function DoModify() { $id = (int) get_param('id'); $info = DB::fetch_first("select * from " . DB::table('output') . " where `id`='{$id}'"); if (!$info) { $this->Messager('您要编辑的内容已经不存在了'); } $data = get_param('data'); $data['name'] = trim($data['name']); $data['lock_host'] = trim(strtolower($data['lock_host'])); $data['content_default'] = strip_tags($data['content_default']); $data['type_first'] = $data['type_first'] ? 1 : 0; $data['per_page_num'] = max(0, (int) $data['per_page_num']); $data['width'] = $data['width'] ? $data['width'] : '100%'; $data['height'] = $data['height'] ? $data['height'] : '1000px'; $data['tpl_enable'] = $data['tpl_enable'] ? 1 : 0; if ($data['tpl_enable'] && true === JISHIGOU_FOUNDER) { $data['tpl_file'] = $data['tpl_file'] && false !== strpos($data['tpl_file'], 'output/') ? dir_safe(str_replace(array('.html', '.htm'), '', $data['tpl_file'])) : 'output/output_' . $id; $data['tpl_data'] = trim($data['tpl_data']); if ($data['tpl_enable']) { $tpl_file = ROOT_PATH . 'templates/default/' . $data['tpl_file'] . '.html'; jio()->MakeDir(dirname($tpl_file)); jio()->WriteFile($tpl_file, jstripslashes($data['tpl_data'])); } } else { unset($data['tpl_file']); } unset($data['tpl_data']); DB::update('output', $data, array('id' => $id)); $this->Messager('修改成功'); }
function doUnlink($pic) { $pic = dir_safe($pic); if (!$pic) { return false; } $pic = str_replace(array('\\'), array('/'), $pic); $pic = str_replace(array('/' . '/', '/./', '././'), array('/', '/', './'), $pic); if (false !== strpos($pic, '../')) { return false; } $exp = '~^(\\./){0,2}images/event/\\d{10}' . MEMBER_ID . '_b\\.(jpg|jpeg|gif|png|bmp)$~'; if (preg_match($exp, $pic)) { unlink($pic); unlink(strtr($pic, '_b.', '_s.')); return true; } else { return false; } }
function DoModify() { if (isset($this->Post['show'])) { jconf::set('show', $this->Post['show']); } if (isset($this->Post['cache'])) { jconf::set('cache', $this->Post['cache']); } cache_clear(); $config = array(); if ($this->Post['template_path'] != "" && $this->Post['template_path'] != $this->Config['template_path']) { $this->Post['template_path'] = dir_safe($this->Post['template_path']); $config['template_path'] = $this->Post['template_path']; } if (isset($this->Post['templatedeveloper']) && $this->Post['templatedeveloper'] != $this->Config['templatedeveloper']) { $config['templatedeveloper'] = $this->Post['templatedeveloper'] ? 1 : 0; } if (isset($this->Post['style_three_tol']) && $this->Post['style_three_tol'] != $this->Config['style_three_tol']) { $config['style_three_tol'] = $this->Post['style_three_tol'] ? 1 : 0; } if ($config) { jconf::update($config); } $this->Messager("设置成功"); }
public function modify_left_icon() { $key = $this->Get['key']; $group = $this->Get['group']; $name = $this->Get['name']; $file = $key; $slide = $this->Post['slide']; if ($_FILES[$file]['name']) { $image_name = dir_safe($key) . ".jpg"; $image_path = RELATIVE_ROOT_PATH . 'images/lefticon/'; $image_file = $image_path . $image_name; if (!is_dir($image_path)) { jio()->MakeDir($image_path); } jupload()->init($image_path, $file, true); jupload()->setMaxSize(512); jupload()->setNewName($image_name); $result = jupload()->doUpload(); if ($result) { $result = is_image($image_file); } if (!$result) { $this->_js_output('alert("图片上传失败");'); } image_thumb($image_file, $image_file, 100, 100); if ($this->Config['ftp_on']) { $ftp_key = randgetftp(); $get_ftps = jconf::get('ftp'); $site_url = $get_ftps[$ftp_key]['attachurl']; $ftp_result = ftpcmd('upload', $image_file, '', $ftp_key); if ($ftp_result > 0) { jio()->DeleteFile($image_file); $image_file = $site_url . '/' . str_replace('./', '', $image_file); } } } else { echo "<script type='text/javascript'>"; echo "alert('没有图片');"; echo "</script>"; exit; } $slide_config = jconf::get('left_navigation'); foreach ($slide_config[$group] as &$v) { if ($v['code'] == $name) { $v['icon'] = $image_file; } } jconf::set('left_navigation', $slide_config); echo "<script type='text/javascript'>"; echo "parent.document.getElementById('show_image_{$key}').src='{$image_file}';"; echo "parent.document.getElementById('show_image_{$key}').style.display='block';"; echo "parent.document.getElementById('show_image_{$key}_value').value='{$image_file}';"; echo "parent.document.location.reload();"; echo "</script>"; exit; }
function DoExport() { global $sizelimit, $startrow, $extendins, $sqlcompat, $sqlcharset, $dumpcharset, $usehex, $complete, $excepttables; $excepttables = array(TABLE_PREFIX . "sessions", TABLE_PREFIX . "cache"); $time = $timestamp = time(); $tablepre = TABLE_PREFIX; $this->DatabaseHandler->Query('SET SQL_QUOTE_SHOW_CREATE=1', 'SKIP_ERROR'); $filename = get_param('filename'); if (!$filename || preg_match("/(\\.)(exe|php|jsp|asp|aspx|cgi|fcgi|pl)(\\.|\$)/i", $filename) || !preg_match('~^[\\w\\d\\-\\_]+$~', $filename)) { $this->Messager("备份文件名无效"); } $type = get_param('type'); $setup = get_param('setup'); $customtables = get_param('customtables'); $startrow = get_param('startrow'); $extendins = get_param('extendins'); $usehex = get_param('usehex'); $usezip = get_param('usezip'); $sizelimit = get_param('sizelimit'); $volume = (int) get_param('volume'); $method = 'multivol'; $sqlcharset = get_param('sqlcharset'); $sqlcompat = get_param('sqlcompat'); if ($type == 'all_tables') { $tables = $this->_array_keys2($this->_fetch_table_list($tablepre), 'Name'); } elseif ($type == 'custom') { $tables = array(); $cache_id = "tables"; if (empty($setup)) { $tables = cache_file('get', $cache_id); } else { cache_file('set', $cache_id, $customtables); $tables =& $customtables; } if (!is_array($tables) || empty($tables)) { $this->Messager("没有要导出的数据表"); } } $volume = intval($volume) + 1; $idstring = '# Identify: ' . base64_encode("{$timestamp}," . SYS_VERSION . ",{$type},{$method},{$volume}") . "\n"; $dumpcharset = $sqlcharset ? $sqlcharset : str_replace('-', '', $this->Config['charset']); $setnames = $sqlcharset && $this->DatabaseHandler->GetVersion() > '4.1' && (!$sqlcompat || $sqlcompat == 'MYSQL41') ? "SET NAMES '{$dumpcharset}';\n\n" : ''; if ($this->DatabaseHandler->GetVersion() > '4.1') { if ($sqlcharset) { $this->DatabaseHandler->Query("SET NAMES '" . $sqlcharset . "';\n\n"); } if ($sqlcompat == 'MYSQL40') { $this->DatabaseHandler->Query("SET SQL_MODE='MYSQL40'"); } elseif ($sqlcompat == 'MYSQL41') { $this->DatabaseHandler->Query("SET SQL_MODE=''"); } } $f = str_replace(array('/', '\\', '.'), '', $filename); $f = dir_safe($f); $backupdir = 'db/' . $f; $backupfilename = './data/backup/' . $backupdir . '/' . $f; if (!is_dir($d = dirname($backupfilename))) { jio()->MakeDir($d); } if ($usezip) { require_once ROOT_PATH . 'include/func/zip.func.php'; } if ($method == 'multivol') { $sqldump = ''; $tableid = intval(get_param('tableid')); $startfrom = intval(get_param('startfrom')); $complete = TRUE; for (; $complete && $tableid < count($tables) && strlen($sqldump) + 500 < $sizelimit * 1000; $tableid++) { $sqldump .= $this->_sql_dump_table($tables[$tableid], $startfrom, strlen($sqldump)); if ($complete) { $startfrom = 0; } } $dumpfile = $backupfilename . "-%s" . '.sql'; !$complete && $tableid--; if (trim($sqldump)) { $sqldump = "{$idstring}" . "# <?php exit(); ?>\n" . "# JishiGou Multi-Volume Data Dump Vol.{$volume}\n" . "# Version: JishiGou " . SYS_VERSION . "\n" . "# Time: {$time}\n" . "# Type: {$type}\n" . "# Table Prefix: {$tablepre}\n" . "#\n" . "# JishiGou Home: http:\\/\\/www.jishigou.net\n" . "# Please visit our website for newest infomation about JishiGou\n" . "# --------------------------------------------------------\n\n\n" . "{$setnames}" . $sqldump; $dumpfilename = sprintf($dumpfile, $volume); $fp = fopen($dumpfilename, 'wb'); flock($fp, 2); if (!fwrite($fp, $sqldump)) { fclose($fp); $this->Messager("备份文件写入失败,请检查是否有足够的权限或联系管理员"); } else { fclose($fp); if ($usezip == 2) { $fp = @fopen($dumpfilename, "r"); $content = @fread($fp, filesize($dumpfilename)); fclose($fp); $zip = new zipfile(); $zip->addFile($content, basename($dumpfilename)); $fp = @fopen(sprintf($backupfilename . "-%s" . '.zip', $volume), 'w'); if (fwrite($fp, $zip->file()) !== FALSE) { @unlink($dumpfilename); } fclose($fp); } unset($sqldump, $zip, $content); $this->Messager("分卷备份: 数据文件 #{$volume} 成功创建,程序将自动继续。\r\n", "admin.php?mod=db&code=doexport&type=" . rawurlencode($type) . "&saveto=server&filename=" . rawurlencode($filename) . "&method=multivol&sizelimit=" . rawurlencode($sizelimit) . "&volume=" . rawurlencode($volume) . "&tableid=" . rawurlencode($tableid) . "&startfrom=" . rawurlencode($startrow) . "&extendins=" . rawurlencode($extendins) . "&sqlcharset=" . rawurlencode($sqlcharset) . "&sqlcompat=" . rawurlencode($sqlcompat) . "&exportsubmit=yes&usehex={$usehex}&usezip={$usezip}"); } } else { $volume--; $filelist = '<ul>'; if ($usezip == 1) { $zip = new zipfile(); $zipfilename = $backupfilename . '.zip'; $unlinks = array(); for ($i = 1; $i <= $volume; $i++) { $filename = sprintf($dumpfile, $i); $fp = @fopen($filename, "r"); $content = @fread($fp, filesize($filename)); fclose($fp); $zip->addFile($content, basename($filename)); $unlinks[] = $filename; $filelist .= "<li><a href=\"{$filename}\">{$filename}</a></li>\n"; } $fp = @fopen($zipfilename, 'w'); if (fwrite($fp, $zip->file()) !== FALSE) { foreach ($unlinks as $f) { jio()->DeleteFile($f); } } else { $this->Messager('database_export_multivol_succeed'); } unset($sqldump, $zip, $content); fclose($fp); touch('./data/backup/' . $backupdir . '/index.htm'); $filename = $zipfilename; $this->Messager("数据成功备份并压缩至服务器 data/backup/db/ 目录下。<br />" . (true === JISHIGOU_FOUNDER ? $filelist : ""), null); } else { touch('./data/backup/' . $backupdir . '/index.htm'); for ($i = 1; $i <= $volume; $i++) { $filename = sprintf($usezip == 2 ? $backupfilename . "-%s" . '.zip' : $dumpfile, $i); $filelist .= "<li><a href=\"{$filename}\">{$filename}</a></li>\n"; } $this->Messager("恭喜您,全部 {$volume} 个备份文件成功创建,备份完成。\r\n" . (true === JISHIGOU_FOUNDER ? $filelist : "<br />文件备份在 data/backup/db/ 目录下"), null); } } } else { $tablesstr = ''; foreach ($tables as $table) { $tablesstr .= '"' . $table . '" '; } $query = $this->DatabaseHandler->Query("SHOW VARIABLES LIKE 'basedir'"); list(, $mysql_base) = $query->GetRow('row'); $dumpfile = addslashes(dirname(dirname(__FILE__))) . '/' . $backupfilename . '.sql'; @unlink($dumpfile); $mysqlbin = $mysql_base == '/' ? '' : addslashes($mysql_base) . 'bin/'; @shell_exec($mysqlbin . 'mysqldump --force --quick ' . ($this->DatabaseHandler->GetVersion() > '4.1' ? '--skip-opt --create-options' : '-all') . ' --add-drop-table' . ($extendins == 1 ? ' --extended-insert' : '') . '' . ($this->DatabaseHandler->GetVersion() > '4.1' && $sqlcompat == 'MYSQL40' ? ' --compatible=mysql40' : '') . ' --host="' . $this->Config['db_host'] . ($this->Config['db_port'] ? is_numeric($this->Config['db_port']) ? ' --port=' . $this->Config['db_port'] : ' --socket="' . $this->Config['db_port'] . '"' : '') . '" --user="******" --password="******" "' . $this->Config['db_name'] . '" ' . $tablesstr . ' > ' . $dumpfile); if (is_file($dumpfile)) { if ($usezip) { require_once ROOT_PATH . 'include/func/zip.func.php'; $zip = new zipfile(); $zipfilename = $backupfilename . '.zip'; $fp = @fopen($dumpfile, "r"); $content = @fread($fp, filesize($dumpfile)); fclose($fp); $zip->addFile($idstring . "# <?exit();?>\n " . $setnames . "\n #" . $content, basename($dumpfile)); $fp = @fopen($zipfilename, 'w'); fwrite($fp, $zip->file()); fclose($fp); @unlink($dumpfile); touch('./data/backup/' . $backupdir . '/index.htm'); $filename = $backupfilename . '.zip'; unset($sqldump, $zip, $content); $this->Messager('database_export_zip_succeed'); } else { if (is_writeable($dumpfile)) { $fp = @fopen($dumpfile, 'rb+'); fwrite($fp, $idstring . "# <?exit();?>\n " . $setnames . "\n #"); fclose($fp); } touch('./data/backup/' . $backupdir . '/index.htm'); $filename = $backupfilename . '.sql'; $this->Messager('database_export_succeed'); } } else { $this->Messager('database_shell_fail'); } } }
function DoAddMyBlackList() { $uid = MEMBER_ID; if ($uid < 1) { json_error("请先登录或者注册一个帐号"); } $touid = (int) $this->Post['touid']; if ($touid < 1) { json_error("请指定要拉黑的用户"); } $member = $this->TopicLogic->GetMember($touid); if (!$member) { json_error("请指定一个正确的用户ID"); } $types = $this->Post['types']; $follow_html = $this->_AddBlackList($uid, $touid, $types); $template = $this->Post['template']; if ($template) { $template = dir_safe($template); include template($template); } }
function writelog($file, $log) { $logdir = ROOT_PATH . './data/log/'; $file = dir_safe($file); $logfile = $logdir . $file . '.php'; if (!is_dir($logdir)) { jmkdir($logdir); } $log = is_array($log) ? $log : array($log); return jio()->WriteFile($logfile, '<?php $log=' . var_export($log, 'true') . '?>'); }