolean':
case 'array':
case 'null':
case 'NULL':
$result = TNvpSerializer::unserialize(TNvpSerializer::serialize($data));
break;
case 'string':
$result = TNvpSerializer::unserialize($data);
break;
case 'resource':
case 'unknown type':
default:
throw new TDispatchAdapterException('adapter_datatype_not_supported', $dataType);
break;
}
do {
if (!isset($result['error'])) {
break;
}
if ($result['error'] == 0) {
break;
}
$code = $result['error'];
$msg = isset($result['errorMessage']) ? stripSlashes($result['errorMessage']) : '';
throw new Exception($msg, $code);
} while (0);
do {
if (!isset($result['result'])) {
break;
}
if (count($result) > 2) {
break;
}
$result = $result['result'];
} while (0);
return $result;
}
/**
* @ stripslashes()
* @param data $data
* @return string $data
* addSlashes adverse function
* */
public static function stripslashes($data)
{
if (is_array($data)) {
foreach ($data as $key => $value) {
$data[$key] = self::stripSlashes($value);
}
} else {
$data = stripSlashes(trim($data));
}
return $data;
}
public function serialize_array($name, $arr)
{
$tmp = json_encode($arr);
$tmp = str_replace(":{", " => [", $tmp);
$tmp = str_replace("{", "[", $tmp);
$tmp = str_replace("},", "],\n\t", $tmp);
$tmp = str_replace("}", "]", $tmp);
$tmp = str_replace(":", " => ", $tmp);
$tmp = str_replace('"', "'", $tmp);
$tmp = "\$" . $name . " = " . stripSlashes($tmp) . ";";
return $tmp;
}
function ShowBuyproduct($buycar, $payby)
{
global $empire, $dbtbpre;
$record = "!";
$field = "|";
$r = explode($record, $buycar);
$alltotal = 0;
$alltotalfen = 0;
echo "<table width='100%' border=0 align=center cellpadding=3 cellspacing=1>\r\n <tr class='header'> \r\n <td width='9%' height=23> <div align=center>序号</div></td>\r\n <td width='43%'> <div align=center>商品名称</div></td>\r\n <td width='19%'> <div align=center>单价</div></td>\r\n <td width='10%'> <div align=center>数量</div></td>\r\n <td width='19%'> <div align=center>小计</div></td>\r\n </tr>";
$j = 0;
for ($i = 0; $i < count($r) - 1; $i++) {
$j++;
$pr = explode($field, $r[$i]);
$productid = $pr[1];
$fr = explode(",", $pr[1]);
//ID
$classid = (int) $fr[0];
$id = (int) $fr[1];
//数量
$num = (int) $pr[2];
if (empty($num)) {
$num = 1;
}
//单价
$price = $pr[3];
$thistotal = $price * $num;
$buyfen = $pr[4];
$thistotalfen = $buyfen * $num;
if ($payby == 1) {
$showprice = $buyfen . " 点";
$showthistotal = $thistotalfen . " 点";
} else {
$showprice = $price . " 元";
$showthistotal = $thistotal . " 元";
}
//产品名称
$title = stripSlashes($pr[5]);
//返回链接
$titleurl = "../../public/InfoUrl/?classid={$classid}&id={$id}";
$alltotal += $thistotal;
$alltotalfen += $thistotalfen;
echo "<tr>\r\n\t<td align=center>" . $j . "</td>\r\n\t<td align=center><a href='" . $titleurl . "' target=_blank>" . $title . "</a></td>\r\n\t<td align=right><b>¥" . $showprice . "</b></td>\r\n\t<td align=right>" . $num . "</td>\r\n\t<td align=right>" . $showthistotal . "</td>\r\n\t</tr>";
}
//支付点数付费
if ($payby == 1) {
$a = "<tr> \r\n <td colspan=5><div align=right>合计点数:<strong>" . $alltotalfen . "</strong></div></td>\r\n <td> </td>\r\n </tr>\r\n\t</table>";
} else {
echo "<tr> \r\n <td colspan=5><div align=right>合计:<strong>¥" . $alltotal . "</strong></div></td>\r\n <td> </td>\r\n </tr>\r\n </table>";
}
}
/**
* enleve tout les slashes d'une chaine ou d'un tableau de chaine
* @param string/array $string
* @return string/array l'objet transformé
*/
function _stripSlashes($string)
{
if ($this->magic_quotes) {
if (is_array($string)) {
$toReturn = array();
// c'est un tableau, on traite un à un tout les elements du tableau
foreach ($string as $key => $elem) {
$toReturn[$key] = $this->_stripSlashes($elem);
}
return $toReturn;
} else {
return stripSlashes($string);
}
} else {
return $string;
}
}
function encode($string)
{
$string = trim($string);
$string = stripSlashes("{$string}");
$string = str_replace("&", "&", $string);
$string = str_replace("'", "'", $string);
$string = str_replace("&amp;", "&", $string);
$string = str_replace("&quot;", """, $string);
$string = str_replace("\"", """, $string);
$string = str_replace("&lt;", "<", $string);
$string = str_replace("<", "<", $string);
$string = str_replace("&gt;", ">", $string);
$string = str_replace(">", ">", $string);
$string = str_replace("&nbsp;", " ", $string);
$string = nl2br($string);
return $string;
}
private function normalizeArray(&$arr)
{
// The following function strips slashes from
// an HTTP input. Note: parameter is passed by reference
// Scan the array
foreach ($arr as $key => $value) {
if (!is_array($value)) {
// Let's go
$arr[$key] = stripSlashes($value);
} else {
// Recursive call.
$this->normalizeArray($arr[$key]);
}
}
reset($arr);
return $arr;
}
function API_Login($user, $pass)
{
global $Block, $setting, $onlineip, $_COOKIE, $_SERVER;
$pwd = md5($pass);
$user = Conn()->record("members", "uid,username,password,safecv", "username='******' and password='******'");
if (!$user) {
return false;
}
$winduid = $user[0]['uid'];
$windpwd = md5($_SERVER['HTTP_USER_AGENT'] . $pwd . $GLOBALS['db_hash']);
$safecv = $user[0]['safecv'];
$username = $user[0]['username'];
$winduser = StrCode(stripSlashes("{$winduid}\t{$windpwd}\t{$safecv}"), "ENCODE");
$GLOBALS['cookiepre'] = substr(md5($GLOBALS['db_sitehash']), 0, 5) . '_';
osetcookie('winduser', $winduser, 31536000);
osetcookie('ck_info', $GLOBALS['db_ckpath'] . "\t" . $GLOBALS['db_ckdomain'], 31536000);
osetcookie('lastvisit', '', 0);
$GLOBALS['cookiepre'] = 'onez_';
osetcookie('userid', $winduid, 31536000);
osetcookie('username', $username, 31536000);
return 'Y';
}
public function parse_template()
{
// On passe au tpl de la page les 2 variables nécessaires à son bon fonctionnement
$args = $this->args;
$datas = $this->datas;
// On instancie la table des tags par défaut
$transformateur = new odTransform();
// On lit le contenu de module.tpl
$this->read_module();
// S'il y a quelque chose dans module.tpl, il ne doit y avoir que des tag omodule
if (strlen($this->file_content) != 0) {
// On va chercher le tag omodule
$module_tag = $transformateur->get_named_tag("omodule");
// On le transforme par l'instruction d'ajout dans la table des tags de odTransform
$this->file_content = preg_replace($module_tag[0], html_entity_decode($module_tag[1]), $this->file_content);
// même chose pour le tag block
$module_tag = $transformateur->get_named_tag("block");
$this->file_content = preg_replace($module_tag[0], html_entity_decode($module_tag[1]), $this->file_content);
// On supprime cette variable pour ne pas la retrouver dans les variables définies
unset($module_tag);
// Et on exécute l'instruction d'ajout dans la table des tags
eval(stripSlashes("?\\>" . utf8_encode($this->file_content)));
}
// On lit le template de la page
$this->read_template();
// S'il y a quelque chose dans le template
if (strlen($this->file_content) != 0) {
// On transforme tous les tags trouvés par leur valeur définie dans la table des tags
foreach ($transformateur->get_all_tags() as $odtag) {
$this->file_content = preg_replace($odtag[0], html_entity_decode($odtag[1]), $this->file_content);
}
// On supprime les variables que l'on ne doit pas voir
unset($odtag);
unset($transformateur);
file_put_contents("logs/output.php", $this->file_content);
// On évalue le code obtenu de la page
eval(stripSlashes("?\\>" . utf8_encode($this->file_content)));
}
}
function ecmsShowInfoTop($query, $where, $field, $topnum, $day)
{
global $empire, $dbtbpre, $class_r;
if ($day) {
$and = $where ? ' and ' : ' where ';
$query .= $and . "newstime>=" . time() . "-" . $day * 24 * 3600;
}
if ($field == 'plnum') {
$word = '评论数';
} elseif ($field == 'totaldown') {
$word = '下载数';
} elseif ($field == 'onclick') {
$word = '点击数';
}
$query .= " order by " . $field . " desc limit " . $topnum;
echo "<table width='100%' border='0' cellpadding='3' cellspacing='1' class='tableborder'><tr><td width='85%'>标题</td><td width='15%'>{$word}</td></tr>";
$sql = $empire->query($query);
while ($r = $empire->fetch($sql)) {
$classurl = sys_ReturnBqClassname($r, 9);
$titleurl = sys_ReturnBqTitleLink($r);
echo "<tr bgcolor='#ffffff' height='23'><td>[<a href='" . $classurl . "' target='_blank'>" . $class_r[$r[classid]][classname] . "</a>] <a href='{$titleurl}' target='_blank' title='发布时间:" . date("Y-m-d H:i:s", $r[newstime]) . "'>" . stripSlashes($r[title]) . "</a></td><td>" . $r[$field] . "</td></tr>";
}
echo "</table>";
}
$modid = intval(empty($_GET["modid"]) ? @$args["modid"] : $_GET["modid"]);
$catid = intval(empty($_GET["catid"]) ? @$args["catid"] : $_GET["catid"]);
$start = intval(empty($_GET["start"]) ? @$args["start"] : $_GET["start"]);
if (empty($modid) && is_object($GLOBALS["xoopsModule"]) && "tag" != $GLOBALS["xoopsModule"]->getVar("dirname")) {
$modid = $GLOBALS["xoopsModule"]->getVar("mid");
}
if (empty($tag_id) && empty($tag_term)) {
redirect_header(XOOPS_URL . "/modules/" . $GLOBALS["xoopsModule"]->getVar("dirname") . "/index.php", 2, TAG_MD_INVALID);
exit;
}
$tag_handler =& xoops_getmodulehandler("tag", "tag");
if (!empty($tag_id)) {
$tag_obj =& $tag_handler->get($tag_id);
$tag_term = $tag_obj->getVar("tag_term", "n");
} else {
if (!($tags_obj = $tag_handler->getObjects(new Criteria("tag_term", addSlashes(stripSlashes($tag_term)))))) {
redirect_header(XOOPS_URL . "/modules/" . $GLOBALS["xoopsModule"]->getVar("dirname") . "/index.php", 2, TAG_MD_INVALID);
exit;
}
$tag_obj =& $tags_obj[0];
$tag_id = $tag_obj->getVar("tag_id");
}
if (!empty($tag_desc)) {
$page_title = $tag_desc;
} else {
$module_name = "tag" == $xoopsModule->getVar("dirname") ? $xoopsConfig["sitename"] : $xoopsModule->getVar("name");
$page_title = sprintf(TAG_MD_TAGVIEW, htmlspecialchars($tag_term), $module_name);
}
$xoopsOption["template_main"] = "tag_view.html";
$xoopsOption["xoops_pagetitle"] = strip_tags($page_title);
include XOOPS_ROOT_PATH . "/header.php";
$panels[$i - 1]->pict = isset($_GET['panel' . $i . 'pict']) ? stripSlashes($_GET['panel' . $i . 'pict']) : "cfco2014.jpg";
$panels[$i - 1]->slides = isset($_GET['panel' . $i . 'slides']) ? stripSlashes($_GET['panel' . $i . 'slides']) : "";
$panels[$i - 1]->txt = isset($_GET['panel' . $i . 'txt']) ? stripSlashes($_GET['panel' . $i . 'txt']) : "Welcome";
$panels[$i - 1]->txtsize = isset($_GET['panel' . $i . 'txtsize']) ? intval($_GET['panel' . $i . 'txtsize']) : 16;
$panels[$i - 1]->txtcolor = isset($_GET['panel' . $i . 'txtcolor']) ? stripSlashes($_GET['panel' . $i . 'txtcolor']) : "000000";
$panels[$i - 1]->html = isset($_GET['panel' . $i . 'html']) ? stripSlashes($_GET['panel' . $i . 'html']) : "exemple.html";
$panels[$i - 1]->firstline = isset($_GET['panel' . $i . 'firstline']) ? intval($_GET['panel' . $i . 'firstline']) : 1;
$panels[$i - 1]->fixedlines = isset($_GET['panel' . $i . 'fixedlines']) ? intval($_GET['panel' . $i . 'fixedlines']) : 10;
$panels[$i - 1]->scrolledlines = isset($_GET['panel' . $i . 'scrolledlines']) ? intval($_GET['panel' . $i . 'scrolledlines']) : 17;
$panels[$i - 1]->scrolltime = isset($_GET['panel' . $i . 'scrolltime']) ? intval($_GET['panel' . $i . 'scrolltime']) : 10;
$panels[$i - 1]->scrollbeforetime = isset($_GET['panel' . $i . 'scrollbeforetime']) ? intval($_GET['panel' . $i . 'scrollbeforetime']) : 50;
$panels[$i - 1]->scrollaftertime = isset($_GET['panel' . $i . 'scrollaftertime']) ? intval($_GET['panel' . $i . 'scrollaftertime']) : 80;
$panels[$i - 1]->updateduration = isset($_GET['panel' . $i . 'updateduration']) ? intval($_GET['panel' . $i . 'updateduration']) : 3;
$panels[$i - 1]->radioctrl = isset($_GET['panel' . $i . 'radioctrl']) ? intval($_GET['panel' . $i . 'radioctrl']) : 31;
}
$title = isset($_GET['title']) ? stripSlashes($_GET['title']) : "no title";
$chkall = isset($_GET['chkall']) ? $_GET['chkall'] : null;
$res = mysql_query("SELECT rcid FROM resultscreen WHERE rcid={$rcid} AND sid={$sid}");
if (mysql_num_rows($res) > 0) {
$now = time();
$str = "cid='" . $cid . "', ";
$str = $str . "panelscount='" . $panelscount . "', ";
$str = $str . "style='" . addSlashes($style) . "', ";
$str = $str . "title='" . addSlashes($title) . "', ";
$str = $str . "titlesize='" . $titlesize . "', ";
$str = $str . "titlecolor='" . addSlashes($titlecolor) . "', ";
$str = $str . "subtitle='" . addSlashes($subtitle) . "', ";
$str = $str . "subtitlesize='" . $subtitlesize . "', ";
$str = $str . "subtitlecolor='" . addSlashes($subtitlecolor) . "', ";
$str = $str . "titleleftpict='" . addSlashes($titleleftpict) . "', ";
$str = $str . "titlerightpict='" . addSlashes($titlerightpict) . "', ";
/**
* Get the hierarchy in list form
*
* @param int $pn_id
* @param array $pa_options
*
* additionalTableToJoin: name of table to join to hierarchical table (and return fields from); only fields related many-to-one are currently supported
* idsOnly = return simple array of primary key values for child records rather than full data array
* returnDeleted = return deleted records in list (def. false)
* maxLevels =
* dontIncludeRoot =
* includeSelf =
*
* @return array
*/
public function &getHierarchyAsList($pn_id = null, $pa_options = null)
{
if (!$this->isHierarchical()) {
return null;
}
$pb_ids_only = caGetOption('idsOnly', $pa_options, false);
$pn_max_levels = caGetOption('maxLevels', $pa_options, null, array('cast' => 'int'));
$ps_additional_table_to_join = caGetOption('additionalTableToJoin', $pa_options, null);
$pb_dont_include_root = caGetOption('dontIncludeRoot', $pa_options, false);
$pb_include_self = caGetOption('includeSelf', $pa_options, false);
if ($pn_id && $pb_include_self) {
$pb_dont_include_root = false;
}
if ($qr_hier = $this->getHierarchy($pn_id, $pa_options)) {
if ($pb_ids_only) {
if (!$pb_include_self || $pb_dont_include_root) {
if (($vn_i = array_search($pn_id, $qr_hier)) !== false) {
unset($qr_hier[$vn_i]);
}
}
return $qr_hier;
}
$vs_hier_right_fld = $this->getProperty("HIERARCHY_RIGHT_INDEX_FLD");
$va_indent_stack = array();
$va_hier = array();
$vn_cur_level = -1;
$va_omit_stack = array();
$vn_root_id = $pn_id;
while ($qr_hier->nextRow()) {
$vn_row_id = $qr_hier->get($this->primaryKey());
if (is_null($vn_root_id)) {
$vn_root_id = $vn_row_id;
}
if ($pb_dont_include_root && $vn_row_id == $vn_root_id) {
continue;
}
// skip root if desired
$vn_r = $qr_hier->get($vs_hier_right_fld);
$vn_c = sizeof($va_indent_stack);
if ($vn_c > 0) {
while ($vn_c && $va_indent_stack[$vn_c - 1] <= $vn_r) {
array_pop($va_indent_stack);
$vn_c = sizeof($va_indent_stack);
}
}
if ($vn_cur_level != sizeof($va_indent_stack)) {
if ($vn_cur_level > sizeof($va_indent_stack)) {
$va_omit_stack = array();
}
$vn_cur_level = intval(sizeof($va_indent_stack));
}
if (is_null($pn_max_levels) || $vn_cur_level < $pn_max_levels) {
$va_field_values = $qr_hier->getRow();
foreach ($va_field_values as $vs_key => $vs_val) {
$va_field_values[$vs_key] = stripSlashes($vs_val);
}
if ($pb_ids_only) {
$va_hier[] = $vn_row_id;
} else {
$va_node = array("NODE" => $va_field_values, "LEVEL" => $vn_cur_level);
$va_hier[] = $va_node;
}
}
$va_indent_stack[] = $vn_r;
}
return $va_hier;
} else {
return null;
}
}
function _filter_gpc($value)
{
return get_magic_quotes_gpc() ? stripSlashes($value) : $value;
}
$jzUSER->storePlaylist($pl);
if (!defined('NO_AJAX_JUKEBOX')) {
$blocks = new jzBlocks();
$blocks->playlistDisplay();
exit;
}
} else {
if (isset($_POST['jz_path']) && isset($_POST['addPath']) || isset($_POST['addList']) && sizeof($_POST['jz_list']) == 0) {
$exit = false;
$guy =& new jzMediaNode($_POST['jz_path']);
if (isset($_POST['doquery']) && $_POST['query'] != "") {
if ($_POST['how'] == "search") {
$root =& new jzMediaNode();
$list = $root->search(stripSlashes($_POST['query']), "tracks", -1);
} else {
$list = $guy->search(stripSlashes($_POST['query']), "tracks", -1);
}
$pl = $jzUSER->loadPlaylist();
$pl->add($list);
$jzUSER->storePlaylist($pl);
if (!defined('NO_AJAX_JUKEBOX')) {
$blocks = new jzBlocks();
$blocks->playlistDisplay();
exit;
}
} else {
$pl = $jzUSER->loadPlaylist();
$pl->add($guy);
$jzUSER->storePlaylist($pl);
if (!defined('NO_AJAX_JUKEBOX')) {
$blocks = new jzBlocks();
/**
* Get the value of a field in the current row.
* Possible keys in the options array:
* binary, unserialize, convertHTMLBreaks, urlEncode, filterHTMLSpecialCharacters, escapeForXML, stripSlashes
*
* @param string $ps_field field name
* @param array $pa_options associative array of options, keys are names of the options, values are boolean.
* @return mixed
*/
function get($ps_field, $pa_options = null)
{
$va_field = isset(DbResult::$s_field_info_cache[$ps_field]) ? DbResult::$s_field_info_cache[$ps_field] : $this->getFieldInfo($ps_field);
if (!isset($this->opa_current_row[$va_field["field"]])) {
return null;
}
$vs_val = isset($this->opa_current_row[$va_field["field"]]) ? $this->opa_current_row[$va_field["field"]] : null;
if (isset($pa_options["binary"]) && $pa_options["binary"]) {
return $vs_val;
}
if (isset($pa_options["unserialize"]) && $pa_options["unserialize"]) {
if (!isset($this->opa_unserialized_cache[$va_field["field"]]) || !($vm_data = $this->opa_unserialized_cache[$va_field["field"]])) {
$vm_data = caUnserializeForDatabase($vs_val);
$this->opa_unserialized_cache[$va_field["field"]] =& $vm_data;
}
return $vm_data;
}
if (isset($pa_options["convertHTMLBreaks"]) && $pa_options["convertHTMLBreaks"]) {
# check for tags before converting breaks
preg_match_all("/<[A-Za-z0-9]+/", $vs_val, $va_tags);
$va_ok_tags = array("<b", "<i", "<u", "<strong", "<em", "<strike", "<sub", "<sup", "<a", "<img", "<span");
$vb_convert_breaks = true;
foreach ($va_tags[0] as $vs_tag) {
if (!in_array($vs_tag, $va_ok_tags)) {
$vb_convert_breaks = false;
break;
}
}
if ($vb_convert_breaks) {
$vs_val = preg_replace("/(\n|\r\n){2}/", "<p/>", $vs_val);
$vs_val = ereg_replace("\n", "<br/>", $vs_val);
}
}
if (isset($pa_options["urlEncode"]) && $pa_options["urlEncode"]) {
$vs_val = urlEncode($vs_val);
}
if (isset($pa_options["filterHTMLSpecialCharacters"]) && $pa_options["filterHTMLSpecialCharacters"]) {
$vs_val = htmlentities(html_entity_decode($vs_val));
}
if (isset($pa_options["escapeForXML"]) && $pa_options["escapeForXML"]) {
$vs_val = caEscapeForXML($vs_val);
}
if (get_magic_quotes_gpc() || $pa_options["stripSlashes"]) {
$vs_val = stripSlashes($vs_val);
}
return $vs_val;
}
function Ebak_SaveSeting($add)
{
$savename = $add['savename'];
if (strstr($savename, '.') || strstr($savename, '/') || strstr($savename, "\\")) {
printerror("FailSetSavename", "history.go(-1)");
}
$baktype = (int) $add['baktype'];
$filesize = (int) $add['filesize'];
$bakline = (int) $add['bakline'];
$autoauf = (int) $add['autoauf'];
$bakstru = (int) $add['bakstru'];
$bakstrufour = (int) $add['bakstrufour'];
$beover = (int) $add['beover'];
$add['waitbaktime'] = (int) $add['waitbaktime'];
$bakdatatype = (int) $add['bakdatatype'];
//表列表
$tblist = "";
$tablename = $add['tablename'];
$count = count($tablename);
if ($count) {
for ($i = 0; $i < $count; $i++) {
$tblist .= $tablename[$i] . ",";
}
$tblist = "," . $tblist;
}
$str = "<?php\n\$dbaktype=" . $baktype . ";\n\$dfilesize=" . $filesize . ";\n\$dbakline=" . $bakline . ";\n\$dautoauf=" . $autoauf . ";\n\$dbakstru=" . $bakstru . ";\n\$dbakstrufour=" . $bakstrufour . ";\n\$ddbchar='" . addslashes($add['dbchar']) . "';\n\$dmypath='" . addslashes($add['mypath']) . "';\n\$dreadme=\"" . addslashes(stripSlashes($add['readme'])) . "\";\n\$dautofield='" . addslashes($add['autofield']) . "';\n\$dtblist='" . addslashes($tblist) . "';\n\$dbeover=" . $beover . ";\n\$dinsertf='" . addslashes($add['insertf']) . "';\n\$dmydbname='" . addslashes($add['mydbname']) . "';\n\$dkeyboard='" . addslashes($add['keyboard']) . "';\n\$dwaitbaktime='" . $add['waitbaktime'] . "';\n\$dbakdatatype=" . $bakdatatype . ";\n?>";
$file = "setsave/" . $savename;
WriteFiletext_n($file, $str);
printerror("SetSaveSuccess", "history.go(-1)");
}
</table></td>
</tr>
<tr>
<td valign="top" bgcolor="#FFFFFF">"上下页导航"式正则设置:</td>
<td bgcolor="#FFFFFF"> <table width="100%%" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="50%" height="23"><strong>分页区域正则(<font color="#FF0000">[!--smallpagezz--]</font>)</strong></td>
<td><strong>分页链接正则(<font color="#FF0000">[!--pagezz--]</font>)</strong></td>
</tr>
<tr>
<td><textarea name="add[smallpagezz]" cols="42" rows="12" id="add[smallpagezz]"><?php
echo ehtmlspecialchars(stripSlashes($r[smallpagezz]));
?>
</textarea></td>
<td><textarea name="add[pagezz]" cols="42" rows="12" id="add[pagezz]"><?php
echo ehtmlspecialchars(stripSlashes($r[pagezz]));
?>
</textarea></td>
</tr>
</table></td>
</tr>
<tr>
<td bgcolor="#FFFFFF"> </td>
<td bgcolor="#FFFFFF"> <input type="submit" name="Submit" value="提交"> <input type="reset" name="Submit2" value="重置"> </td>
</tr>
</table>
<br>
<table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td><strong>注意事项:<font color="#FF0000"><br>
</font></strong>1.*:表示不限制内容。行与行之间的间隔最好用*格开<br>
} else {
if (empty($id) || empty($classid)) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if (empty($class_r[$classid][tbname]) || InfoIsInTable($class_r[$classid][tbname])) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
$n_r = $empire->fetch1("select * from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where id='{$id}' limit 1");
if (!$n_r['id'] || $n_r['classid'] != $classid) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
$pubid = ReturnInfoPubid($classid, $id);
$search = "&classid={$classid}&id=" . $id;
//标题链接
$titleurl = sys_ReturnBqTitleLink($n_r);
$title = stripSlashes($n_r[title]);
$pagetitle = ehtmlspecialchars($title);
//评分
$infopfennum = $n_r['infopfennum'];
$pinfopfen = $infopfennum ? round($n_r['infopfen'] / $infopfennum) : 0;
$url = ReturnClassLink($n_r[classid]) . " > <a href=" . $titleurl . ">" . $title . "</a> > " . $fun_r[pl];
}
//使用模板
$rewritetempid = 0;
if ($_GET['tempid']) {
$tempid = (int) $_GET['tempid'];
$tempnum = $empire->gettotal("select count(*) as total from " . GetTemptb("enewspltemp") . " where tempid='{$tempid}'");
$tempid = $tempnum ? $tempid : $public_r['defpltempid'];
$search .= '&tempid=' . $tempid;
$rewritetempid = $tempid;
} else {
" size="20">
<select name="select4" onchange="document.form1.showdate.value=this.value">
<option value="Y-m-d H:i:s">选择</option>
<option value="Y-m-d H:i:s">2005-01-27 11:04:27</option>
<option value="Y-m-d">2005-01-27</option>
<option value="m-d">01-27</option>
</select></td>
</tr>
<tr bgcolor="#FFFFFF">
<td height="25"><strong>模板内容</strong>(*)</td>
<td height="25">请将模板内容<a href="#ecms" onclick="window.clipboardData.setData('Text',document.form1.temptext.value);document.form1.temptext.select()" title="点击复制模板内容"><strong>复制到Dreamweaver(推荐)</strong></a>或者使用<a href="#ecms" onclick="window.open('editor.php?getvar=opener.document.form1.temptext.value&returnvar=opener.document.form1.temptext.value&fun=ReturnHtml¬fullpage=1','edittemp','width=880,height=600,scrollbars=auto,resizable=yes');"><strong>模板在线编辑</strong></a>进行可视化编辑</td>
</tr>
<tr bgcolor="#FFFFFF">
<td height="25" colspan="2"><div align="center">
<textarea name="temptext" cols="90" rows="18" id="temptext" wrap="OFF" style="WIDTH: 100%"><?php
echo htmlspecialchars(stripSlashes($r[temptext]));
?>
</textarea>
</div></td>
</tr>
<tr bgcolor="#FFFFFF">
<td height="25" colspan="2"> [<a href="#ecms" onclick="tempturnit(showtempvar);">显示模板变量说明</a>]</td>
</tr>
<tr bgcolor="#FFFFFF" id="showtempvar" style="display:none">
<td height="25" colspan="2">
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#DBEAF5">
<tr bgcolor="#FFFFFF">
<td width="33%" height="25"> <input name="textfield42" type="text" value="[!--id--]">
:信息ID</td>
<td width="34%"> <input name="textfield52" type="text" value="[!--titleurl--]">
:标题链接</td>
function LoadSearchAll($lid, $start, $userid, $username)
{
global $empire, $dbtbpre, $class_r, $fun_r, $public_r, $emod_r;
$lid = (int) $lid;
if (empty($lid)) {
printerror('ErrorUrl', '');
}
$lr = $empire->fetch1("select tbname,titlefield,infotextfield,loadnum,lastid from {$dbtbpre}enewssearchall_load where lid='{$lid}'");
if (empty($lr['tbname'])) {
printerror('ErrorUrl', '');
}
//不导入栏目
$pr = $empire->fetch1("select schallnotcid from {$dbtbpre}enewspublic limit 1");
$line = $lr['loadnum'];
if (empty($line)) {
$line = 300;
}
$start = (int) $start;
if ($start < $lr['lastid']) {
$start = $lr['lastid'];
}
//字段
$selectdtf = '';
$selectf = '';
$savetxtf = '';
$fsql = $empire->query("select tid,f,savetxt,tbdataf from {$dbtbpre}enewsf where (f='{$lr['titlefield']}' or f='{$lr['infotextfield']}') and tbname='{$lr['tbname']}' limit 2");
while ($fr = $empire->fetch($fsql)) {
if ($fr['tbdataf']) {
$selectdtf .= ',' . $fr[f];
} else {
$selectf .= ',' . $fr[f];
}
if ($fr['savetxt']) {
$savetxtf = $fr[f];
}
}
$b = 0;
$sql = $empire->query("select id,stb,classid,isurl,newstime" . $selectf . " from {$dbtbpre}ecms_" . $lr['tbname'] . " where id>{$start} order by id limit " . $line);
while ($r = $empire->fetch($sql)) {
$b = 1;
$newstart = $r['id'];
if ($r['isurl']) {
continue;
}
if (empty($class_r[$r[classid]]['tbname'])) {
continue;
}
if (strstr($pr['schallnotcid'], ',' . $r[classid] . ',')) {
continue;
}
//重复
$havenum = $empire->gettotal("select count(*) as total from {$dbtbpre}enewssearchall where id='{$r['id']}' and classid='{$r['classid']}' limit 1");
if ($havenum) {
continue;
}
//副表
if ($selectdtf) {
$finfor = $empire->fetch1("select id" . $selectdtf . " from {$dbtbpre}ecms_" . $lr['tbname'] . "_data_" . $r[stb] . " where id='{$r['id']}'");
$r = array_merge($r, $finfor);
}
//存文本
if ($savetxtf) {
$r[$savetxtf] = GetTxtFieldText($r[$savetxtf]);
}
$infotext = $r[$lr[infotextfield]];
$title = $r[$lr[titlefield]];
$infotime = $r[newstime];
$title = SearchReturnSaveStr(ClearSearchAllHtml(stripSlashes($title)));
$infotext = SearchReturnSaveStr(ClearSearchAllHtml(stripSlashes($infotext)));
$empire->query("insert into {$dbtbpre}enewssearchall(sid,id,classid,title,infotime,infotext) values(NULL,'{$r['id']}','{$r['classid']}','" . addslashes($title) . "','{$infotime}','" . addslashes($infotext) . "');");
}
if (empty($b)) {
$lasttime = time();
if (empty($newstart)) {
$newstart = $start;
}
$empire->query("update {$dbtbpre}enewssearchall_load set lasttime='{$lasttime}',lastid='{$newstart}' where lid='{$lid}'");
echo "<link rel=\"stylesheet\" href=\"../../data/images/css.css\" type=\"text/css\"><center><b>" . $lr['tbname'] . $fun_r[LoadSearchAllIsOK] . "</b></center>";
db_close();
$empire = null;
exit;
}
echo "<link rel=\"stylesheet\" href=\"../../data/images/css.css\" type=\"text/css\"><meta http-equiv=\"refresh\" content=\"0;url=LoadSearchAll.php?enews=LoadSearchAll&lid={$lid}&start={$newstart}" . hReturnEcmsHashStrHref(0) . "\">" . $fun_r[OneLoadSearchAllSuccess] . "(ID:<font color=red><b>" . $newstart . "</b></font>)";
exit;
}
/**
* Creates current HttpRequest object.
* @return Request
*/
public function createHttpRequest()
{
// DETECTS URI, base path and script path of the request.
$url = new UrlScript();
$url->setScheme(!empty($_SERVER['HTTPS']) && strcasecmp($_SERVER['HTTPS'], 'off') ? 'https' : 'http');
$url->setUser(isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : '');
$url->setPassword(isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : '');
// host & port
if ((isset($_SERVER[$tmp = 'HTTP_HOST']) || isset($_SERVER[$tmp = 'SERVER_NAME'])) && preg_match('#^([a-z0-9_.-]+|\\[[a-f0-9:]+\\])(:\\d+)?\\z#i', $_SERVER[$tmp], $pair)) {
$url->setHost(strtolower($pair[1]));
if (isset($pair[2])) {
$url->setPort(substr($pair[2], 1));
} elseif (isset($_SERVER['SERVER_PORT'])) {
$url->setPort($_SERVER['SERVER_PORT']);
}
}
// path & query
if (isset($_SERVER['REQUEST_URI'])) {
// Apache, IIS 6.0
$requestUrl = $_SERVER['REQUEST_URI'];
} elseif (isset($_SERVER['ORIG_PATH_INFO'])) {
// IIS 5.0 (PHP as CGI ?)
$requestUrl = $_SERVER['ORIG_PATH_INFO'];
if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != '') {
$requestUrl .= '?' . $_SERVER['QUERY_STRING'];
}
} else {
$requestUrl = '';
}
$requestUrl = Strings::replace($requestUrl, $this->urlFilters['url']);
$tmp = explode('?', $requestUrl, 2);
$url->setPath(Strings::replace($tmp[0], $this->urlFilters['path']));
$url->setQuery(isset($tmp[1]) ? $tmp[1] : '');
// normalized url
$url->canonicalize();
$url->setPath(Strings::fixEncoding($url->getPath()));
// detect script path
if (isset($_SERVER['SCRIPT_NAME'])) {
$script = $_SERVER['SCRIPT_NAME'];
} elseif (isset($_SERVER['DOCUMENT_ROOT'], $_SERVER['SCRIPT_FILENAME']) && strncmp($_SERVER['DOCUMENT_ROOT'], $_SERVER['SCRIPT_FILENAME'], strlen($_SERVER['DOCUMENT_ROOT'])) === 0) {
$script = '/' . ltrim(strtr(substr($_SERVER['SCRIPT_FILENAME'], strlen($_SERVER['DOCUMENT_ROOT'])), '\\', '/'), '/');
} else {
$script = '/';
}
$path = strtolower($url->getPath()) . '/';
$script = strtolower($script) . '/';
$max = min(strlen($path), strlen($script));
for ($i = 0; $i < $max; $i++) {
if ($path[$i] !== $script[$i]) {
break;
} elseif ($path[$i] === '/') {
$url->setScriptPath(substr($url->getPath(), 0, $i + 1));
}
}
// GET, POST, COOKIE
$useFilter = !in_array(ini_get('filter.default'), array('', 'unsafe_raw')) || ini_get('filter.default_flags');
parse_str($url->getQuery(), $query);
if (!$query) {
$query = $useFilter ? filter_input_array(INPUT_GET, FILTER_UNSAFE_RAW) : (empty($_GET) ? array() : $_GET);
}
$post = $useFilter ? filter_input_array(INPUT_POST, FILTER_UNSAFE_RAW) : (empty($_POST) ? array() : $_POST);
$cookies = $useFilter ? filter_input_array(INPUT_COOKIE, FILTER_UNSAFE_RAW) : (empty($_COOKIE) ? array() : $_COOKIE);
$gpc = (bool) get_magic_quotes_gpc();
// remove f*****g quotes, control characters and check encoding
if ($gpc || !$this->binary) {
$list = array(&$query, &$post, &$cookies);
while (list($key, $val) = each($list)) {
foreach ($val as $k => $v) {
unset($list[$key][$k]);
if ($gpc) {
$k = stripslashes($k);
}
if (!$this->binary && is_string($k) && (!preg_match(self::CHARS, $k) || preg_last_error())) {
// invalid key -> ignore
} elseif (is_array($v)) {
$list[$key][$k] = $v;
$list[] =& $list[$key][$k];
} else {
if ($gpc && !$useFilter) {
$v = stripSlashes($v);
}
if (!$this->binary && (!preg_match(self::CHARS, $v) || preg_last_error())) {
$v = '';
}
$list[$key][$k] = $v;
}
}
}
unset($list, $key, $val, $k, $v);
}
// FILES and create FileUpload objects
$files = array();
$list = array();
if (!empty($_FILES)) {
foreach ($_FILES as $k => $v) {
if (!$this->binary && is_string($k) && (!preg_match(self::CHARS, $k) || preg_last_error())) {
continue;
}
$v['@'] =& $files[$k];
$list[] = $v;
}
}
while (list(, $v) = each($list)) {
if (!isset($v['name'])) {
continue;
} elseif (!is_array($v['name'])) {
if ($gpc) {
$v['name'] = stripSlashes($v['name']);
}
if (!$this->binary && (!preg_match(self::CHARS, $v['name']) || preg_last_error())) {
$v['name'] = '';
}
if ($v['error'] !== UPLOAD_ERR_NO_FILE) {
$v['@'] = new FileUpload($v);
}
continue;
}
foreach ($v['name'] as $k => $foo) {
if (!$this->binary && is_string($k) && (!preg_match(self::CHARS, $k) || preg_last_error())) {
continue;
}
$list[] = array('name' => $v['name'][$k], 'type' => $v['type'][$k], 'size' => $v['size'][$k], 'tmp_name' => $v['tmp_name'][$k], 'error' => $v['error'][$k], '@' => &$v['@'][$k]);
}
}
// HEADERS
if (function_exists('apache_request_headers')) {
$headers = apache_request_headers();
} else {
$headers = array();
foreach ($_SERVER as $k => $v) {
if (strncmp($k, 'HTTP_', 5) == 0) {
$k = substr($k, 5);
} elseif (strncmp($k, 'CONTENT_', 8)) {
continue;
}
$headers[strtr($k, '_', '-')] = $v;
}
}
$remoteAddr = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : NULL;
$remoteHost = isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : NULL;
// proxy
foreach ($this->proxies as $proxy) {
if (Helpers::ipMatch($remoteAddr, $proxy)) {
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$remoteAddr = trim(current(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])));
}
if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
$remoteHost = trim(current(explode(',', $_SERVER['HTTP_X_FORWARDED_HOST'])));
}
break;
}
}
$method = isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : NULL;
if ($method === 'POST' && isset($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE']) && preg_match('#^[A-Z]+\\z#', $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'])) {
$method = $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'];
}
return new Request($url, $query, $post, $files, $cookies, $headers, $method, $remoteAddr, $remoteHost);
}
/**
* Creates current HttpRequest object.
* @return Request
*/
public function createHttpRequest()
{
// DETECTS URI, base path and script path of the request.
$url = new UrlScript();
$url->scheme = !empty($_SERVER['HTTPS']) && strcasecmp($_SERVER['HTTPS'], 'off') ? 'https' : 'http';
$url->user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : '';
$url->password = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : '';
// host & port
if ((isset($_SERVER[$tmp = 'HTTP_HOST']) || isset($_SERVER[$tmp = 'SERVER_NAME'])) && preg_match('#^([a-z0-9_.-]+|\\[[a-fA-F0-9:]+\\])(:\\d+)?\\z#', $_SERVER[$tmp], $pair)) {
$url->host = strtolower($pair[1]);
if (isset($pair[2])) {
$url->port = (int) substr($pair[2], 1);
} elseif (isset($_SERVER['SERVER_PORT'])) {
$url->port = (int) $_SERVER['SERVER_PORT'];
}
}
// path & query
if (isset($_SERVER['REQUEST_URI'])) {
// Apache, IIS 6.0
$requestUrl = $_SERVER['REQUEST_URI'];
} elseif (isset($_SERVER['ORIG_PATH_INFO'])) {
// IIS 5.0 (PHP as CGI ?)
$requestUrl = $_SERVER['ORIG_PATH_INFO'];
if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != '') {
$requestUrl .= '?' . $_SERVER['QUERY_STRING'];
}
} else {
$requestUrl = '';
}
$requestUrl = Strings::replace($requestUrl, $this->urlFilters['url']);
$tmp = explode('?', $requestUrl, 2);
$url->path = Strings::replace($tmp[0], $this->urlFilters['path']);
$url->query = isset($tmp[1]) ? $tmp[1] : '';
// normalized url
$url->canonicalize();
$url->path = Strings::fixEncoding($url->path);
// detect script path
if (isset($_SERVER['SCRIPT_NAME'])) {
$script = $_SERVER['SCRIPT_NAME'];
} elseif (isset($_SERVER['DOCUMENT_ROOT'], $_SERVER['SCRIPT_FILENAME']) && strncmp($_SERVER['DOCUMENT_ROOT'], $_SERVER['SCRIPT_FILENAME'], strlen($_SERVER['DOCUMENT_ROOT'])) === 0) {
$script = '/' . ltrim(strtr(substr($_SERVER['SCRIPT_FILENAME'], strlen($_SERVER['DOCUMENT_ROOT'])), '\\', '/'), '/');
} else {
$script = '/';
}
$path = strtolower($url->path) . '/';
$script = strtolower($script) . '/';
$max = min(strlen($path), strlen($script));
for ($i = 0; $i < $max; $i++) {
if ($path[$i] !== $script[$i]) {
break;
} elseif ($path[$i] === '/') {
$url->scriptPath = substr($url->path, 0, $i + 1);
}
}
// GET, POST, COOKIE
$useFilter = !in_array(ini_get('filter.default'), array('', 'unsafe_raw')) || ini_get('filter.default_flags');
parse_str($url->query, $query);
if (!$query) {
$query = $useFilter ? filter_input_array(INPUT_GET, FILTER_UNSAFE_RAW) : (empty($_GET) ? array() : $_GET);
}
$post = $useFilter ? filter_input_array(INPUT_POST, FILTER_UNSAFE_RAW) : (empty($_POST) ? array() : $_POST);
$cookies = $useFilter ? filter_input_array(INPUT_COOKIE, FILTER_UNSAFE_RAW) : (empty($_COOKIE) ? array() : $_COOKIE);
$gpc = (bool) get_magic_quotes_gpc();
$old = error_reporting(error_reporting() ^ E_NOTICE);
// remove f*****g quotes and check (and optionally convert) encoding
if ($gpc || $this->encoding) {
$utf = strcasecmp($this->encoding, 'UTF-8') === 0;
$list = array(&$query, &$post, &$cookies);
while (list($key, $val) = each($list)) {
foreach ($val as $k => $v) {
unset($list[$key][$k]);
if ($gpc) {
$k = stripslashes($k);
}
if ($this->encoding && is_string($k) && (preg_match(self::NONCHARS, $k) || preg_last_error())) {
// invalid key -> ignore
} elseif (is_array($v)) {
$list[$key][$k] = $v;
$list[] =& $list[$key][$k];
} else {
if ($gpc && !$useFilter) {
$v = stripSlashes($v);
}
if ($this->encoding) {
if ($utf) {
$v = Strings::fixEncoding($v);
} else {
if (!Strings::checkEncoding($v)) {
$v = iconv($this->encoding, 'UTF-8//IGNORE', $v);
}
$v = html_entity_decode($v, ENT_QUOTES, 'UTF-8');
}
$v = preg_replace(self::NONCHARS, '', $v);
}
$list[$key][$k] = $v;
}
}
}
unset($list, $key, $val, $k, $v);
}
// FILES and create FileUpload objects
$files = array();
$list = array();
if (!empty($_FILES)) {
foreach ($_FILES as $k => $v) {
if ($this->encoding && is_string($k) && (preg_match(self::NONCHARS, $k) || preg_last_error())) {
continue;
}
$v['@'] =& $files[$k];
$list[] = $v;
}
}
while (list(, $v) = each($list)) {
if (!isset($v['name'])) {
continue;
} elseif (!is_array($v['name'])) {
if ($gpc) {
$v['name'] = stripSlashes($v['name']);
}
if ($this->encoding) {
$v['name'] = preg_replace(self::NONCHARS, '', Strings::fixEncoding($v['name']));
}
$v['@'] = new FileUpload($v);
continue;
}
foreach ($v['name'] as $k => $foo) {
if ($this->encoding && is_string($k) && (preg_match(self::NONCHARS, $k) || preg_last_error())) {
continue;
}
$list[] = array('name' => $v['name'][$k], 'type' => $v['type'][$k], 'size' => $v['size'][$k], 'tmp_name' => $v['tmp_name'][$k], 'error' => $v['error'][$k], '@' => &$v['@'][$k]);
}
}
error_reporting($old);
// HEADERS
if (function_exists('apache_request_headers')) {
$headers = array_change_key_case(apache_request_headers(), CASE_LOWER);
} else {
$headers = array();
foreach ($_SERVER as $k => $v) {
if (strncmp($k, 'HTTP_', 5) == 0) {
$k = substr($k, 5);
} elseif (strncmp($k, 'CONTENT_', 8)) {
continue;
}
$headers[strtr(strtolower($k), '_', '-')] = $v;
}
}
return new Request($url, $query, $post, $files, $cookies, $headers, isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : NULL, isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : NULL, isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : NULL);
}
public function _save($properties = "", $vtype = "")
{
if (isset($properties) && is_array($properties)) {
// isn't this double work, the save function doesn this again
foreach ($properties as $prop_name => $prop) {
foreach ($prop as $prop_index => $prop_record) {
$record = array();
foreach ($prop_record as $prop_field => $prop_value) {
switch (gettype($prop_value)) {
case "integer":
case "boolean":
case "double":
$value = $prop_value;
break;
default:
$value = $prop_value;
if (substr($prop_value, 0, 1) === "'" && substr($prop_value, -1) === "'" && "'" . AddSlashes(StripSlashes(substr($prop_value, 1, -1))) . "'" == $prop_value) {
$value = stripSlashes(substr($prop_value, 1, -1));
// todo add deprecated warning
}
}
$record[$prop_field] = $value;
}
$properties[$prop_name][$prop_index] = $record;
}
}
}
if ($this->arIsNewObject && $this->CheckSilent('add', $this->type)) {
unset($this->data->config);
$result = $this->save($properties, $vtype);
} else {
if (!$this->arIsNewObject && $this->CheckSilent('edit', $this->type)) {
$this->data->config = current($this->get('.', 'system.get.data.config.phtml'));
$result = $this->save($properties, $vtype);
}
}
return $result;
}
/**
* Creates an array out of the given settings file.
*
* @author Ben Dodson
* @since 2/2/05
* @version 2/2/05
*
**/
function settingsToArray($filename)
{
$lines = file($filename);
// each new line is an entry in the array.
$arr = array();
foreach ($lines as $line) {
if (stristr($line, "=") === false) {
continue;
}
$line = stripSlashes($line);
$key = "";
$val = "";
$i = 0;
while ($line[$i] != "=" && $i < strlen($line)) {
if (!isBlankChar($line[$i]) && $line[$i] != "\$") {
$key .= $line[$i];
}
$i++;
}
if ($line[$i] == "=") {
$i++;
while (isBlankChar($line[$i])) {
$i++;
}
if ($line[$i] == "\"") {
$i++;
}
while ($i < strlen($line) && $line[$i] != ";") {
$val .= $line[$i];
$i++;
}
if ($val[strlen($val) - 1] == "\"") {
$val = substr($val, 0, -1);
}
$arr[$key] = $val;
}
}
return $arr;
}
/**
* Returns value of user variable. Returns null if variable does not exist.
*
* @access public
* @param string $ps_key Name of user variable
* @return mixed Value of variable (string, number or array); null is variable is not defined.
*/
public function getVar($ps_key)
{
$this->clearErrors();
if (isset($this->opa_user_vars[$ps_key])) {
return is_array($this->opa_user_vars[$ps_key]) ? $this->opa_user_vars[$ps_key] : stripSlashes($this->opa_user_vars[$ps_key]);
} else {
if (isset($this->opa_volatile_user_vars[$ps_key])) {
return is_array($this->opa_volatile_user_vars[$ps_key]) ? $this->opa_volatile_user_vars[$ps_key] : stripSlashes($this->opa_volatile_user_vars[$ps_key]);
}
}
return null;
}
/**
* Initializes $this->query, $this->files, $this->cookies and $this->files arrays
* @return void
*/
public function initialize()
{
$filter = !in_array(ini_get("filter.default"), array("", "unsafe_raw")) || ini_get("filter.default_flags");
parse_str($this->getUri()->query, $this->query);
if (!$this->query) {
$this->query = $filter ? filter_input_array(INPUT_GET, FILTER_UNSAFE_RAW) : (empty($_GET) ? array() : $_GET);
}
$this->post = $filter ? filter_input_array(INPUT_POST, FILTER_UNSAFE_RAW) : (empty($_POST) ? array() : $_POST);
$this->cookies = $filter ? filter_input_array(INPUT_COOKIE, FILTER_UNSAFE_RAW) : (empty($_COOKIE) ? array() : $_COOKIE);
$gpc = (bool) get_magic_quotes_gpc();
$enc = (bool) $this->encoding;
$old = error_reporting(error_reporting() ^ E_NOTICE);
$nonChars = '#[^\\x09\\x0A\\x0D\\x20-\\x7E\\xA0-\\x{10FFFF}]#u';
// remove f*****g quotes and check (and optionally convert) encoding
if ($gpc || $enc) {
$utf = strcasecmp($this->encoding, 'UTF-8') === 0;
$list = array(&$this->query, &$this->post, &$this->cookies);
while (list($key, $val) = each($list)) {
foreach ($val as $k => $v) {
unset($list[$key][$k]);
if ($gpc) {
$k = stripslashes($k);
}
if ($enc && is_string($k) && (preg_match($nonChars, $k) || preg_last_error())) {
// invalid key -> ignore
} elseif (is_array($v)) {
$list[$key][$k] = $v;
$list[] =& $list[$key][$k];
} else {
if ($gpc && !$filter) {
$v = stripSlashes($v);
}
if ($enc) {
if ($utf) {
$v = String::fixEncoding($v);
} else {
if (!String::checkEncoding($v)) {
$v = iconv($this->encoding, 'UTF-8//IGNORE', $v);
}
$v = html_entity_decode($v, ENT_QUOTES, 'UTF-8');
}
$v = preg_replace($nonChars, '', $v);
}
$list[$key][$k] = $v;
}
}
}
unset($list, $key, $val, $k, $v);
}
// structure $files and create HttpUploadedFile objects
$this->files = array();
$list = array();
if (!empty($_FILES)) {
foreach ($_FILES as $k => $v) {
if ($enc && is_string($k) && (preg_match($nonChars, $k) || preg_last_error())) {
continue;
}
$v['@'] =& $this->files[$k];
$list[] = $v;
}
}
while (list(, $v) = each($list)) {
if (!isset($v['name'])) {
continue;
} elseif (!is_array($v['name'])) {
if ($gpc) {
$v['name'] = stripSlashes($v['name']);
}
if ($enc) {
$v['name'] = preg_replace($nonChars, '', String::fixEncoding($v['name']));
}
$v['@'] = new HttpUploadedFile($v);
continue;
}
foreach ($v['name'] as $k => $foo) {
if ($enc && is_string($k) && (preg_match($nonChars, $k) || preg_last_error())) {
continue;
}
$list[] = array('name' => $v['name'][$k], 'type' => $v['type'][$k], 'size' => $v['size'][$k], 'tmp_name' => $v['tmp_name'][$k], 'error' => $v['error'][$k], '@' => &$v['@'][$k]);
}
}
error_reporting($old);
}
<select name="select2" onchange="document.add.filetype.value=this.value">
<option value="">类型</option>
<option value=".zip">.zip</option>
<option value=".rar">.rar</option>
<option value=".exe">.exe</option>
</select>,文件大小:<input name="filesize" type="text" size=10 id="filesize" value="<?php
echo $ecmsfirstpost == 1 ? "" : DoReqValue($mid, 'filesize', stripSlashes($r[filesize]));
?>
">
<select name="select" onchange="document.add.filesize.value+=this.value">
<option value="">单位</option>
<option value=" MB">MB</option>
<option value=" KB">KB</option>
<option value=" GB">GB</option>
<option value=" BYTES">BYTES</option>
</select></td>
</tr>
<tr>
<td width=16% height=25 bgcolor=ffffff>上传软件(*)</td>
<td bgcolor=ffffff><input type="file" name="downpathfile" size="45">
</td>
</tr>
<tr>
<td width=16% height=25 bgcolor=ffffff>软件简介(*)</td>
<td bgcolor=ffffff><textarea name="softsay" cols="60" rows="10" id="softsay"><?php
echo $ecmsfirstpost == 1 ? "" : DoReqValue($mid, 'softsay', stripSlashes($r[softsay]));
?>
</textarea>
</td>
</tr>
</table>