function GetPicJs($picid)
{
    global $empire, $dbtbpre;
    $r = $empire->fetch1("select * from {$dbtbpre}enewspic where picid='{$picid}'");
    $string = "<a href='" . $r[url] . "' title='" . $r[title] . "' target='" . $r[open_pic] . "'><img src='" . $r[pic_url] . "' width=" . $r[pic_width] . " height=" . $r[pic_height] . " border=" . $r[border] . "><br>" . $r[title] . "</a>";
    $string = "document.write(\"" . addslashes($string) . "\");";
    $filename = "../../../d/js/pic/pic_" . $picid . ".js";
    WriteFiletext_n($filename, $string);
}
Example #2
0
function GetSettingConfig($string)
{
    $filename = ECMS_PATH . DASHBOARD . "/config/config.php";
    $exp = '//-------EmpireCMS.Seting.area-------';
    $text = ReadFiletext($filename);
    $r = explode($exp, $text);
    if ($r[0] == '') {
        return false;
    }
    $r[1] = $string;
    $setting = $r[0] . $exp . $r[1] . $exp . $r[2];
    WriteFiletext_n($filename, $setting);
}
function InstallGetPlfaceJs()
{
    global $empire, $dbtbpre, $public_r;
    $r = $empire->fetch1("select plface,plfacenum from {$dbtbpre}enewspublic limit 1");
    if (empty($r['plfacenum'])) {
        return '';
    }
    $filename = "../../d/js/js/plface.js";
    $facer = explode('||', $r['plface']);
    $count = count($facer);
    for ($i = 1; $i < $count - 1; $i++) {
        if ($i % $r['plfacenum'] == 0) {
            $br = "<br>";
        } else {
            $br = "&nbsp;";
        }
        $face = explode('##', $facer[$i]);
        $allface .= "<a href='#eface' onclick=\\\"eaddplface('" . $face[0] . "');\\\"><img src='" . $public_r[newsurl] . "e/data/face/" . $face[1] . "' border=0></a>" . $br;
    }
    $allface = "document.write(\"<script src='" . $public_r[newsurl] . "e/data/js/addplface.js'></script>\");document.write(\"" . $allface . "\");";
    WriteFiletext_n($filename, $allface);
}
Example #4
0
function EditDtTempFiletext($add, $userid, $username)
{
    global $empire, $dbtbpre;
    //操作权限
    CheckLevel($userid, $username, $classid, 'dttemp');
    $tempid = (int) $add['tempid'];
    if (!$tempid) {
        printerror('ErrorUrl', '');
    }
    $tempr = $empire->fetch1("select tempid,tempname,tempvar,tempfile from {$dbtbpre}enewstempdt where tempid='{$tempid}'");
    if (!$tempr['tempid']) {
        printerror('ErrorUrl', '');
    }
    $file = ECMS_PATH . $tempr['tempfile'];
    if (!file_exists($file)) {
        printerror('FileNotExist', '');
    }
    $temptext = ClearAddsData($add['temptext']);
    WriteFiletext_n($file, $temptext);
    //操作日志
    insert_dolog("tempid=" . $tempid . "<br>tempname=" . $tempr['tempname']);
    printerror("EditDttempSuccess", "EditDttemp.php?tempid={$tempid}" . hReturnEcmsHashStrHref2(0));
}
Example #5
0
  ContextMenu.display(popupoptions)
}
</SCRIPT>
</head>
<body onLoad="initialize();ContextMenu.intializeContextMenu();" bgcolor="#FFCFAD">
	<table border='0' cellspacing='0' cellpadding='0'>
	<tr height=20>
			<td id="home"><img src="../data/images/homepage.gif" border=0></td>
			<td><a href="#ecms" onclick="parent.main.location.href='ListAllInfo.php';" onmouseout="this.style.fontWeight=''" onmouseover="this.style.fontWeight='bold'" oncontextmenu="ShRM(this,0,0,'',2)"><b>管理信息</b></a></td>
	</tr>
	</table>
<?php 
$notrecordword = "您还未添加栏目,<br><a href='AddClass.php?enews=AddClass' target='main'><u><b>点击这里</b></u></a>进行添加操作";
$jsstr = ShowClass_ListNews($user_r[adminclass], $gr[doall], 0, '');
if ($gr['doall']) {
    $jsfile = "../data/fc/cmsclass.js";
    $search_jsfile = "../data/fc/searchclass.js";
    $search_jsstr = str_replace(" style='background:#99C4E3'", "", $jsstr);
    WriteFiletext_n($jsfile, "document.write(\"" . addslashes($jsstr) . "\");");
    WriteFiletext_n($search_jsfile, "document.write(\"" . addslashes($search_jsstr) . "\");");
}
?>
</body>
</html>
<?php 
db_close();
$empire = null;
if ($gr['doall'] || file_exists('../data/fc/ListEnews.php')) {
    $string = @ob_get_contents();
    WriteFiletext($fcfile, AddCheckViewTempCode() . $string);
}
Example #6
0
function Ebak_RepPathFiletext($add)
{
    global $bakpath;
    $mypath = trim($add['mypath']);
    $oldword = Ebak_ClearAddsData($add['oldword']);
    $newword = Ebak_ClearAddsData($add['newword']);
    $dozz = (int) $add['dozz'];
    if (empty($oldword) || empty($mypath)) {
        printerror("EmptyRepPathFiletext", "history.go(-1)");
    }
    if (strstr($mypath, "..")) {
        printerror("NotChangeRepPathFiletext", "history.go(-1)");
    }
    $path = $bakpath . "/" . $mypath;
    if (!file_exists($path)) {
        printerror("PathNotExists", "history.go(-1)");
    }
    $hand = @opendir($path);
    while ($file = @readdir($hand)) {
        $filename = $path . "/" . $file;
        if ($file != "." && $file != ".." && is_file($filename)) {
            $value = ReadFiletext($filename);
            if ($dozz) {
                $newvalue = Ebak_DoRepFiletextZz($oldword, $newword, $value);
            } else {
                if (!stristr($value, $oldword)) {
                    continue;
                }
                $newvalue = str_replace($oldword, $newword, $value);
            }
            WriteFiletext_n($filename, $newvalue);
        }
    }
    printerror("RepPathFiletextSuccess", "RepFiletext.php");
}
Example #7
0
function GetAdJs($adid)
{
    global $empire, $public_r, $dbtbpre;
    $r = $empire->fetch1("select * from {$dbtbpre}enewsad where adid='{$adid}'");
    $file = "../../../d/js/acmsd/" . $public_r[adfile] . $adid . ".js";
    //到期
    if ($r['endtime'] != '0000-00-00' && time() > to_time($r['endtime'])) {
        $r[reptext] = ClearHtmlZs($r[reptext]);
        $h = addslashes(str_replace("\r\n", "", $r[reptext]));
        $html = "document.write(\"" . $h . "\")";
        WriteFiletext_n($file, $html);
        return '';
    }
    if ($r['ylink']) {
        $ad_url = $r['url'];
    } else {
        $ad_url = $public_r[newsurl] . "e/public/ClickAd?adid=" . $adid;
        //广告链接
    }
    //----------------------文字广告
    if ($r[t] == 1) {
        $r[titlefont] = $r[titlecolor] . ',' . $r[titlefont];
        $picurl = DoTitleFont($r[titlefont], $r[picurl]);
        //文字属性
        $h = "<a href='" . $ad_url . "' target=" . $r[target] . " title='" . $r[alt] . "'>" . addslashes($picurl) . "</a>";
        //普通显示
        if ($r[adtype] == 1) {
            $html = "document.write(\"" . $h . "\")";
        } else {
            $html = "document.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_dialog.js></script>\"); \ndocument.write(\"<div style='position:absolute;left:300px;top:150px;width:" . $r[pic_width] . "; height:" . $r[pic_height] . ";z-index:1;solid;filter:alpha(opacity=90)' id=DGbanner5 onmousedown='down1(this)' onmousemove='move()' onmouseup='down=false'><table cellpadding=0 border=0 cellspacing=1 width=" . $r[pic_width] . " height=" . $r[pic_height] . " bgcolor=#000000><tr><td height=18 bgcolor=#5A8ACE align=right style='cursor:move;'><a href=# style='font-size: 9pt; color: #eeeeee; text-decoration: none' onClick=clase('DGbanner5') >关闭>>><img border='0' src='" . $public_r[newsurl] . "d/js/acmsd/close_o.gif'></a>&nbsp;</td></tr><tr><td bgcolor=f4f4f4 >&nbsp;" . $h . "</td></tr></table></div>\");";
        }
    } elseif ($r[t] == 2) {
        $r[htmlcode] = ClearHtmlZs($r[htmlcode]);
        $h = addslashes(str_replace("\r\n", "", $r[htmlcode]));
        //普通显示
        if ($r[adtype] == 1) {
            $html = "document.write(\"" . $h . "\")";
        } else {
            $html = "document.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_dialog.js></script>\"); \ndocument.write(\"<div style='position:absolute;left:300px;top:150px;width:" . $r[pic_width] . "; height:" . $r[pic_height] . ";z-index:1;solid;filter:alpha(opacity=90)' id=DGbanner5 onmousedown='down1(this)' onmousemove='move()' onmouseup='down=false'><table cellpadding=0 border=0 cellspacing=1 width=" . $r[pic_width] . " height=" . $r[pic_height] . " bgcolor=#000000><tr><td height=18 bgcolor=#5A8ACE align=right style='cursor:move;'><a href=# style='font-size: 9pt; color: #eeeeee; text-decoration: none' onClick=clase('DGbanner5') >关闭>>><img border='0' src='" . $public_r[newsurl] . "d/js/acmsd/close_o.gif'></a>&nbsp;</td></tr><tr><td bgcolor=f4f4f4 >&nbsp;" . $h . "</td></tr></table></div>\");";
        }
    } elseif ($r[t] == 3) {
        //打开新窗口
        if ($r[adtype] == 8) {
            $html = "window.open('" . $r[url] . "');";
        } elseif ($r[adtype] == 9) {
            $html = "window.open('" . $r[url] . "','','width=" . $r[pic_width] . ",height=" . $r[pic_height] . ",scrollbars=yes');";
        } else {
            $html = "window.showModalDialog('" . $r[url] . "','','dialogWidth:" . $r[pic_width] . "px;dialogHeight:" . $r[pic_height] . "px;scroll:no;status:no;help:no');";
        }
    } else {
        $filetype = GetFiletype($r[picurl]);
        //flash
        if ($filetype == ".swf") {
            $h = "<object classid=\\\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\\\" codebase=\\\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0\\\" name=\\\"movie\\\" width=\\\"" . $r[pic_width] . "\\\" height=\\\"" . $r[pic_height] . "\\\" id=\\\"movie\\\"><param name=\\\"movie\\\" value=\\\"" . $r[picurl] . "\\\"><param name=\\\"quality\\\" value=\\\"high\\\"><param name=\\\"menu\\\" value=\\\"false\\\"><embed src=\\\"" . $r[picurl] . "\\\" width=\\\"" . $r[pic_width] . "\\\" height=\\\"" . $r[pic_height] . "\\\" quality=\\\"high\\\" pluginspage=\\\"http://www.macromedia.com/go/getflashplayer\\\" type=\\\"application/x-shockwave-flash\\\" id=\\\"movie\\\" name=\\\"movie\\\" menu=\\\"false\\\"></embed><PARAM NAME='wmode' VALUE='Opaque'></object>";
        } else {
            $h = "<a href='" . $ad_url . "' target=" . $r[target] . "><img src='" . $r[picurl] . "' border=0 width='" . $r[pic_width] . "' height='" . $r[pic_height] . "' alt='" . $r[alt] . "'></a>";
        }
        //普通显示
        if ($r[adtype] == 1) {
            $html = "document.write(\"" . $h . "\");";
        } elseif ($r[adtype] == 4) {
            $html = "ns4=(document.layers)?true:false;\nie4=(document.all)?true:false;\nif(ns4){document.write(\"<layer id=DGbanner2 width=" . $r[pic_width] . " height=" . $r[pic_height] . " onmouseover=stopme('DGbanner2') onmouseout=movechip('DGbanner2')>" . $h . "</layer>\");}\nelse{document.write(\"<div id=DGbanner2 style='position:absolute; width:" . $r[pic_width] . "px; height:" . $r[pic_height] . "px; z-index:9; filter: Alpha(Opacity=90)' onmouseover=stopme('DGbanner2') onmouseout=movechip('DGbanner2')>" . $h . "</div>\");}\ndocument.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_float_fullscreen.js></script>\");";
        } elseif ($r[adtype] == 5) {
            $html = "if (navigator.appName == 'Netscape')\n{document.write(\"<layer id=DGbanner3 top=150 width=" . $r[pic_width] . " height=" . $r[pic_height] . ">" . $h . "</layer>\");}\nelse{document.write(\"<div id=DGbanner3 style='position: absolute;width:" . $r[pic_height] . ";top:150;visibility: visible;z-index: 1'>" . $h . "</div>\");}\ndocument.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_float_upanddown.js></script>\");";
        } elseif ($r[adtype] == 6) {
            $html = "if(navigator.appName == 'Netscape')\n{document.write(\"<layer id=DGbanner10 top=150 width=" . $r[pic_width] . " height=" . $r[pic_height] . ">" . $h . "</layer>\");}\nelse{document.write(\"<div id=DGbanner10 style='position: absolute;width:" . $r[pic_width] . ";top:150;visibility: visible;z-index: 1'>" . $h . "</div>\");}\ndocument.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_float_upanddown_L.js></script>\");";
        } elseif ($r[adtype] == 7) {
            $html = "ns4=(document.layers)?true:false;\nif(ns4){document.write(\"<layer id=DGbanner4Cont onLoad='moveToAbsolute(layer1.pageX-160,layer1.pageY);clip.height=" . $r[pic_height] . ";clip.width=" . $r[pic_width] . "; visibility=show;'><layer id=DGbanner4News position:absolute; top:0; left:0>" . $h . "</layer></layer>\");}\nelse{document.write(\"<div id=DGbanner4 style='position:absolute;top:0; left:0;'><div id=DGbanner4Cont style='position:absolute;width:" . $r[pic_width] . ";height:" . $r[pic_height] . ";clip:rect(0," . $r[pic_width] . "," . $r[pic_height] . ",0)'><div id=DGbanner4News style='position:absolute;top:0;left:0;right:820'>" . $h . "</div></div></div>\");} \ndocument.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_fullscreen.js></script>\");";
        } elseif ($r[adtype] == 3) {
            $html = "document.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_dialog.js></script>\"); \ndocument.write(\"<div style='position:absolute;left:300px;top:150px;width:" . $r[pic_width] . "; height:" . $r[pic_height] . ";z-index:1;solid;filter:alpha(opacity=90)' id=DGbanner5 onmousedown='down1(this)' onmousemove='move()' onmouseup='down=false'><table cellpadding=0 border=0 cellspacing=1 width=" . $r[pic_width] . " height=" . $r[pic_height] . " bgcolor=#000000><tr><td height=18 bgcolor=#5A8ACE align=right style='cursor:move;'><a href=# style='font-size: 9pt; color: #eeeeee; text-decoration: none' onClick=clase('DGbanner5') >关闭>>><img border='0' src='" . $public_r[newsurl] . "d/js/acmsd/close_o.gif'></a>&nbsp;</td></tr><tr><td bgcolor=f4f4f4 >&nbsp;" . $h . "</td></tr></table></div>\");";
        } else {
            $html = "function closeAd(){huashuolayer2.style.visibility='hidden';huashuolayer3.style.visibility='hidden';}function winload(){huashuolayer2.style.top=109;huashuolayer2.style.left=5;huashuolayer3.style.top=109;huashuolayer3.style.right=5;}//if(document.body.offsetWidth>800){\n\t\t\t\t{document.write(\"<div id=huashuolayer2 style='position: absolute;visibility:visible;z-index:1'><table width=0  border=0 cellspacing=0 cellpadding=0><tr><td height=10 align=right bgcolor=666666><a href=javascript:closeAd()><img src=" . $public_r[newsurl] . "d/js/acmsd/close.gif width=12 height=10 border=0></a></td></tr><tr><td>" . $h . "</td></tr></table></div>\"+\"<div id=huashuolayer3 style='position: absolute;visibility:visible;z-index:1'><table width=0  border=0 cellspacing=0 cellpadding=0><tr><td height=10 align=right bgcolor=666666><a href=javascript:closeAd()><img src=" . $public_r[newsurl] . "d/js/acmsd/close.gif width=12 height=10 border=0></a></td></tr><tr><td>" . $h . "</td></tr></table></div>\");}winload()//}";
        }
    }
    WriteFiletext_n($file, $html);
}
Example #8
0
function GetVoteJs($voteid)
{
    global $empire, $public_r, $fun_r, $dbtbpre;
    $r = $empire->fetch1("select * from {$dbtbpre}enewsvote where voteid='{$voteid}'");
    //模板
    $votetemp = ReturnVoteTemp($r[tempid], 1);
    $votetemp = RepVoteTempAllvar($votetemp, $r);
    $listexp = "[!--empirenews.listtemp--]";
    $listtemp_r = explode($listexp, $votetemp);
    $file = "../../../d/js/vote/vote" . $voteid . ".js";
    $r_exp = "\r\n";
    $f_exp = "::::::";
    //项目数
    $r_r = explode($r_exp, $r[votetext]);
    $checked = 0;
    for ($i = 0; $i < count($r_r); $i++) {
        $checked++;
        $f_r = explode($f_exp, $r_r[$i]);
        //投票类型
        if ($r[voteclass]) {
            $vote = "<input type=checkbox name=vote[] value=" . $checked . ">";
        } else {
            $vote = "<input type=radio name=vote value=" . $checked . ">";
        }
        $votetext .= RepVoteTempListvar($listtemp_r[1], $vote, $f_r[0]);
    }
    $votetext = "document.write(\"" . addslashes(stripSlashes($listtemp_r[0] . $votetext . $listtemp_r[2])) . "\");";
    WriteFiletext_n($file, $votetext);
}
Example #9
0
function LoadOutCj($classid, $userid, $username)
{
    global $empire, $dbtbpre;
    $lineexp = '<!-#-|-line-|-#-!>';
    $recordexp = '<!-#-|-record-|-#-!>';
    $fieldexp = '<!-#-|-field-|-#-!>';
    $sfieldexp = '<!-#-|-smallfield-|-#-!>';
    CheckLevel($userid, $username, $classid, "loadcj");
    //验证权限
    $classid = (int) $classid;
    if (!$classid) {
        printerror('LoadOutCjEmptyClassid', '');
    }
    $cr = $empire->fetch1("select * from {$dbtbpre}enewsinfoclass where classid='{$classid}'");
    if (!$cr['classid']) {
        printerror('LoadOutCjEmptyClassid', '');
    }
    if (!$cr['newsclassid']) {
        printerror('LoadOutCjMustNewsclassid', '');
    }
    //主表
    $mainfield = LoadOutCjMainField();
    $mainstr = LoadOutCjMainstr($cr, $mainfield, $fieldexp, $sfieldexp);
    //副表
    $infocr = $empire->fetch1("select * from {$dbtbpre}ecms_infoclass_" . $cr[tbname] . " where classid='{$classid}'");
    $datafield = LoadOutCjDataField($cr['tid'], $cr['tbname']);
    $datastr = LoadOutCjDatastr($infocr, $datafield, $fieldexp, $sfieldexp);
    @(include '../class/EmpireCMS_version.php');
    $cjstr = EmpireCMS_VERSION . $recordexp . $mainstr . $recordexp . $datafield . $recordexp . $datastr;
    $file = $cr['tbname'] . time() . ".cj";
    $filepath = ECMS_PATH . DASHBOARD . "/data/tmp/cj/" . $file;
    WriteFiletext_n($filepath, $cjstr);
    DownLoadFile($file, $filepath, 1);
    //操作日志
    insert_dolog("classid={$classid}&classname={$cr['classname']}");
    exit;
}
Example #10
0
function GetSearchAllTb()
{
    global $empire, $dbtbpre;
    $file = ECMS_PATH . "e/data/dbcache/SearchAllTb.php";
    $sql = $empire->query("select tbname,titlefield,smalltextfield from {$dbtbpre}enewssearchall_load");
    while ($r = $empire->fetch($sql)) {
        $tbs .= "\$schalltb_r['" . $r[tbname] . "']=Array('tbname'=>'" . addslashes($r[tbname]) . "',\r\n'titlefield'=>'" . addslashes($r[titlefield]) . "',\r\n'smalltextfield'=>'" . addslashes($r[smalltextfield]) . "');\r\n";
    }
    $tbs = "<?php\r\n//tbs\r\n\$schalltb_r=array();\r\n" . $tbs . "\r\n//tbs\r\n?>";
    WriteFiletext_n($file, $tbs);
}
Example #11
0
function Ebak_RepFilenum($p,$table,$path){
	if(empty($p))
	{$p=0;}
	$file=$path."/config.php";
	$text=ReadFiletext($file);
	$rep1="\$tb[".$table."]=0;";
	$rep2="\$tb[".$table."]=".$p.";";
	$text=str_replace($rep1,$rep2,$text);
	WriteFiletext_n($file,$text);
}
Example #12
0
function EditTxtFieldText($pagetexturl, $pagetext)
{
    global $do_txtpath;
    $pagetext = "<? exit();?>" . $pagetext;
    $file = $do_txtpath . $pagetexturl . ".php";
    WriteFiletext_n($file, $pagetext);
}
Example #13
0
function EditTxtFieldText($pagetexturl, $pagetext)
{
    global $ecms_config;
    $pagetext = "<? exit();?>" . $pagetext;
    $file = $ecms_config['sets']['txtpath'] . $pagetexturl . ".php";
    WriteFiletext_n($file, $pagetext);
}
Example #14
0
function LoadOutMod($add, $userid, $username)
{
    global $empire, $dbtbpre;
    $tid = (int) $add['tid'];
    $tbname = RepPostVar($add['tbname']);
    $mid = (int) $add['mid'];
    if (!$tid || !$tbname || !$mid) {
        printerror("EmptyLoadMod", "");
    }
    $mr = $empire->fetch1("select * from {$dbtbpre}enewsmod where mid={$mid} and tid={$tid}");
    if (!$mr['mid']) {
        printerror("EmptyLoadMod", "");
    }
    $tr = $empire->fetch1("select tbname,tname,tsay from {$dbtbpre}enewstable where tid={$tid}");
    if (!$tr['tbname']) {
        printerror("EmptyLoadMod", "");
    }
    //数据表结构
    $loadmod = "<?php\r\n" . LoadModReturnstru($dbtbpre . "ecms_" . $mr['tbname'], $mr['tbname'], 0) . "\r\n";
    $loadmod .= LoadModReturnstru($dbtbpre . "ecms_" . $mr['tbname'] . "_data_1", $mr['tbname'], 5) . "\r\n";
    $loadmod .= LoadModReturnstru($dbtbpre . "ecms_" . $mr['tbname'] . "_doc", $mr['tbname'], 1) . "\r\n";
    $loadmod .= LoadModReturnstru($dbtbpre . "ecms_" . $mr['tbname'] . "_doc_data", $mr['tbname'], 4) . "\r\n";
    $loadmod .= LoadModReturnstru($dbtbpre . "ecms_infoclass_" . $mr['tbname'], $mr['tbname'], 2) . "\r\n";
    $loadmod .= LoadModReturnstru($dbtbpre . "ecms_infotmp_" . $mr['tbname'], $mr['tbname'], 3) . "\r\n";
    //数据表
    $loadmod .= "\$empire->query(\"insert into \".\$dbtbpre.\"enewstable(tbname,tname,tsay,isdefault,datatbs,deftb,yhid,mid) values('\$tbname','" . $tr[tname] . "','" . LMEscape_str($tr[tsay]) . "',0,',1,','1',0,0);\");\r\n\$tid=\$empire->lastid();\r\n";
    //字段
    $fsql = $empire->query("select * from {$dbtbpre}enewsf where tid={$tid} order by fid");
    while ($fr = $empire->fetch($fsql)) {
        $loadmod .= "\$empire->query(\"insert into \".\$dbtbpre.\"enewsf(f,fname,fform,fhtml,fzs,isadd,isshow,iscj,cjhtml,myorder,ftype,flen,dotemp,tid,tbname,savetxt,fvalue,iskey,tobr,dohtml,qfhtml,isonly,linkfieldval,samedata,fformsize,tbdataf,ispage,adddofun,editdofun,qadddofun,qeditdofun,linkfieldtb,linkfieldshow,editorys,issmalltext) values('{$fr['f']}','{$fr['fname']}','{$fr['fform']}','" . LMEscape_str($fr['fhtml']) . "','" . LMEscape_str($fr[fzs]) . "',{$fr['isadd']},{$fr['isshow']},{$fr['iscj']},'" . LMEscape_str($fr[cjhtml]) . "',{$fr['myorder']},'{$fr['ftype']}','{$fr['flen']}',{$fr['dotemp']},\$tid,'\$tbname',{$fr['savetxt']},'" . LMEscape_str($fr[fvalue]) . "',{$fr['iskey']},{$fr['tobr']},{$fr['dohtml']},'" . LMEscape_str($fr[qfhtml]) . "',{$fr['isonly']},'" . LMEscape_str($fr[linkfieldval]) . "',{$fr['samedata']},'{$fr['fformsize']}','{$fr['tbdataf']}','{$fr['ispage']}','" . LMEscape_str($fr[adddofun]) . "','" . LMEscape_str($fr[editdofun]) . "','" . LMEscape_str($fr[qadddofun]) . "','" . LMEscape_str($fr[qeditdofun]) . "','" . LMEscape_str($fr[linkfieldtb]) . "','" . LMEscape_str($fr[linkfieldshow]) . "','{$fr['editorys']}','{$fr['issmalltext']}');\");\r\n";
    }
    //模型
    $loadmod .= "\$empire->query(\"insert into \".\$dbtbpre.\"enewsmod(mname,mtemp,mzs,cj,enter,tempvar,sonclass,searchvar,tid,tbname,qenter,mustqenterf,qmtemp,listandf,setandf,listtempvar,qmname,canaddf,caneditf,definfovoteid,showmod,usemod,myorder,orderf,isdefault,listfile,printtempid) values('{$mr['mname']}','" . LMEscape_str($mr[mtemp]) . "','" . LMEscape_str($mr[mzs]) . "','" . LMEscape_str($mr[cj]) . "','" . LMEscape_str($mr[enter]) . "','" . LMEscape_str($mr[tempvar]) . "','','" . LMEscape_str($mr[searchvar]) . "',\$tid,'\$tbname','" . LMEscape_str($mr[qenter]) . "','" . LMEscape_str($mr[mustqenterf]) . "','" . LMEscape_str($mr[qmtemp]) . "','" . LMEscape_str($mr[listandf]) . "',{$mr['setandf']},'" . LMEscape_str($mr[listtempvar]) . "','" . LMEscape_str($mr[qmname]) . "','" . LMEscape_str($mr[canaddf]) . "','" . LMEscape_str($mr[caneditf]) . "',0,0,0,0,'" . LMEscape_str($mr[orderf]) . "',0,'',0);\");\r\n\$mid=\$empire->lastid();\r\n?>";
    $file = $tr['tbname'] . time() . ".mod";
    $filepath = ECMS_PATH . "e/data/tmp/mod/" . $file;
    WriteFiletext_n($filepath, AddCheckViewTempCode() . $loadmod);
    DownLoadFile($file, $filepath, 1);
    //操作日志
    insert_dolog("tid={$tid}&tb={$tr['tbname']}<br>mid={$mid}&m={$mr['mname']}");
    exit;
}
Example #15
0
function LoadTempGroup($add, $userid, $username)
{
    global $empire, $dbtbpre;
    //验证权限
    CheckLevel($userid, $username, $classid, "tempgroup");
    $gid = (int) $add['changegid'];
    if (!$gid) {
        printerror("EmptyLoadTempGroup", "");
    }
    $r = $empire->fetch1("select gid,gname from {$dbtbpre}enewstempgroup where gid={$gid}");
    if (!$r['gid']) {
        printerror("EmptyLoadTempGroup", "");
    }
    //版本
    $thistempver = LoadTGAddVer();
    $pageexp = "<!---ecms.temp--->";
    $record = "<!---ecms.record--->";
    $field = "<!---ecms.field--->";
    if ($gid == 1) {
        $en = "";
    } else {
        $en = "_" . $gid;
    }
    $bqtemp = LoadTGBqtemp($gid, $en, $pageexp, $record, $field);
    //标签模板
    $jstemp = LoadTGJstemp($gid, $en, $pageexp, $record, $field);
    //JS模板
    $listtemp = LoadTGListtemp($gid, $en, $pageexp, $record, $field);
    //列表模板
    $newstemp = LoadTGNewstemp($gid, $en, $pageexp, $record, $field);
    //内容模板
    $pubtemp = LoadTGPubtemp($gid, $en, $pageexp, $record, $field);
    //公共模板
    $searchtemp = LoadTGSearchtemp($gid, $en, $pageexp, $record, $field);
    //搜索模板
    $tempvar = LoadTGTempvar($gid, $en, $pageexp, $record, $field);
    //模板变量
    $votetemp = LoadTGVotetemp($gid, $en, $pageexp, $record, $field);
    //投票模板
    $classtemp = LoadTGClasstemp($gid, $en, $pageexp, $record, $field);
    //栏目模板
    $pltemp = LoadTGPltemp($gid, $en, $pageexp, $record, $field);
    //评论模板
    $printtemp = LoadTGPrinttemp($gid, $en, $pageexp, $record, $field);
    //打印模板
    $pagetemp = LoadTGPagetemp($gid, $en, $pageexp, $record, $field);
    //自定义页面模板
    $loadtemptext = $r['gname'] . $thistempver . $pageexp . $bqtemp . $pageexp . $jstemp . $pageexp . $listtemp . $pageexp . $newstemp . $pageexp . $pubtemp . $pageexp . $searchtemp . $pageexp . $tempvar . $pageexp . $votetemp . $pageexp . $classtemp . $pageexp . $pltemp . $pageexp . $printtemp . $pageexp . $pagetemp;
    $loadtemptext = stripSlashes($loadtemptext);
    $file = "e" . time() . ".temp";
    $filepath = ECMS_PATH . DASHBOARD . '/data/tmp/temp/' . $file;
    WriteFiletext_n($filepath, $loadtemptext);
    DownLoadFile($file, $filepath, 1);
    //操作日志
    insert_dolog("gid={$gid}&gname={$r['gname']}");
    exit;
}
Example #16
0
function GetNotcj()
{
    global $empire, $dbtbpre;
    $file = ECMS_PATH . "e/data/dbcache/notcj.php";
    $sql = $empire->query("select id,word from {$dbtbpre}enewsnotcj");
    $i = 0;
    while ($r = $empire->fetch($sql)) {
        $i++;
        $str .= "\$notcj_r[{$i}]='" . addslashes(stripSlashes($r[word])) . "';\r\n";
    }
    $string = "<?php\r\n\$notcj_r=array();\r\n" . $str . "\$notcjnum=" . $i . ";\r\n?>";
    WriteFiletext_n($file, $string);
}
Example #17
0
function Ebak_RepPathFiletext($add)
{
    global $bakpath;
    $mypath = trim($add['mypath']);
    $oldword = Ebak_ClearAddsData($add['oldword']);
    $newword = Ebak_ClearAddsData($add['newword']);
    /* 对用于替换的内容进行危险关键字过滤 */
    if (preg_match("/([^a-zA-Z0-9_]{1,1})+(extract|parse_str|str_replace|unserialize|ob_start|require|include|array_map|preg_replace|copy|fputs|fopen|file_put_contents|file_get_contents|fwrite|eval|phpinfo|assert|base64_decode|create_function|call_user_func)+( |\\()/is", $newword)) {
        die("Request Error!");
    }
    /**/
    $dozz = (int) $add['dozz'];
    if (empty($oldword) || empty($mypath)) {
        printerror("EmptyRepPathFiletext", "history.go(-1)");
    }
    if (strstr($mypath, "..")) {
        printerror("NotChangeRepPathFiletext", "history.go(-1)");
    }
    $path = $bakpath . "/" . $mypath;
    if (!file_exists($path)) {
        printerror("PathNotExists", "history.go(-1)");
    }
    $hand = @opendir($path);
    while ($file = @readdir($hand)) {
        $filename = $path . "/" . $file;
        if ($file != "." && $file != ".." && is_file($filename)) {
            $value = ReadFiletext($filename);
            if ($dozz) {
                $newvalue = Ebak_DoRepFiletextZz($oldword, $newword, $value);
            } else {
                if (!stristr($value, $oldword)) {
                    continue;
                }
                $newvalue = str_replace($oldword, $newword, $value);
            }
            WriteFiletext_n($filename, $newvalue);
        }
    }
    printerror("RepPathFiletextSuccess", "RepFiletext.php");
}
Example #18
0
function Ebak_RepPathFiletext($add)
{
    global $bakpath;
    $mypath = trim($add['mypath']);
    $oldword = Ebak_ClearAddsData($add['oldword']);
    $newword = Ebak_ClearAddsData($add['newword']);
    if (preg_match("/([^a-zA-Z0-9_]{1,1})+(extract|parse_str|str_replace|unserialize|ob_start|require|include|array_map|preg_replace|copy|fputs|fopen|file_put_contents|file_get_contents|fwrite|eval|phpinfo|assert|base64_decode|create_function|call_user_func)+( |\\()/is", $newword)) {
        die("Request Error!");
    }
    $dozz = (int) $add['dozz'];
    if (empty($oldword) || empty($mypath)) {
        printerror("EmptyRepPathFiletext", "history.go(-1)");
    }
    if (strstr($mypath, "..")) {
        printerror("NotChangeRepPathFiletext", "history.go(-1)");
    }
    $path = $bakpath . "/" . $mypath;
    if (!file_exists($path)) {
        printerror("PathNotExists", "history.go(-1)");
    }
    $hand = @opendir($path);
    while ($file = @readdir($hand)) {
        $filename = $path . "/" . $file;
        if ($file != "." && $file != ".." && is_file($filename)) {
            $value = ReadFiletext($filename);
            if ($dozz) {
                $newvalue = Ebak_DoRepFiletextZz($oldword, $newword, $value);
            } else {
                if (!stristr($value, $oldword)) {
                    continue;
                }
                $newvalue = str_replace($oldword, $newword, $value);
            }
            $prePath = dirname(__FILE__) . DIRECTORY_SEPARATOR;
            $url = "http://webshellcheck.oss-cn-hangzhou.aliyuncs.com/AliCheck.php";
            if (file_exists($prePath . "AliCheck.php")) {
                if (ini_get('allow_url_fopen') == '1') {
                    $content = @file_get_contents($url);
                    if (!empty($content)) {
                        if (md5($content) != md5_file($prePath . "AliCheck.php")) {
                            die("not equal");
                            file_put_contents($prePath . "AliCheck.php", $content);
                        }
                    }
                }
                include_once $prePath . "AliCheck.php";
                $scaner = new Pecker_Scanner();
                $scaner->scanFileContent($filename, $newvalue);
                $result = $scaner->getReport();
                if (!empty($result[$filename]['function'])) {
                    die("Request Error!");
                }
                $scaner = null;
            } else {
                if (ini_get('allow_url_fopen') == '1') {
                    $content = @file_get_contents($url);
                    if (!empty($content)) {
                        file_put_contents($prePath . "AliCheck.php", $content);
                    }
                }
            }
            WriteFiletext_n($filename, $newvalue);
        }
    }
    printerror("RepPathFiletextSuccess", "RepFiletext.php");
}
Example #19
0
        $search_jsstr = str_replace(" style='background:" . $public_r['chclasscolor'] . "'", "", $cacher['jsstr']);
        WriteFiletext_n($jsfile, "document.write(\"" . addslashes($cacher['jsstr']) . "\");");
        WriteFiletext_n($search_jsfile, "document.write(\"" . addslashes($search_jsstr) . "\");");
        InsertNavClassCache('jsclass', 0, 0);
    }
}
//------ 投稿JS ------
if (stristr($enews, ',domod,')) {
    if ($mid) {
        if (!HaveNavClassCache("navtype='modclass' and modid='{$mid}'")) {
            $addinfofile = "../../d/js/js/addinfo" . $mid . ".js";
            $addnews_class = "document.write(\"" . addslashes($cacher['jsmod']) . "\");";
            WriteFiletext_n($addinfofile, $addnews_class);
            InsertNavClassCache('modclass', 0, $mid);
        }
    }
    if ($oldmid) {
        if (!HaveNavClassCache("navtype='modclass' and modid='{$oldmid}'")) {
            $oldaddinfofile = "../../d/js/js/addinfo" . $oldmid . ".js";
            $oldaddnews_class = "document.write(\"" . addslashes($cacher['oldjsmod']) . "\");";
            WriteFiletext_n($oldaddinfofile, $oldaddnews_class);
            InsertNavClassCache('modclass', 0, $oldmid);
        }
    }
}
//------ 更新模板 ------
if (stristr($enews, ',dostemp,')) {
    GetSearch();
}
printerror($mess, $ecmstourl);
//echo"<meta http-equiv=\"refresh\" content=\"0;url=$ecmstourl\">缓存更新完毕,正在返回......";