function callback($ctx)
{
$jump = htmlspecialchars(trim($_GET['jump']));
self::validate_url($jump);
if (!$this->appid || !$this->secret) {
_redirect($jump);
}
$code = urlencode(htmlspecialchars(trim($_GET['code'])));
if (!$code) {
_redirect($jump);
}
$wx_url = 'https://api.weixin.qq.com/sns/oauth2/access_token';
$wx_url = "{$wx_url}?appid={$this->appid}&secret={$this->secret}&code={$code}&grant_type=authorization_code";
$resp = Http::get($wx_url);
$ret = @json_decode($resp, true);
if (is_array($ret) && $ret['openid']) {
$connect = WxConnect::get_by('wx_openid', $ret['openid']);
if ($connect) {
Logger::info("wx_openid[{$ret['openid']}] oauth login, uid: {$connect->user_id}");
$profile = Profile::get($connect->user_id);
if ($profile && $profile->status != Profile::STATUS_LOCK) {
UC::force_login($profile);
}
} else {
// 兼容 /weixin/bind, 因为它依赖 session 中的 openid, 所以这里设置
session_start();
$_SESSION['wx_openid'] = $ret['openid'];
}
} else {
Logger::info("weixin oauth, code: {$code}, resp: {$resp}, " . Http::$error);
}
_redirect($jump);
}
function edit($ctx)
{
_render('form');
try {
$channel_id = (string) $_GET['id'] !== '' ? intval($_GET['id']) : '';
$m = Channel::get($channel_id);
if (!$m) {
_redirect($this->_list_url());
return;
}
$wx_info = WxChannelInfo::get($channel_id);
if ($_POST) {
$f = $_POST['f'];
// 生成二维码 每次保存都更新一次 但是如果已经发放了 其实不能更新的 因为会过期 所以,永久的不能更新 临时的更新可以处理
$expire_type = intval($f['expire_type']);
$expire_seconds = intval($f['expire_seconds']);
$expire_seconds = max(0, $expire_seconds);
$status = intval($f['status']);
$wx_info = WxChannelInfo::qrcode_create($channel_id, $expire_type, $expire_seconds, $status);
_redirect($this->_list_url());
}
$ctx->wx_info = $wx_info;
$ctx->m = $m;
} catch (Exception $e) {
$msg = $e->getMessage();
$ctx->errmsg = $msg;
$ctx->m = $m;
$ctx->wx_info = $wx_info;
}
}
function index($ctx)
{
$conf = App::$config['login'];
if (strlen($conf['password']) < 6 || $conf['password'] == '12345678') {
$ctx->errmsg = 'Password is not configured strong enough, you can not login';
return;
}
if ($_POST) {
session_start();
$vcode = strtolower(htmlspecialchars($_POST['verify_code']));
if (!$vcode || $vcode !== strtolower($_SESSION['verify_code'])) {
$ctx->errmsg = 'Wrong captcha code';
return;
}
$name = htmlspecialchars(trim($_POST['name']));
$password = htmlspecialchars(trim($_POST['password']));
if ($name === $conf['name'] && $password === $conf['password']) {
$_SESSION['login_user'] = 1;
_redirect('/');
return;
} else {
$ctx->errmsg = "Wrong username or password!";
}
}
}
function refresh_js_token($ctx)
{
$id = intval($_GET['id']);
$account = WxAccount::get($id);
$account->refresh_js_token();
_redirect(_list_url());
}
function init($ctx)
{
session_start();
$user = $_SESSION['admin_user'];
if (!$user) {
_redirect('admin/login');
}
}
function del($ctx)
{
$id = intval($_GET['id']);
$contract = Contract::get($id);
if ($contract) {
$contract->set_del();
}
_redirect(_list_url());
}
function set_new($ctx)
{
$id = intval($_GET['id']);
$tactics = Tactics::get($id);
if ($tactics) {
$tactics->set_new();
}
_redirect(_list_url());
}
function init($ctx)
{
parent::init($ctx);
$ctx->user = UC::auth();
if (!$ctx->user) {
$url = $_SERVER['REQUEST_URI'];
_redirect('login', array('jump' => $url));
return;
}
}
function success($ctx)
{
$ctx->title = '绑定成功';
$prj_subscribe_status = $_COOKIE['no_subscribe_prj'] ? WxConnect::PRJ_UNSUBSCRIBED : WxConnect::PRJ_SUBSCRIBED;
setcookie('no_subscribe_prj', '', time() + 3600);
if (!$ctx->user) {
_redirect(_action('/'));
}
$uid = $ctx->user['id'];
$wx_openid = $this->openid;
if ($uid && $wx_openid) {
WxConnect::bind($uid, $wx_openid);
}
setcookie(WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX, '', time() - 1, '/');
unset($_SESSION['wx_openid']);
}
function index($ctx)
{
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!SafeUtil::verify_captcha($_POST['verify_code'])) {
$ctx->errmsg = '验证码错误!';
return;
}
$name = htmlspecialchars(trim($_POST['name']));
$password = htmlspecialchars(trim($_POST['password']));
if ($name === 'admin' && $password === 'yuhun666') {
$_SESSION['admin_user'] = 1;
$url = _url('admin');
_redirect($url);
return;
} else {
$ctx->errmsg = "用户名或密码错误!";
}
}
}
function index($ctx)
{
$conf = App::$config['login'];
if (strlen($conf['password']) < 6) {
$ctx->errmsg = 'Password is not configured strong enough, you can not login';
return;
}
if ($_POST) {
$name = htmlspecialchars(trim($_POST['name']));
$password = htmlspecialchars(trim($_POST['password']));
if ($name === $conf['name'] && $password === $conf['password']) {
$_SESSION['login_user'] = 1;
_redirect('/');
return;
} else {
$ctx->errmsg = "Wrong username or password!";
}
}
}
function index($ctx)
{
$jump = htmlspecialchars(trim($_GET['jump']));
$host = Html::host();
if (!preg_match("/http(s)?:\\/\\/[^\\/]*{$host}\\//", $jump)) {
$jump = '';
}
// 验证 token
$token = htmlspecialchars(trim($_GET['token']));
if (strlen($token) == 32) {
$sess = WxTmpLogin::get_session($token);
if ($sess) {
WxTmpLogin::del_session($token);
}
}
if (!$sess) {
#if($token && !$_SESSION['wx_openid']){
# _throw("链接已经过期, 请重新获取微信消息!", 200);
#}
_redirect($jump);
}
session_start();
$_SESSION['wx_openid'] = $sess['openid'];
$connect = WxConnect::get_by('wx_openid', $sess['openid']);
if (!$connect) {
setcookie(WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX, 1, time() + 3600 * 24, '/');
Logger::info("not connected wx_openid: {$sess['openid']}");
UC::logout();
} else {
$uid = $connect->user_id;
$profile = Profile::get($uid);
setcookie('ltz_wx_binded', 1, time() + 3600 * 24 * 365, "/");
// 已经绑定了,直接删除该cookie
if (isset($_COOKIE[WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX])) {
setcookie(WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX, '', time() - 1, '/');
}
Logger::info("wx_openid[{$sess['openid']}] login, uid: {$uid}, {$profile->name}");
UC::force_login($profile);
}
_redirect($jump);
}
function index($ctx)
{
$aid = $_GET['aid'] ? intval($_GET['aid']) : 0;
$account = WxAccount::get($aid);
if (count($account) <= 0) {
_redirect('/admin/weixin/account');
return;
}
$str_menu = $account->menu;
$arr_menu = $this->format_wx_menu($str_menu);
if (empty($arr_menu) || !isset($arr_menu['button'])) {
$arr_menu = array();
} else {
$arr_menu = $arr_menu['button'];
}
// 需要对sub_button 进行特殊处理,javascript对object和array的处理不一致
$ctx->aid = $aid;
$ctx->menus = json_encode($arr_menu);
$ctx->count = count($arr_menu);
$ctx->account = $account;
}
private function on_submit($ctx)
{
$conf = App::$config['login'];
$req = array('name' => $_POST['name'], 'password' => $_POST['password']);
$req = SafeUtil::safe_decrypt($req);
if (!$req) {
_throw("decrypt failed");
}
$name = htmlspecialchars(trim($req['name']));
$password = htmlspecialchars(trim($req['password']));
$ctx->name = $name;
$vcode = strtolower(htmlspecialchars($_POST['verify_code']));
if (!$vcode || $vcode !== strtolower($_SESSION['verify_code'])) {
$ctx->errmsg = 'Wrong captcha code';
return;
}
if ($name === $conf['name'] && $password === $conf['password']) {
$_SESSION['login_user'] = 1;
_redirect('/');
return;
} else {
$ctx->errmsg = "Wrong username or password!";
}
}
function del($ctx)
{
if ($_POST) {
$k = $_POST['k'];
if (is_array($k)) {
$this->ssdb->multi_del($k);
} else {
$this->ssdb->del($k);
}
_redirect($_POST['jump']);
return;
}
$k = $_GET['k'];
if (!is_array($k)) {
$k = array($k);
}
$ctx->ks = $k;
$ctx->jump = $_SERVER['HTTP_REFERER'];
if (!$ctx->jump) {
$ctx->jump = _url('kv');
}
}
<?php
_redirect('admin/post/list');
function _view($m)
{
_redirect($this->_view_url($m));
}
static function _run()
{
if (base_path() == 'index.php') {
_redirect('');
}
ob_start();
App::init();
ob_clean();
$data = self::execute();
return $data;
}
public function home()
{
global $core;
error_reporting(0);
$v = $this->__(w('v'));
if (!$v['v']) {
$sql = 'SELECT media_id
FROM _bio_media
WHERE media_type = ?
AND media_mp3 = ?
LIMIT 1';
$v['v'] = _field(sql_filter($sql, 1, 0), 'media_id', 0);
}
$tag_format = 'UTF-8';
$relative_path = '/data/artists/%s/media/';
$absolute_path = '/var/www/vhosts/rockrepublik.net/www' . $relative_path;
$sql = 'SELECT m.*, b.bio_id, b.bio_name
FROM _bio_media m
LEFT JOIN _bio b ON m.media_bio = b.bio_id
WHERE m.media_id = ?';
//$spaths = '/data/artists/' . $songd['ub'] . '/media/';
//$spath = '/var/www/vhosts/rockrepublik.net/httpdocs' . $spaths;
if ($media = _fieldrow(sql_filter($sql, $v['v']))) {
$row_relative = sprintf($relative_path, $media['bio_id']);
$row_absolute = $absolute_path . $row_relative;
$row_wma = $row_absolute . $media['media_id'] . '.wma';
$row_mp3 = $row_absolute . $media['media_id'] . '.mp3';
$rel_wma = '.' . $row_relative . $media['media_id'] . '.wma';
$rel_mp3 = '.' . $row_relative . $media['media_id'] . '.mp3';
if (@file_exists($rel_wma) && !@file_exists($rel_mp3) && !$media['media_mp3']) {
exec('ffmpeg -i ' . $row_wma . ' -vn -ar 44100 -ac 2 -ab 64kb -f mp3 ' . $row_mp3);
include_once XFS . XCOR . 'getid3/getid3.php';
$getID3 = new getID3();
$getID3->setOption(array('encoding' => $tag_format));
getid3_lib::IncludeDependency(GETID3_INCLUDEPATH . 'write.php', __FILE__, true);
$tagwriter = new getid3_writetags();
$tagwriter->filename = getid3_lib::SafeStripSlashes($row_mp3);
$tagwriter->tagformats = array('id3v1');
$tagwriter->overwrite_tags = true;
$tagwriter->tag_encoding = $tag_format;
$tagwriter->remove_other_tags = true;
$tag_comment = 'Visita www.rockrepublik.net';
$media['album'] = !empty($media['media_album']) ? $media['media_album'] : 'Single';
$media['genre'] = !empty($media['media_genre']) ? $media['media_genre'] : 'Rock';
$media_f = array('title', 'name', 'album', 'genre');
foreach ($media_f as $mr) {
$media['media_' . $mr] = getid3_lib::SafeStripSlashes(utf8_encode(html_entity_decode($media['media_' . $mr])));
}
$tagwriter->tag_data = array('title' => array($media['media_title']), 'artist' => array($media['media_name']), 'album' => array($media['media_album']), 'year' => array(getid3_lib::SafeStripSlashes($media['media_year'])), 'genre' => array($media['media_genre']), 'comment' => array(getid3_lib::SafeStripSlashes($tag_comment)), 'tracknumber' => array(''));
$tagwriter->WriteTags();
$sql = 'UPDATE _bio_media SET media_mp3 = ?
WHERE media_id = ?';
_sql(sql_filter($sql, 1, $media['media_id']));
$fp = @fopen('./conv.txt', 'a+');
fwrite($fp, $row_mp3 . "\n");
fclose($fp);
}
if (!@file_exists($rel_wma)) {
$sql = 'UPDATE _bio_media SET media_mp3 = ?
WHERE media_id = ?';
_sql(sql_filter($sql, 2, $media['media_id']));
}
}
$sql = 'SELECT media_id
FROM _bio_media
WHERE media_type = ?
AND media_mp3 = ?
LIMIT 1';
if ($v_next = _field(sql_filter($sql, 1, 0), 'media_id', 0)) {
sleep(1);
_redirect(_link($this->m(), array('v' => $v_next)));
} else {
$this->e('no_next');
}
return $this->e('.');
}
<?php
include _i('inc/authenticate.php');
$lang = _getLang();
$pageTitle = _t('Add New Post');
$id = 0;
$id = _arg(3);
if ($id) {
$pageTitle = _t('Edit Post');
} else {
if ($lang != _defaultLang()) {
_redirect('admin/post/setup/', null, _defaultLang());
}
}
include 'query.php';
?>
<!DOCTYPE html>
<html lang="<?php
echo _lang();
?>
">
<head>
<title><?php
echo _title($pageTitle);
?>
</title>
<?php
include _i('inc/tpl/head.php');
?>
<?php
_css('base.' . _getLang() . '.css');
<?php
_redirect('admin/user/list');
<?php
if (auth_isAnonymous()) {
flash_set(_t('Your session is expired.'), '', 'error');
_redirect('admin/login');
}
$timestamp = _arg(2);
if ($timestamp) {
if ($timestamp == $_auth->timestamp) {
# Normal logout process
auth_clear();
flash_set(_t('You have signed out successfully.'));
_redirect('admin/login');
}
}
function logout($ctx)
{
unset($_SESSION['admin_user']);
_redirect('admin/login');
}
}
} else {
// die($m->ErrorInfo);
if ($is_ajax === false) {
_redirect('#alert_failed');
exit;
} else {
die('_failed_');
}
}
// mail()
} else {
// mail( string $to , string $subject , string $message [, string $additional_headers [, string $additional_parameters ]] )
mail($config['send_to'], $config['subject'], $email_body);
if ($is_ajax === false) {
_redirect('#alert_success');
exit;
} else {
die('_success_');
}
}
exit;
}
/** ******************************** **
* @REDIRECT
#alert_success = email sent
#alert_failed = email not sent - internal server error (404 error or SMTP problem)
#alert_mandatory = email not sent - required fields empty
** ******************************** **/
function _redirect($hash)
{
function init($ctx)
{
session_start();
$ctx->user = $_SESSION['login_user'];
if (!$ctx->user) {
_redirect('login');
return;
}
$servers = array();
if (isset(App::$config['ssdb'])) {
$servers[] = App::$config['ssdb'];
}
if (isset(App::$config['servers'])) {
$servers = array_merge($servers, App::$config['servers']);
}
if (!$servers) {
_throw("No servers config!");
}
$confs = array();
foreach ($servers as $s) {
$k = "{$s['host']}:{$s['port']}";
$confs[$k] = $s;
}
if (isset($_GET['PHPSSDBADMIN_SERVER'])) {
$conf_k = $_GET['PHPSSDBADMIN_SERVER'];
setcookie('PHPSSDBADMIN_SERVER', $conf_k, time() + 86400 * 300, '/');
$_COOKIE['PHPSSDBADMIN_SERVER'] = $conf_k;
}
$conf_k = $_COOKIE['PHPSSDBADMIN_SERVER'];
if (isset($confs[$conf_k])) {
$conf = $confs[$conf_k];
} else {
$conf = $servers[0];
}
$ctx->conf = $conf;
$ctx->conf_k = $conf_k;
$ctx->confs = $confs;
try {
$this->ssdb = new SimpleSSDB($conf['host'], $conf['port']);
} catch (Exception $e) {
_throw("SSDB error: " . $e->getMessage());
}
if (!empty($conf['password'])) {
$this->ssdb->auth($conf['password']);
}
$req = $_GET + $_POST;
if (isset($req['size'])) {
$ctx->size = intval($req['size']);
if ($ctx->size > 0) {
setcookie('psa_size', $ctx->size, time() + 86400 * 30, '/');
$_COOKIE['psa_size'] = $ctx->size;
}
}
if (isset($_COOKIE['psa_size'])) {
$ctx->size = intval($_COOKIE['psa_size']);
} else {
$ctx->size = 0;
}
if ($ctx->size <= 0) {
$ctx->size = 10;
}
}
$post = _post($_POST);
extract($post);
$validations = array('txtName' => array('caption' => _t('Name'), 'value' => $txtName, 'rules' => array('mandatory')), 'txtEmail' => array('caption' => _t('Email'), 'value' => $txtEmail, 'rules' => array('mandatory', 'email')), 'txtConfirmEmail' => array('caption' => _t('Re-type Email'), 'value' => $txtConfirmEmail, 'rules' => array('mandatory', 'email', 'validate_emailRetyped'), 'parameters' => array('validate_emailRetyped' => array($txtEmail)), 'messages' => array('mandatory' => _t('Please re-type Email.'), 'validate_emailRetyped' => _t('Your re-typed email address does not match.'))), 'txaComment' => array('caption' => _t('Comment'), 'value' => $txaComment, 'rules' => array('mandatory')));
/* form token check && input validation check */
if (form_validate($validations)) {
/**
* //// Database operation example
*
* $data = array(
* // 'fieldname' => data
* 'name' => $txtName,
* 'email' => $txtEmail,
* 'comment' => $txaComment
* );
*
* if (db_insert('comment', $data, $useSlug = false)) { // if the third parameter is omitted, your table must have a field "slug".
* $commentId = db_insertId();
* $success = true;
* }
*/
$success = true;
# this should be set to true only when db operation is successful.
if ($success) {
form_set('success', true);
flash_set(_t('Your comment has been posted.'), 'comment_posted');
_redirect();
}
} else {
form_set('error', validation_get('errors'));
}
}
$cArray = explode(',', $cids);
$_Ccount = count($cArray);
$k = isset($_GET['k']) ? $_GET['k'] : 0;
$rs = $DreamCMS->db->get_results("SELECT id FROM #DC@__article WHERE cid in ({$cids}) and `visible`='1'");
empty($totle) && ($totle = count($rs));
$tloop = ceil($totle / $speed);
if ($loop <= $tloop) {
$max = $i + $speed > $totle ? $totle : $i + $speed;
for ($j = $i; $j < $max; $j++) {
MakeArticleHtm($rs[$j]['id']);
echo "文章ID:" . $rs[$j]['id'] . "生成…<span style='color:green;'>√</span><br />";
flush();
}
_header('admincp.php?do=html&operation=create&action=article&cid=' . $cids . '&totle=' . $totle . '&loop=' . ($loop + 1) . '&i=' . $j . $QUERY_STRING);
} else {
_redirect("生成列表", "文章更新完毕", 'create&action=catalog&cid=all', 'article');
}
}
} elseif ($startid && $endid) {
$startid > $endid && !isset($_GET['g']) && alert("开始ID不能大于结束ID");
empty($totle) && ($totle = $endid - $startid + 1);
empty($i) && ($i = $startid);
$tloop = ceil($totle / $speed);
if ($loop <= $tloop) {
$max = $i + $speed > $endid ? $endid : $i + $speed;
for ($j = $i; $j <= $max; $j++) {
MakeArticleHtm($j);
echo "文章ID:{$j}生成…<span style='color:green;'>√</span><br />";
flush();
}
_header('admincp.php?do=html&operation=create&action=article&startid=' . $startid . '&endid=' . $endid . '&g&loop=' . ($loop + 1) . '&i=' . $j . $QUERY_STRING);
function hclear($ctx)
{
$req = $_POST + $_GET;
if (!is_array($req['n'])) {
$req['n'] = array(trim($req['n']));
}
if ($_POST) {
foreach ($req['n'] as $index => $n) {
$n = trim($n);
if (!strlen($n)) {
continue;
}
$this->ssdb->hclear($n);
}
_redirect($_POST['jump']);
}
$ctx->ns = $req['n'];
$ctx->jump = $_SERVER['HTTP_REFERER'];
if (!$ctx->jump) {
$ctx->jump = _url('hash/hscan', array('n' => $n));
}
}
<?php
$post = new stdClass();
$post->postBody = '';
$post->postTitle = '';
$post->slug = '';
if ($id) {
$post = db_select('post', 'p')->where()->condition('postId', $id)->getSingleResult();
if ($post) {
$post = _getTranslationStrings($post, array('postTitle', 'postBody'), $lang);
} else {
_redirect('admin/property/list');
}
}
$condition = array('deleted' => null);
if ($id) {
$condition[] = db_and(array('catId' => $post->catId, 'deleted !=' => null));
}
$categories = db_select('category')->orWhere($condition)->orderBy('catName')->getResult();
/**
* Redirect to 404 page
* @return void
*/
function _page404()
{
_redirect('404');
}
