public static function check_seccode()
{
if ($_POST['username'] && $_POST['password']) {
$seccode = iS::escapeStr($_POST['iACP_seccode']);
iPHP::seccode($seccode, true, 'iACP_seccode') or iPHP::code(0, 'iCMS:seccode:error', 'seccode', 'json');
}
}
function do_save()
{
$id = (int) $_POST['id'];
$cid = (int) $_POST['cid'];
$pid = (int) $_POST['pid'];
$name = iS::escapeStr($_POST['name']);
$key = iS::escapeStr($_POST['key']);
$data = $_POST['data'];
$status = (int) $_POST['status'];
$name or iPHP::alert('标记名称不能为空!');
// $key OR iPHP::alert('标记key值不能为空!');
$key or $key = pinyin($name);
$fields = array('cid', 'pid', 'name', 'key', 'data', 'status');
$data = compact($fields);
if ($id) {
iDB::update('marker', $data, array('id' => $id));
$msg = "标记更新完成!";
} else {
iDB::value("SELECT `id` FROM `#iCMS@__marker` where `key` ='{$key}'") && iPHP::alert('该标记已经存在!请另选一个');
$id = iDB::insert('marker', $data);
$msg = "新标记添加完成!";
}
$this->cache($id);
iPHP::success($msg, 'url:' . APP_URI);
}
function do_save()
{
$pid = (int) $_POST['pid'];
$cid = (int) $_POST['cid'];
$ordernum = (int) $_POST['ordernum'];
$field = iS::escapeStr($_POST['field']);
$name = iS::escapeStr($_POST['name']);
$type = iS::escapeStr($_POST['type']);
$val = iS::escapeStr($_POST['val']);
$field == 'pid' && !is_numeric($val) && iPHP::alert('pid字段的值只能用数字');
$field or iPHP::alert('属性字段不能为空!');
$name or iPHP::alert('属性名称不能为空!');
$type or iPHP::alert('类型不能为空!');
$field == 'pid' && ($val = (int) $val);
$fields = array('rootid', 'cid', 'field', 'type', 'ordernum', 'name', 'val');
$data = compact($fields);
if ($pid) {
iDB::update('prop', $data, array('pid' => $pid));
$msg = "属性更新完成!";
} else {
iDB::value("SELECT `pid` FROM `#iCMS@__prop` where `type` ='{$type}' AND `val` ='{$val}' AND `field` ='{$field}' AND `cid` ='{$cid}'") && iPHP::alert('该类型属性值已经存在!请另选一个');
iDB::insert('prop', $data);
$msg = "新属性添加完成!";
}
$this->cache();
iPHP::success($msg, 'url:' . APP_URI);
}
public static function send($a = array("send_uid" => 0, "send_name" => NULL, "receiv_uid" => 0, "receiv_name" => NULL, "content" => NULL), $type = 1)
{
// $userid = (int)$a['userid'];
// $friend = (int)$a['friend'];
$send_uid = (int) $a['send_uid'];
$send_name = iS::escapeStr($a['send_name']);
$receiv_uid = (int) $a['receiv_uid'];
$receiv_name = iS::escapeStr($a['receiv_name']);
$content = iS::escapeStr($a['content']);
$sendtime = time();
if ($send_uid && $send_uid == $receiv_uid && !$a['self']) {
return;
}
$fields = array('userid', 'friend', 'send_uid', 'send_name', 'receiv_uid', 'receiv_name', 'content', 'type', 'sendtime', 'readtime', 'status');
$data = compact($fields);
$data['userid'] = $send_uid;
$data['friend'] = $receiv_uid;
$data['readtime'] = "0";
$data['status'] = "1";
iDB::insert('message', $data);
if ($type == "1") {
$data['userid'] = $receiv_uid;
$data['friend'] = $send_uid;
iDB::insert('message', $data);
}
}
public function do_iCMS($a = null)
{
if ($_GET['name']) {
$name = $_GET['name'];
$encode = mb_detect_encoding($name, array("ASCII", "UTF-8", "GB2312", "GBK", "BIG5"));
if (strtoupper($encode) != 'UTF-8') {
if (function_exists('iconv')) {
$name = iconv($encode, 'UTF-8//IGNORE', $name);
} elseif (function_exists('mb_convert_encoding')) {
$name = mb_convert_encoding($name, 'UTF-8//IGNORE', $encode);
}
}
$val = iS::escapeStr($name);
$field = 'name';
} elseif ($_GET['tkey']) {
$field = 'tkey';
$val = iS::escapeStr($_GET['tkey']);
} elseif ($_GET['id']) {
$field = 'id';
$val = (int) $_GET['id'];
} else {
iPHP::throw404('标签请求出错', 30001);
}
return $this->tag($val, $field);
}
public function do_iCMS($tpl = 'index')
{
$cid = (int) $_GET['cid'];
$dir = iS::escapeStr($_GET['dir']);
if (empty($cid) && $dir) {
$cid = iCache::get('iCMS/category/dir2cid', $dir);
$cid or iPHP::throw404('运行出错!找不到该栏目<b>dir:' . $dir . '</b> 请更新栏目缓存或者确认栏目是否存在', 20002);
}
return $this->category($cid, $tpl);
}
function do_save()
{
$disable = explode("\n", iS::escapeStr($_POST['disable']));
$filter = explode("\n", iS::escapeStr($_POST['filter']));
foreach ($filter as $k => $val) {
$filterArray[$k] = explode("=", $val);
}
$this->setting->set($filterArray, 'word.filter', 0, true);
$this->setting->set($disable, 'word.disable', 0, true);
iPHP::success('更新完成');
}
public function category($id, $tpl = 'index')
{
$category = iCache::get('iCMS/category/' . $id);
if (empty($category) && $tpl) {
iPHP::throw404('运行出错!找不到该栏目<b>cid:' . $id . '</b> 请更新栏目缓存或者确认栏目是否存在', 20001);
}
if ($category['status'] == 0) {
return false;
}
$iurl = iURL::get('category', $category);
if ($tpl) {
if (iPHP::$iTPL_MODE == "html" && (strstr($category['contentRule'], '{PHP}') || $category['outurl'] || empty($category['mode']))) {
return false;
}
$category['url'] && iPHP::gotourl($category['url']);
$category['mode'] == '1' && iCMS::gotohtml($iurl->path, $iurl->href);
}
$category['iurl'] = (array) $iurl;
$category['subid'] = iCache::get('iCMS/category/rootid', $id);
$category['subids'] = implode(',', (array) $category['subid']);
$category = array_merge($category, $this->get_lite($category));
if ($category['hasbody']) {
$category['body'] = iCache::get('iCMS/category/' . $category['cid'] . '.body');
$category['body'] && ($category['body'] = stripslashes($category['body']));
}
$category['appid'] = iCMS_APP_CATEGORY;
$category['param'] = array("appid" => $category['appid'], "iid" => $category['cid'], "cid" => $category['rootid'], "suid" => $category['userid'], "title" => $category['name'], "url" => $category['url']);
if ($tpl) {
$category['mode'] && iCMS::set_html_url($iurl);
iCMS::hooks('enable_comment', true);
iPHP::assign('category', $category);
if (isset($_GET['tpl'])) {
$tpl = iS::escapeStr($_GET['tpl']);
if (strpos($tpl, '..') !== false) {
exit('what the f**k!!');
} else {
$tpl = $tpl . '.htm';
}
}
if (strpos($tpl, '.htm') !== false) {
return iPHP::view($tpl, 'category');
}
$GLOBALS['page'] > 1 && ($tpl = 'list');
$html = iPHP::view($category[$tpl . 'TPL'], 'category.' . $tpl);
if (iPHP::$iTPL_MODE == "html") {
return array($html, $category);
}
} else {
return $category;
}
}
function do_save()
{
$uid = (int) $_POST['uid'];
$gender = (int) $_POST['gender'];
$type = $_POST['type'];
$username = iS::escapeStr($_POST['uname']);
$nickname = iS::escapeStr($_POST['nickname']);
$realname = iS::escapeStr($_POST['realname']);
$power = $_POST['power'] ? json_encode($_POST['power']) : '';
$cpower = $_POST['cpower'] ? json_encode($_POST['cpower']) : '';
$gid = 0;
$info = array();
$info['icq'] = iS::escapeStr($_POST['icq']);
$info['home'] = iS::escapeStr($_POST['home']);
$info['year'] = intval($_POST['year']);
$info['month'] = intval($_POST['month']);
$info['day'] = intval($_POST['day']);
$info['from'] = iS::escapeStr($_POST['from']);
$info['signature'] = iS::escapeStr($_POST['signature']);
$info = addslashes(serialize($info));
$_POST['pwd'] && ($password = md5($_POST['pwd']));
$username or iPHP::alert('账号不能为空');
if (iACP::is_superadmin()) {
$gid = (int) $_POST['gid'];
} else {
isset($_POST['gid']) && iPHP::alert('您没有权限更改角色');
}
$fields = array('gid', 'gender', 'username', 'nickname', 'realname', 'power', 'cpower', 'info');
$data = compact($fields);
if (empty($uid)) {
iDB::value("SELECT `uid` FROM `#iCMS@__members` where `username` ='{$username}' LIMIT 1") && iPHP::alert('该账号已经存在');
$_data = compact(array('password', 'regtime', 'lastip', 'lastlogintime', 'logintimes', 'post', 'type', 'status'));
$_data['regtime'] = time();
$_data['lastip'] = iPHP::getIp();
$_data['lastlogintime'] = time();
$_data['status'] = '1';
$data = array_merge($data, $_data);
iDB::insert('members', $data);
$msg = "账号添加完成!";
} else {
iDB::value("SELECT `uid` FROM `#iCMS@__members` where `username` ='{$username}' AND `uid` !='{$uid}' LIMIT 1") && iPHP::alert('该账号已经存在');
iDB::update('members', $data, array('uid' => $uid));
$password && iDB::query("UPDATE `#iCMS@__members` SET `password`='{$password}' WHERE `uid` ='" . $uid . "'");
$msg = "账号修改完成!";
}
iPHP::success($msg, 'url:' . APP_URI);
}
public static function run($app = NULL, $do = NULL, $args = NULL, $prefix = "do_")
{
//empty($app) && $app = $_GET['app']; //单一入口
if (empty($app)) {
$fi = iFS::name(__SELF__);
$app = $fi['name'];
}
if (!in_array($app, self::$apps) && iPHP_DEBUG) {
iPHP::throw404('运行出错!找不到应用程序: <b>' . $app . '</b>', '0001');
}
self::$app_path = iPHP_APP_DIR . '/' . $app;
self::$app_file = self::$app_path . '/' . $app . '.app.php';
is_file(self::$app_file) or iPHP::throw404('运行出错!找不到文件: <b>' . $app . '.app.php</b>', '0002');
if ($do === NULL) {
$do = iPHP_APP;
$_GET['do'] && ($do = iS::escapeStr($_GET['do']));
}
if ($_POST['action']) {
$do = iS::escapeStr($_POST['action']);
$prefix = 'ACTION_';
}
self::$app_name = $app;
self::$app_do = $do;
self::$app_method = $prefix . $do;
self::$app_tpl = iPHP_APP_DIR . '/' . $app . '/template';
self::$app_vars = array("MOBILE" => iPHP::$mobile, 'COOKIE_PRE' => iPHP_COOKIE_PRE, 'REFER' => __REF__, 'CONFIG' => self::$config, "APP" => array('NAME' => self::$app_name, 'DO' => self::$app_do, 'METHOD' => self::$app_method));
iPHP::$iTPL->_iTPL_VARS['SAPI'] .= self::$app_name;
iPHP::$iTPL->_iTPL_VARS += self::$app_vars;
self::$app = iPHP::app($app);
if (self::$app_do && self::$app->methods) {
in_array(self::$app_do, self::$app->methods) or iPHP::throw404('运行出错! <b>' . self::$app_name . '</b> 类中找不到方法定义: <b>' . self::$app_method . '</b>', '0003');
$method = self::$app_method;
$args === null && ($args = self::$app_args);
if ($args) {
if ($args === 'object') {
return self::$app;
}
return call_user_func_array(array(self::$app, $method), (array) $args);
} else {
method_exists(self::$app, self::$app_method) or iPHP::throw404('运行出错! <b>' . self::$app_name . '</b> 类中 <b>' . self::$app_method . '</b> 方法不存在', '0004');
return self::$app->{$method}();
}
} else {
iPHP::throw404('运行出错! <b>' . self::$app_name . '</b> 类中 <b>' . self::$app_method . '</b> 方法不存在', '0005');
}
}
function do_save()
{
$gid = intval($_POST['gid']);
$type = intval($_POST['type']);
$name = iS::escapeStr($_POST['name']);
$power = $_POST['power'] ? json_encode($_POST['power']) : '';
$cpower = $_POST['cpower'] ? json_encode($_POST['cpower']) : '';
$name or iPHP::alert('角色名不能为空');
$fields = array('name', 'ordernum', 'power', 'cpower', 'type');
$data = compact($fields);
if ($gid) {
iDB::update('group', $data, array('gid' => $gid));
$msg = "角色修改完成!";
} else {
iDB::insert('group', $data);
$msg = "角色添加完成!";
}
iPHP::success($msg, 'url:' . APP_URI);
}
public static function checkLogin()
{
// self::$LOGIN_COUNT = (int)authcode(get_cookie('iCMS_LOGIN_COUNT'),'DECODE');
// if(self::$LOGIN_COUNT>iCMS_LOGIN_COUNT) exit();
$a = iS::escapeStr($_POST['username']);
$p = iS::escapeStr($_POST['password']);
$ip = iPHP::getIp();
$sep = iPHP_AUTH_IP ? '#=iCMS[' . $ip . ']=#' : '#=iCMS=#';
if (empty($a) && empty($p)) {
$auth = iPHP::get_cookie(self::$AUTH);
list($a, $p) = explode($sep, authcode($auth, 'DECODE'));
return self::check($a, $p);
} else {
$p = md5($p);
$crs = self::check($a, $p);
iDB::query("UPDATE `#iCMS@__members` SET `lastip`='" . $ip . "',`lastlogintime`='" . time() . "',`logintimes`=logintimes+1 WHERE `uid`='" . self::$userid . "'");
iPHP::set_cookie(self::$AUTH, authcode($a . $sep . $p, 'ENCODE'));
self::$AJAX && iPHP::json(array('code' => 1));
return $crs;
}
}
public function search($tpl = false)
{
$q = htmlspecialchars(rawurldecode($_GET['q']));
$encode = mb_detect_encoding($q, array("ASCII", "UTF-8", "GB2312", "GBK", "BIG5"));
if (strtoupper($encode) != 'UTF-8') {
if (function_exists('iconv')) {
$q = iconv($encode, 'UTF-8//IGNORE', $q);
} elseif (function_exists('mb_convert_encoding')) {
$q = mb_convert_encoding($q, 'UTF-8//IGNORE', $encode);
}
}
$q = iS::escapeStr($q);
//empty($q) && iPHP::throw404('应用程序运行出错.亲!搜点什么吧!!', 60001);
$fwd = iCMS::filter($q);
$fwd && iPHP::throw404('非法搜索词!', 60002);
$search['title'] = stripslashes($q);
$search['keyword'] = $q;
$tpl === false && ($tpl = '{iTPL}/search.htm');
$q && $this->slog($q);
iPHP::assign("search", $search);
return iPHP::view($tpl, 'search');
}
function do_save()
{
$id = (int) $_POST['id'];
$keyword = iS::escapeStr($_POST['keyword']);
$url = iS::escapeStr($_POST['url']);
$times = (int) $_POST['times'];
$keyword or iPHP::alert('关键词不能为空!');
$url or iPHP::alert('链接不能为空!');
$fields = array('keyword', 'url', 'times');
$data = compact($fields);
if (empty($id)) {
iDB::value("SELECT `id` FROM `#iCMS@__keywords` where `keyword` ='{$keyword}'") && iPHP::alert('该关键词已经存在!');
iDB::insert('keywords', $data);
$this->cache();
$msg = "关键词添加完成!";
} else {
iDB::value("SELECT `id` FROM `#iCMS@__keywords` where `keyword` ='{$keyword}' AND `id` !='{$id}'") && iPHP::alert('该关键词已经存在!');
iDB::update('keywords', $data, array('id' => $id));
$this->cache();
$msg = "关键词编辑完成!";
}
iPHP::success($msg, 'url:' . APP_URI);
}
function do_save()
{
$id = (int) $_POST['id'];
$cid = (int) $_POST['cid'];
$name = iS::escapeStr($_POST['name']);
$logo = iS::escapeStr($_POST['logo']);
$url = iS::escapeStr($_POST['url']);
$desc = iS::escapeStr($_POST['desc']);
$ordernum = (int) $_POST['ordernum'];
$name or iPHP::alert('网站不能为空!');
$url or iPHP::alert('链接不能为空!');
$fields = array('cid', 'name', 'logo', 'url', 'desc', 'ordernum');
$data = compact($fields);
if (empty($id)) {
iDB::value("SELECT `id` FROM `#iCMS@__links` where `name` ='{$name}'") && iPHP::alert('该网站已经存在!');
iDB::insert('links', $data);
$msg = "网站添加完成!";
} else {
iDB::value("SELECT `id` FROM `#iCMS@__links` where `name` ='{$name}' AND `id` !='{$id}'") && iPHP::alert('该网站已经存在!');
iDB::update('links', $data, array('id' => $id));
$msg = "网站编辑完成!";
}
iPHP::success($msg, 'url:' . APP_URI);
}
function comment_list($vars)
{
if ($vars['display'] && empty($vars['loop'])) {
if (empty($vars['_display'])) {
$_vars = iCMS::app_ref(true);
$vars = array_merge($vars, $_vars);
}
return comment_list_display($vars);
}
$where_sql = " `status`='1'";
if (isset($vars['appid'])) {
$appid = (int) $vars['appid'];
$where_sql .= " AND `appid`='{$appid}'";
}
if (isset($vars['cid!'])) {
$ncids = explode(',', $vars['cid!']);
$vars['sub'] && ($ncids += iCMS::get_category_ids($ncids, true));
$where_sql .= iPHP::where($ncids, 'cid', 'not');
}
if (isset($vars['cid'])) {
$cid = explode(',', $vars['cid']);
$vars['sub'] && ($cid += iCMS::get_category_ids($cid, true));
$where_sql .= iPHP::where($cid, 'cid');
}
isset($vars['userid']) && ($where_sql .= " AND `userid`='{$vars['userid']}'");
$vars['pid'] && ($where_sql .= " AND `pid`='" . (int) $vars['pid'] . "'");
$vars['iid'] && ($where_sql .= " AND `iid`='" . (int) $vars['iid'] . "'");
$vars['id'] && ($where_sql .= " AND `id`='" . (int) $vars['id'] . "'");
$maxperpage = isset($vars['row']) ? (int) $vars['row'] : "10";
$cache_time = isset($vars['time']) ? (int) $vars['time'] : -1;
$by = $vars['by'] == 'ASC' ? "ASC" : "DESC";
switch ($vars['orderby']) {
default:
$order_sql = " ORDER BY `id` {$by}";
}
$md5 = md5($where_sql . $order_sql);
$offset = 0;
$limit = "LIMIT {$maxperpage}";
if ($vars['page']) {
isset($vars['total_cache']) && ($_GET['total_cahce'] = true);
$total = iPHP::total($md5, "SELECT count(*) FROM `#iCMS@__comment` WHERE {$where_sql} limit 1");
$pgconf = array('total' => $total, 'perpage' => $maxperpage, 'unit' => iPHP::lang('iCMS:page:comment'), 'ajax' => $vars['page_ajax'] ? 'iCMS.comment.page' : FALSE, 'nowindex' => $GLOBALS['page']);
if ($vars['display'] == 'iframe' || $vars['page_ajax']) {
iS::gp('pn', 'GP', 2);
$pgconf['page_name'] = 'pn';
$pgconf['nowindex'] = $GLOBALS['pn'];
}
isset($vars['total_cache']) && ($pgconf['total_type'] = $vars['total_cache']);
$multi = iCMS::page($pgconf);
$offset = $multi->offset;
$limit = "LIMIT {$offset},{$maxperpage}";
// if($offset>1000){
//$where_sql.=" AND `id` >= (SELECT `id` FROM `#iCMS@__comment` WHERE {$where_sql} {$order_sql} LIMIT {$offset},1)";
//$limit = "LIMIT {$maxperpage}";
// }
iPHP::assign("comment_total", $total);
}
if ($vars['cache']) {
$cache_name = iPHP_DEVICE . '/comment/' . $md5 . "/" . (int) $offset;
$resource = iCache::get($cache_name);
}
if (empty($resource)) {
$resource = iDB::all("SELECT * FROM `#iCMS@__comment` WHERE {$where_sql} {$order_sql} {$limit}");
//iDB::debug(1);
$ln = $GLOBALS['page'] - 1 < 0 ? 0 : $GLOBALS['page'] - 1;
if ($resource) {
foreach ($resource as $key => $value) {
if ($vars['date_format']) {
$value['addtime'] = get_date($value['addtime'], $vars['date_format']);
}
$value['url'] = iCMS_API . '?app=comment&do=goto&iid=' . $value['iid'] . '&appid=' . $value['appid'] . '&cid=' . $value['cid'];
$value['lou'] = $total - ($i + $ln * $maxperpage);
$value['content'] = nl2br($value['content']);
$value['user'] = user::info($value['userid'], $value['username'], $vars['facesize']);
$value['reply_uid'] && ($value['reply'] = user::info($value['reply_uid'], $value['reply_name'], $vars['facesize']));
$value['total'] = $total;
if ($vars['page']) {
$value['page'] = array('total' => $multi->totalpage, 'perpage' => $multi->perpage);
}
$value['param'] = array("appid" => iCMS_APP_COMMENT, "id" => $value['id'], "userid" => $value['userid'], "name" => $value['username']);
$resource[$key] = $value;
}
}
$vars['cache'] && iCache::set($cache_name, $resource, $cache_time);
}
return $resource;
}
function do_batch()
{
$_POST['id'] or iPHP::alert("请选择要操作的" . $this->category_name);
$id_array = (array) $_POST['id'];
$ids = implode(',', $id_array);
$batch = $_POST['batch'];
switch ($batch) {
case 'move':
$tocid = (int) $_POST['tocid'];
$key = array_search($tocid, $id_array);
if ($tocid) {
unset($id_array[$key]);
}
//清除同ID
foreach ($id_array as $k => $cid) {
iDB::query("UPDATE `#iCMS@__category` SET `rootid` ='{$tocid}' WHERE `cid` ='{$cid}'");
}
$this->cache(true, $this->appid);
iPHP::success('更新完成!', 'js:1');
break;
case 'merge':
$tocid = (int) $_POST['tocid'];
$key = array_search($tocid, $id_array);
unset($id_array[$key]);
//清除同ID
foreach ($id_array as $k => $cid) {
$this->mergecontent($tocid, $cid);
$this->do_del($cid, false);
}
$this->update_count($tocid);
$this->cache(true, $this->appid);
iPHP::success('更新完成!', 'js:1');
break;
case 'name':
foreach ($id_array as $k => $cid) {
$name = iS::escapeStr($_POST['name'][$cid]);
iDB::query("UPDATE `#iCMS@__category` SET `name` = '{$name}' WHERE `cid` ='" . (int) $cid . "' LIMIT 1");
$this->cahce_one($cid);
}
iPHP::success('更新完成!', 'js:1');
break;
case 'status':
$val = (int) $_POST['status'];
$sql = "`status` = '{$val}'";
break;
case 'mode':
$val = (int) $_POST['mode'];
$sql = "`mode` = '{$val}'";
break;
case 'categoryRule':
$val = iS::escapeStr($_POST['categoryRule']);
$sql = "`categoryRule` = '{$val}'";
break;
case 'contentRule':
$val = iS::escapeStr($_POST['contentRule']);
$sql = "`contentRule` = '{$val}'";
break;
case 'urlRule':
$val = iS::escapeStr($_POST['urlRule']);
$sql = "`urlRule` = '{$val}'";
break;
case 'indexTPL':
$val = iS::escapeStr($_POST['indexTPL']);
$sql = "`indexTPL` = '{$val}'";
break;
case 'listTPL':
$val = iS::escapeStr($_POST['listTPL']);
$sql = "`listTPL` = '{$val}'";
break;
case 'contentTPL':
$val = iS::escapeStr($_POST['contentTPL']);
$sql = "`contentTPL` = '{$val}'";
break;
case 'recount':
foreach ($id_array as $k => $cid) {
$this->update_count($cid);
}
iPHP::success('操作成功!', 'js:1');
break;
case 'dels':
iPHP::$break = false;
foreach ($id_array as $cid) {
iACP::CP($cid, 'd', 'alert');
$this->do_del($cid, false);
$this->cahce_one($cid);
}
iPHP::$break = true;
iPHP::success('全部删除完成!', 'js:1');
break;
}
$sql && iDB::query("UPDATE `#iCMS@__category` SET {$sql} WHERE `cid` IN ({$ids})");
$this->cache(true, $this->appid);
iPHP::success('操作成功!', 'js:1');
}
/**
* 变量转义
* @param $array
*/
public static function slashes(&$array)
{
if (is_array($array)) {
foreach ($array as $key => $value) {
if (is_array($value)) {
iS::slashes($array[$key]);
} else {
$array[$key] = addslashes($value);
}
}
}
}
function do_saveproject()
{
$id = (int) $_POST['id'];
$name = iS::escapeStr($_POST['name']);
$urls = iS::escapeStr($_POST['urls']);
$list_url = $_POST['list_url'];
$cid = iS::escapeStr($_POST['cid']);
$rid = iS::escapeStr($_POST['rid']);
$poid = iS::escapeStr($_POST['poid']);
$poid = iS::escapeStr($_POST['poid']);
$checker = iS::escapeStr($_POST['checker']);
$self = isset($_POST['self']) ? '1' : '0';
$sleep = (int) $_POST['sleep'];
$auto = iS::escapeStr($_POST['auto']);
$psleep = (int) $_POST['psleep'];
$lastupdate = $_POST['lastupdate'] ? iPHP::str2time($_POST['lastupdate']) : '';
empty($name) && iPHP::alert('名称不能为空!');
empty($cid) && iPHP::alert('请选择绑定的栏目');
empty($rid) && iPHP::alert('请选择采集规则');
//empty($poid) && iPHP::alert('请选择发布规则');
$fields = array('name', 'urls', 'list_url', 'cid', 'rid', 'poid', 'checker', 'self', 'sleep', 'auto', 'lastupdate', 'psleep');
$data = compact($fields);
if ($id) {
iDB::update('spider_project', $data, array('id' => $id));
} else {
iDB::insert('spider_project', $data);
}
iPHP::success('完成', 'url:' . APP_URI . '&do=project');
}
function getpic($path)
{
$uri = parse_url(iCMS_FS_URL);
$pic = iS::escapeStr($path);
if (stripos($pic, $uri['host']) === false) {
stripos($pic, 'http://') === false or $pic = iFS::http($pic);
} else {
$pic = iFS::fp($pic, "-http");
}
return $pic;
}
function do_uploadimage()
{
$F = iFS::upload('upfile');
$F === false && exit(iFS::$ERROR);
$F['path'] && ($url = iFS::fp($F['path'], '+http'));
iPHP::json(array('title' => iS::escapeStr($_POST['pictitle']), 'original' => $F['oname'], 'url' => $url, 'code' => $F['code'], 'state' => 'SUCCESS'));
}
header('Content-Type: text/html; charset=' . iPHP_CHARSET);
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
if (function_exists('memory_get_usage') && (int) @ini_get('memory_limit') < abs(intval(iPHP_MEMORY_LIMIT))) {
@ini_set('memory_limit', iPHP_MEMORY_LIMIT);
}
@ini_set('date.timezone', iPHP_TIME_ZONE);
//设置时区
function_exists('date_default_timezone_set') && date_default_timezone_set(iPHP_TIME_ZONE);
require iPHP_PATH . '/iPHP.compat.php';
require iPHP_PATH . '/iPHP.class.php';
set_error_handler('iPHP_ERROR_HANDLER');
iPHP::timer_start();
//waf
iPHP::LoadClass("Waf");
waf::filter();
//security
iPHP::LoadClass("Security", 'S');
iS::filter();
iS::GP('page', 'GP', 2);
define('__SELF__', $_SERVER['PHP_SELF']);
define('__REF__', $_SERVER['HTTP_REFERER']);
$iDB_CLASS = 'Mysql';
iPHP_DB_TYPE == 'mysql' && version_compare(PHP_VERSION, '5.5', '>=') && ($iDB_CLASS = 'Mysqli');
iPHP_DB_TYPE == 'pgsql' && ($iDB_CLASS = 'Pgsql');
iPHP_DB_TYPE == 'sqlite' && ($iDB_CLASS = 'SQLite');
iPHP::loadClass($iDB_CLASS, 'DB');
//加载数据库操作类
iPHP::loadClass("FileSystem", 'FS');
//加载文件操作类
iPHP::loadClass('Cache');
//加载缓存操作类
public static function API($app = NULL, $do = NULL)
{
$app or $app = iS::escapeStr($_GET['app']);
return self::run($app, null, null, 'API_');
}
public function API_findpwd()
{
$auth = iS::escapeStr($_GET['auth']);
if ($auth) {
$authcode = rawurldecode($auth);
$authcode = base64_decode($authcode);
$authcode = authcode($authcode);
if (empty($authcode)) {
exit;
}
list($uid, $username, $password, $timeline) = explode(USER_AUTHASH, $authcode);
$now = time();
if ($now - $timeline > 86400) {
exit;
}
$user = user::get($uid, false);
if ($username != $user->username || $password != $user->password) {
exit;
}
unset($user->password);
iPHP::assign('auth', $auth);
iPHP::assign('user', (array) $user);
iPHP::view('iCMS://user/resetpwd.htm');
} else {
iPHP::view('iCMS://user/findpwd.htm');
}
}
public function ACTION_add()
{
if (!iCMS::$config['comment']['enable']) {
iPHP::code(0, 'iCMS:comment:close', 0, 'json');
}
iPHP::app('user.class', 'static');
user::get_cookie() or iPHP::code(0, 'iCMS:!login', 0, 'json');
$seccode = iS::escapeStr($_POST['seccode']);
if (iCMS::$config['comment']['seccode']) {
iPHP::seccode($seccode, true) or iPHP::code(0, 'iCMS:seccode:error', 'seccode', 'json');
}
iPHP::app('user.msg.class', 'static');
$appid = (int) $_POST['appid'];
$iid = (int) $_POST['iid'];
$cid = (int) $_POST['cid'];
$suid = (int) $_POST['suid'];
$reply_id = (int) $_POST['id'];
$reply_uid = (int) $_POST['userid'];
$reply_name = iS::escapeStr($_POST['name']);
$title = iS::escapeStr($_POST['title']);
$content = iS::escapeStr($_POST['content']);
$iid or iPHP::code(0, 'iCMS:article:empty_id', 0, 'json');
$content or iPHP::code(0, 'iCMS:comment:empty', 0, 'json');
$fwd = iCMS::filter($content);
$fwd && iPHP::code(0, 'iCMS:comment:filter', 0, 'json');
$appid or $appid = iCMS_APP_ARTICLE;
$addtime = $_SERVER['REQUEST_TIME'];
$ip = iPHP::getIp();
$userid = user::$userid;
$username = user::$nickname;
$status = iCMS::$config['comment']['examine'] ? '0' : '1';
$up = '0';
$down = '0';
$quote = '0';
$floor = '0';
$fields = array('appid', 'cid', 'iid', 'suid', 'title', 'userid', 'username', 'content', 'reply_id', 'reply_uid', 'reply_name', 'addtime', 'status', 'up', 'down', 'ip', 'quote', 'floor');
$data = compact($fields);
$id = iDB::insert('comment', $data);
iDB::query("UPDATE `#iCMS@__article` SET comments=comments+1 WHERE `id` ='{$iid}' limit 1");
user::update_count($userid, 1, 'comments');
if (iCMS::$config['comment']['examine']) {
iPHP::code(0, 'iCMS:comment:examine', $id, 'json');
}
iPHP::code(1, 'iCMS:comment:success', $id, 'json');
}
public function do_clink($a = null)
{
$clink = iS::escapeStr($_GET['clink']);
$id = iDB::value("SELECT `id` FROM `#iCMS@__article` WHERE `clink`='" . $clink . "' AND `status` ='1';");
return $this->article((int) $id, isset($_GET['p']) ? (int) $_GET['p'] : 1);
}
function do_batch()
{
$idArray = (array) $_POST['id'];
$idArray or iPHP::alert("请选择要操作的标签");
$ids = implode(',', $idArray);
$batch = $_POST['batch'];
switch ($batch) {
case 'dels':
iPHP::$break = false;
foreach ($idArray as $id) {
$this->do_del($id, false);
}
iPHP::$break = true;
iPHP::success('标签全部删除完成!', 'js:1');
break;
case 'move':
$_POST['cid'] or iPHP::alert("请选择目标栏目!");
iPHP::import(iPHP_APP_CORE . '/iMAP.class.php');
map::init('category', $this->appid);
$cid = (int) $_POST['cid'];
foreach ($idArray as $id) {
$_cid = iDB::value("SELECT `cid` FROM `#iCMS@__tags` where `id` ='{$id}'");
iDB::update("tags", compact('cid'), compact('id'));
if ($_cid != $cid) {
map::diff($cid, $_cid, $id);
$this->categoryApp->update_count_one($_cid, '-');
$this->categoryApp->update_count_one($cid);
}
}
iPHP::success('成功移动到目标栏目!', 'js:1');
break;
case 'mvtcid':
$_POST['tcid'] or iPHP::alert("请选择目标分类!");
iPHP::import(iPHP_APP_CORE . '/iMAP.class.php');
map::init('category', $this->appid);
$tcid = (int) $_POST['tcid'];
foreach ($idArray as $id) {
$_tcid = iDB::value("SELECT `tcid` FROM `#iCMS@__tags` where `id` ='{$id}'");
iDB::update("tags", compact('tcid'), compact('id'));
if ($_tcid != $tcid) {
map::diff($tcid, $_tcid, $id);
$this->categoryApp->update_count_one($_tcid, '-');
$this->categoryApp->update_count_one($tcid);
}
}
iPHP::success('成功移动到目标分类!', 'js:1');
break;
case 'prop':
iPHP::import(iPHP_APP_CORE . '/iMAP.class.php');
map::init('prop', $this->appid);
$pid = implode(',', (array) $_POST['pid']);
foreach ((array) $_POST['id'] as $id) {
$_pid = iDB::value("SELECT pid FROM `#iCMS@__tags` WHERE `id`='{$id}'");
iDB::update("tags", compact('pid'), compact('id'));
map::diff($pid, $_pid, $id);
}
iPHP::success('属性设置完成!', 'js:1');
break;
case 'weight':
$weight = _int($_POST['mweight']);
$sql = "`weight` = '{$weight}'";
break;
case 'tpl':
$tpl = iS::escapeStr($_POST['mtpl']);
$sql = "`tpl` = '{$tpl}'";
break;
case 'keyword':
if ($_POST['pattern'] == 'replace') {
$sql = "`keywords` = '" . iS::escapeStr($_POST['mkeyword']) . "'";
} elseif ($_POST['pattern'] == 'addto') {
foreach ($idArray as $id) {
$keywords = iDB::value("SELECT keywords FROM `#iCMS@__tags` WHERE `id`='{$id}'");
$sql = "`keywords` = '" . ($keywords ? $keywords . ',' . iS::escapeStr($_POST['mkeyword']) : iS::escapeStr($_POST['mkeyword'])) . "'";
iDB::query("UPDATE `#iCMS@__tags` SET {$sql} WHERE `id`='{$id}'");
}
iPHP::success('关键字更改完成!', 'js:1');
}
break;
case 'tag':
if ($_POST['pattern'] == 'replace') {
$sql = "`related` = '" . iS::escapeStr($_POST['mtag']) . "'";
} elseif ($_POST['pattern'] == 'addto') {
foreach ($idArray as $id) {
$keywords = iDB::value("SELECT related FROM `#iCMS@__tags` WHERE `id`='{$id}'");
$sql = "`related` = '" . ($keywords ? $keywords . ',' . iS::escapeStr($_POST['mtag']) : iS::escapeStr($_POST['mtag'])) . "'";
iDB::query("UPDATE `#iCMS@__tags` SET {$sql} WHERE `id`='{$id}'");
}
iPHP::success('相关标签更改完成!', 'js:1');
}
break;
default:
if (strpos($batch, ':')) {
$data = iACP::fields($batch);
foreach ($idArray as $id) {
$data && iDB::update("tags", $data, array('id' => $id));
}
iPHP::success('操作成功!', 'js:1');
} else {
iPHP::alert('请选择要操作项!', 'js:1');
}
}
$sql && iDB::query("UPDATE `#iCMS@__tags` SET {$sql} WHERE `id` IN ({$ids})");
iPHP::success('操作成功!', 'js:1');
}
function do_editpic()
{
iACP::MP('FILE.EDIT', 'page');
$pic = iS::escapeStr($_GET['pic']);
//$pic OR iPHP::alert("请选择图片!");
if ($pic) {
$src = iFS::fp($pic, '+http') . "?" . time();
$srcPath = iFS::fp($pic, '+iPATH');
$fsInfo = iFS::info($pic);
$file_name = $fsInfo->filename;
$file_path = $fsInfo->dirname;
$file_ext = $fsInfo->extension;
$file_id = 0;
$rs = iFS::getFileData('filename', $file_name);
if ($rs) {
$file_path = $rs->path;
$file_id = $rs->id;
$file_ext = $rs->ext;
}
} else {
$file_name = md5(uniqid());
$src = false;
$file_ext = 'jpg';
}
if ($_GET['indexid']) {
$rs = iDB::all("SELECT * FROM `#iCMS@__filedata` where `indexid`='{$_GET['indexid']}' order by `id` ASC LIMIT 100");
foreach ((array) $rs as $key => $value) {
$filepath = $value['path'] . $value['filename'] . '.' . $value['ext'];
$src[] = iFS::fp($filepath, '+http') . "?" . time();
}
}
if ($_GET['pics']) {
$src = explode(',', $_GET['pics']);
if (count($src) == 1) {
$src = $_GET['pics'];
}
}
$max_size = (int) $this->upload_max_filesize;
stristr($this->upload_max_filesize, 'm') && ($max_size = $max_size * 1024 * 1024);
include iACP::view("files.editpic");
}
/**
* 抓取资源
* @param [string] $html [抓取结果]
* @param [array] $data [数据项]
* @param [array] $rule [规则]
* @param [array] $responses [已经抓取资源]
* @return [array] [返回处理结果]
*/
public static function crawl($html, $data, $rule, $responses)
{
if (trim($data['rule']) === '') {
return;
}
$name = $data['name'];
if (spider::$dataTest) {
print_r('<b>[' . $name . ']规则:</b>' . iS::escapeStr($data['rule']));
echo "<hr />";
}
if (strpos($data['rule'], 'RULE@') !== false) {
spider::$rid = str_replace('RULE@', '', $data['rule']);
$_urls = trim($html);
if (spider::$dataTest) {
print_r('<b>使用[rid:' . spider::$rid . ']规则抓取</b>:' . $_urls);
echo "<hr />";
}
return spiderUrls::crawl('DATA@RULE', false, spider::$rid, $_urls);
}
/**
* RAND@10,0
* 返回随机数
*/
if (strpos($data['rule'], 'RAND@') !== false) {
$random = str_replace('RAND@', '', $data['rule']);
list($length, $numeric) = explode(',', $random);
return random($length, empty($numeric) ? 0 : 1);
}
$contentArray = array();
$contentHash = array();
$_content = null;
$_content = spiderContent::match($html, $data, $rule);
$cmd5 = md5($_content);
$contentArray[] = $_content;
$contentHash[$cmd5] = true;
if ($data['page']) {
if (empty($rule['page_url'])) {
$rule['page_url'] = $rule['list_url'];
}
if (empty(spider::$allHtml)) {
$page_url_array = array();
$page_area_rule = trim($rule['page_area_rule']);
if ($page_area_rule) {
if (strpos($page_area_rule, 'DOM::') !== false) {
iPHP::import(iPHP_LIB . '/phpQuery.php');
$doc = phpQuery::newDocumentHTML($html, 'UTF-8');
$pq_dom = str_replace('DOM::', '', $page_area_rule);
$pq_array = phpQuery::pq($pq_dom);
foreach ($pq_array as $pn => $pq_val) {
$href = phpQuery::pq($pq_val)->attr('href');
if ($href) {
if ($rule['page_url_rule']) {
if (strpos($rule['page_url_rule'], '<%') !== false) {
$page_url_rule = spiderTools::pregTag($rule['page_url_rule']);
if (!preg_match('|' . $page_url_rule . '|is', $href)) {
continue;
}
} else {
$cleanhref = spiderTools::dataClean($rule['page_url_rule'], $href);
if ($cleanhref) {
$href = $cleanhref;
unset($cleanhref);
} else {
continue;
}
}
}
$href = str_replace('<%url%>', $href, $rule['page_url']);
$page_url_array[$pn] = spiderTools::url_complement($rule['__url__'], $href);
}
}
phpQuery::unloadDocuments($doc->getDocumentID());
} else {
$page_area_rule = spiderTools::pregTag($page_area_rule);
if ($page_area_rule) {
preg_match('|' . $page_area_rule . '|is', $html, $matches, $PREG_SET_ORDER);
$page_area = $matches['content'];
} else {
$page_area = $html;
}
if ($rule['page_url_rule']) {
$page_url_rule = spiderTools::pregTag($rule['page_url_rule']);
preg_match_all('|' . $page_url_rule . '|is', $page_area, $page_url_matches, PREG_SET_ORDER);
foreach ($page_url_matches as $pn => $row) {
$href = str_replace('<%url%>', $row['url'], $rule['page_url']);
$page_url_array[$pn] = spiderTools::url_complement($rule['__url__'], $href);
gc_collect_cycles();
}
}
unset($page_area);
}
} else {
// 逻辑方式
if ($rule['page_url_parse'] == '<%url%>') {
$page_url = str_replace('<%url%>', $rule['__url__'], $rule['page_url']);
} else {
$page_url_rule = spiderTools::pregTag($rule['page_url_parse']);
preg_match('|' . $page_url_rule . '|is', $rule['__url__'], $matches, $PREG_SET_ORDER);
$page_url = str_replace('<%url%>', $matches['url'], $rule['page_url']);
}
if (stripos($page_url, '<%step%>') !== false) {
for ($pn = $rule['page_no_start']; $pn <= $rule['page_no_end']; $pn = $pn + $rule['page_no_step']) {
$page_url_array[$pn] = str_replace('<%step%>', $pn, $page_url);
gc_collect_cycles();
}
}
}
//URL去重清理
if ($page_url_array) {
$page_url_array = array_filter($page_url_array);
$page_url_array = array_unique($page_url_array);
$puk = array_search($rule['__url__'], $page_url_array);
if ($puk !== false) {
unset($page_url_array[$puk]);
}
}
if (spider::$dataTest) {
echo "<b>内容页网址:</b>" . $rule['__url__'] . "<br />";
echo "<b>分页:</b>" . $rule['page_url'] . "<br />";
echo iS::escapeStr($page_url_rule);
echo "<hr />";
}
if (spider::$dataTest) {
echo "<b>分页列表:</b><pre>";
print_r($page_url_array);
echo "</pre><hr />";
}
spider::$content_right_code = trim($rule['page_url_right']);
spider::$content_error_code = trim($rule['page_url_error']);
spider::$curl_proxy = $rule['proxy'];
$pageurl = array();
foreach ($page_url_array as $pukey => $purl) {
//usleep(100);
$phtml = spiderTools::remote($purl);
if (empty($phtml)) {
break;
}
$md5 = md5($phtml);
if ($pageurl[$md5]) {
break;
}
$check_content = spiderTools::check_content_code($phtml);
if ($check_content === false) {
unset($check_content, $phtml);
break;
}
$_content = spiderContent::match($phtml, $data, $rule);
$cmd5 = md5($_content);
if ($contentHash[$cmd5]) {
break;
}
$contentArray[] = $_content;
$contentHash[$cmd5] = true;
$pageurl[$md5] = $purl;
spider::$allHtml[$md5] = $phtml;
}
gc_collect_cycles();
unset($check_content, $phtml);
if (spider::$dataTest) {
echo "<b>最终分页列表:</b><pre>";
print_r($pageurl);
echo "</pre><hr />";
}
} else {
foreach ((array) spider::$allHtml as $ahkey => $phtml) {
$contentArray[] = spiderContent::match($phtml, $data, $rule);
}
}
}
$content = implode('#--iCMS.PageBreak--#', $contentArray);
$html = null;
unset($html, $contentArray, $contentHash, $_content);
$content = stripslashes($content);
if (spider::$dataTest) {
print_r('<b>[' . $name . ']匹配结果:</b>' . htmlspecialchars($content));
echo "<hr />";
}
if ($data['cleanbefor']) {
$content = spiderTools::dataClean($data['cleanbefor'], $content);
}
/**
* 在数据项里调用之前采集的数据[DATA@name][DATA@name.key]
*/
if (strpos($content, '[DATA@') !== false) {
$content = spiderTools::getDATA($responses, $content);
}
if ($data['cleanhtml']) {
$content = stripslashes($content);
$content = preg_replace('/<[\\/\\!]*?[^<>]*?>/is', '', $content);
}
if ($data['format'] && $content) {
$content = autoformat($content);
}
if ($data['img_absolute'] && $content) {
// $content = stripslashes($content);
preg_match_all("/<img.*?src\\s*=[\"|'](.*?)[\"|']/is", $content, $img_match);
if ($img_match[1]) {
$_img_array = array_unique($img_match[1]);
$_img_urls = array();
foreach ((array) $_img_array as $_img_key => $_img_src) {
$_img_urls[$_img_key] = spiderTools::url_complement($rule['__url__'], $_img_src);
}
$content = str_replace($_img_array, $_img_urls, $content);
}
unset($img_match, $_img_array, $_img_urls, $_img_src);
}
if ($data['trim']) {
$content = trim($content);
}
if ($data['capture']) {
// $content = stripslashes($content);
$content = spiderTools::remote($content);
}
if ($data['download']) {
// $content = stripslashes($content);
$content = iFS::http($content);
}
if ($data['cleanafter']) {
$content = spiderTools::dataClean($data['cleanafter'], $content);
// $content = stripslashes($content);
}
if ($data['autobreakpage']) {
$content = spiderTools::autoBreakPage($content);
}
if ($data['mergepage']) {
$content = spiderTools::mergePage($content);
}
if ($data['empty'] && empty($content)) {
$emptyMsg = '[' . $name . ']规则设置了不允许为空.当前抓取结果为空!请检查,规则是否正确!';
if (spider::$dataTest) {
exit('<h1>' . $emptyMsg . '</h1>');
}
if (spider::$work) {
echo "\n{$emptyMsg}\n";
return false;
} else {
iPHP::alert($emptyMsg);
}
}
if ($data['json_decode']) {
$content = json_decode($content, true);
}
if ($data['array']) {
return (array) $content;
}
if (spider::$callback['content'] && is_callable(spider::$callback['content'])) {
$content = call_user_func_array(spider::$callback['content'], array($content));
}
return $content;
}
function article_data($bodyArray, $aid = 0, $haspic = 0)
{
$id = (int) $_POST['adid'];
$subtitle = iS::escapeStr($_POST['subtitle']);
$body = implode('#--iCMS.PageBreak--#', $bodyArray);
$body = preg_replace(array('/<script.+?<\\/script>/is', '/<form.+?<\\/form>/is'), '', $body);
isset($_POST['dellink']) && ($body = preg_replace("/<a[^>].*?>(.*?)<\\/a>/si", "\\1", $body));
iCMS::$config['publish']['autoformat'] && ($body = autoformat($body));
articleTable::$ID = $aid;
$fields = articleTable::data_fields($id);
$data = compact($fields);
if ($id) {
articleTable::data_update($data, compact('id'));
} else {
$id = articleTable::data_insert($data);
}
if ($this->callback['data']) {
$DCB = $this->callback['data'];
$handler = $DCB[0];
$params = (array) $DCB[1];
if (is_callable($handler)) {
call_user_func_array($handler, $params);
}
}
$_POST['isredirect'] && (iFS::$redirect = true);
$_POST['iswatermark'] && (iFS::$watermark = false);
if (isset($_POST['remote'])) {
$body = $this->remotepic($body, true, $aid);
$body = $this->remotepic($body, true, $aid);
$body = $this->remotepic($body, true, $aid);
if ($body && $id) {
articleTable::data_update(array('body' => $body), compact('id'));
}
}
if (isset($_POST['autopic']) && empty($haspic)) {
$picurl = $this->remotepic($body, 'autopic', $aid);
$this->pic($picurl, $aid);
}
$this->pic_indexid($body, $aid);
}