function DoModify()
{
$id = (int) get_param('id');
$info = DB::fetch_first("select * from " . DB::table('output') . " where `id`='{$id}'");
if (!$info) {
$this->Messager('您要编辑的内容已经不存在了');
}
$data = get_param('data');
$data['name'] = trim($data['name']);
$data['lock_host'] = trim(strtolower($data['lock_host']));
$data['content_default'] = strip_tags($data['content_default']);
$data['type_first'] = $data['type_first'] ? 1 : 0;
$data['per_page_num'] = max(0, (int) $data['per_page_num']);
$data['width'] = $data['width'] ? $data['width'] : '100%';
$data['height'] = $data['height'] ? $data['height'] : '1000px';
$data['tpl_enable'] = $data['tpl_enable'] ? 1 : 0;
if ($data['tpl_enable'] && true === JISHIGOU_FOUNDER) {
$data['tpl_file'] = $data['tpl_file'] && false !== strpos($data['tpl_file'], 'output/') ? dir_safe(str_replace(array('.html', '.htm'), '', $data['tpl_file'])) : 'output/output_' . $id;
$data['tpl_data'] = trim($data['tpl_data']);
if ($data['tpl_enable']) {
$tpl_file = ROOT_PATH . 'templates/default/' . $data['tpl_file'] . '.html';
jio()->MakeDir(dirname($tpl_file));
jio()->WriteFile($tpl_file, jstripslashes($data['tpl_data']));
}
} else {
unset($data['tpl_file']);
}
unset($data['tpl_data']);
DB::update('output', $data, array('id' => $id));
$this->Messager('修改成功');
}
function doUnlink($pic)
{
$pic = dir_safe($pic);
if (!$pic) {
return false;
}
$pic = str_replace(array('\\'), array('/'), $pic);
$pic = str_replace(array('/' . '/', '/./', '././'), array('/', '/', './'), $pic);
if (false !== strpos($pic, '../')) {
return false;
}
$exp = '~^(\\./){0,2}images/event/\\d{10}' . MEMBER_ID . '_b\\.(jpg|jpeg|gif|png|bmp)$~';
if (preg_match($exp, $pic)) {
unlink($pic);
unlink(strtr($pic, '_b.', '_s.'));
return true;
} else {
return false;
}
}
function DoModify()
{
if (isset($this->Post['show'])) {
jconf::set('show', $this->Post['show']);
}
if (isset($this->Post['cache'])) {
jconf::set('cache', $this->Post['cache']);
}
cache_clear();
$config = array();
if ($this->Post['template_path'] != "" && $this->Post['template_path'] != $this->Config['template_path']) {
$this->Post['template_path'] = dir_safe($this->Post['template_path']);
$config['template_path'] = $this->Post['template_path'];
}
if (isset($this->Post['templatedeveloper']) && $this->Post['templatedeveloper'] != $this->Config['templatedeveloper']) {
$config['templatedeveloper'] = $this->Post['templatedeveloper'] ? 1 : 0;
}
if (isset($this->Post['style_three_tol']) && $this->Post['style_three_tol'] != $this->Config['style_three_tol']) {
$config['style_three_tol'] = $this->Post['style_three_tol'] ? 1 : 0;
}
if ($config) {
jconf::update($config);
}
$this->Messager("设置成功");
}
public function modify_left_icon()
{
$key = $this->Get['key'];
$group = $this->Get['group'];
$name = $this->Get['name'];
$file = $key;
$slide = $this->Post['slide'];
if ($_FILES[$file]['name']) {
$image_name = dir_safe($key) . ".jpg";
$image_path = RELATIVE_ROOT_PATH . 'images/lefticon/';
$image_file = $image_path . $image_name;
if (!is_dir($image_path)) {
jio()->MakeDir($image_path);
}
jupload()->init($image_path, $file, true);
jupload()->setMaxSize(512);
jupload()->setNewName($image_name);
$result = jupload()->doUpload();
if ($result) {
$result = is_image($image_file);
}
if (!$result) {
$this->_js_output('alert("图片上传失败");');
}
image_thumb($image_file, $image_file, 100, 100);
if ($this->Config['ftp_on']) {
$ftp_key = randgetftp();
$get_ftps = jconf::get('ftp');
$site_url = $get_ftps[$ftp_key]['attachurl'];
$ftp_result = ftpcmd('upload', $image_file, '', $ftp_key);
if ($ftp_result > 0) {
jio()->DeleteFile($image_file);
$image_file = $site_url . '/' . str_replace('./', '', $image_file);
}
}
} else {
echo "<script type='text/javascript'>";
echo "alert('没有图片');";
echo "</script>";
exit;
}
$slide_config = jconf::get('left_navigation');
foreach ($slide_config[$group] as &$v) {
if ($v['code'] == $name) {
$v['icon'] = $image_file;
}
}
jconf::set('left_navigation', $slide_config);
echo "<script type='text/javascript'>";
echo "parent.document.getElementById('show_image_{$key}').src='{$image_file}';";
echo "parent.document.getElementById('show_image_{$key}').style.display='block';";
echo "parent.document.getElementById('show_image_{$key}_value').value='{$image_file}';";
echo "parent.document.location.reload();";
echo "</script>";
exit;
}
function DoExport()
{
global $sizelimit, $startrow, $extendins, $sqlcompat, $sqlcharset, $dumpcharset, $usehex, $complete, $excepttables;
$excepttables = array(TABLE_PREFIX . "sessions", TABLE_PREFIX . "cache");
$time = $timestamp = time();
$tablepre = TABLE_PREFIX;
$this->DatabaseHandler->Query('SET SQL_QUOTE_SHOW_CREATE=1', 'SKIP_ERROR');
$filename = get_param('filename');
if (!$filename || preg_match("/(\\.)(exe|php|jsp|asp|aspx|cgi|fcgi|pl)(\\.|\$)/i", $filename) || !preg_match('~^[\\w\\d\\-\\_]+$~', $filename)) {
$this->Messager("备份文件名无效");
}
$type = get_param('type');
$setup = get_param('setup');
$customtables = get_param('customtables');
$startrow = get_param('startrow');
$extendins = get_param('extendins');
$usehex = get_param('usehex');
$usezip = get_param('usezip');
$sizelimit = get_param('sizelimit');
$volume = (int) get_param('volume');
$method = 'multivol';
$sqlcharset = get_param('sqlcharset');
$sqlcompat = get_param('sqlcompat');
if ($type == 'all_tables') {
$tables = $this->_array_keys2($this->_fetch_table_list($tablepre), 'Name');
} elseif ($type == 'custom') {
$tables = array();
$cache_id = "tables";
if (empty($setup)) {
$tables = cache_file('get', $cache_id);
} else {
cache_file('set', $cache_id, $customtables);
$tables =& $customtables;
}
if (!is_array($tables) || empty($tables)) {
$this->Messager("没有要导出的数据表");
}
}
$volume = intval($volume) + 1;
$idstring = '# Identify: ' . base64_encode("{$timestamp}," . SYS_VERSION . ",{$type},{$method},{$volume}") . "\n";
$dumpcharset = $sqlcharset ? $sqlcharset : str_replace('-', '', $this->Config['charset']);
$setnames = $sqlcharset && $this->DatabaseHandler->GetVersion() > '4.1' && (!$sqlcompat || $sqlcompat == 'MYSQL41') ? "SET NAMES '{$dumpcharset}';\n\n" : '';
if ($this->DatabaseHandler->GetVersion() > '4.1') {
if ($sqlcharset) {
$this->DatabaseHandler->Query("SET NAMES '" . $sqlcharset . "';\n\n");
}
if ($sqlcompat == 'MYSQL40') {
$this->DatabaseHandler->Query("SET SQL_MODE='MYSQL40'");
} elseif ($sqlcompat == 'MYSQL41') {
$this->DatabaseHandler->Query("SET SQL_MODE=''");
}
}
$f = str_replace(array('/', '\\', '.'), '', $filename);
$f = dir_safe($f);
$backupdir = 'db/' . $f;
$backupfilename = './data/backup/' . $backupdir . '/' . $f;
if (!is_dir($d = dirname($backupfilename))) {
jio()->MakeDir($d);
}
if ($usezip) {
require_once ROOT_PATH . 'include/func/zip.func.php';
}
if ($method == 'multivol') {
$sqldump = '';
$tableid = intval(get_param('tableid'));
$startfrom = intval(get_param('startfrom'));
$complete = TRUE;
for (; $complete && $tableid < count($tables) && strlen($sqldump) + 500 < $sizelimit * 1000; $tableid++) {
$sqldump .= $this->_sql_dump_table($tables[$tableid], $startfrom, strlen($sqldump));
if ($complete) {
$startfrom = 0;
}
}
$dumpfile = $backupfilename . "-%s" . '.sql';
!$complete && $tableid--;
if (trim($sqldump)) {
$sqldump = "{$idstring}" . "# <?php exit(); ?>\n" . "# JishiGou Multi-Volume Data Dump Vol.{$volume}\n" . "# Version: JishiGou " . SYS_VERSION . "\n" . "# Time: {$time}\n" . "# Type: {$type}\n" . "# Table Prefix: {$tablepre}\n" . "#\n" . "# JishiGou Home: http:\\/\\/www.jishigou.net\n" . "# Please visit our website for newest infomation about JishiGou\n" . "# --------------------------------------------------------\n\n\n" . "{$setnames}" . $sqldump;
$dumpfilename = sprintf($dumpfile, $volume);
$fp = fopen($dumpfilename, 'wb');
flock($fp, 2);
if (!fwrite($fp, $sqldump)) {
fclose($fp);
$this->Messager("备份文件写入失败,请检查是否有足够的权限或联系管理员");
} else {
fclose($fp);
if ($usezip == 2) {
$fp = @fopen($dumpfilename, "r");
$content = @fread($fp, filesize($dumpfilename));
fclose($fp);
$zip = new zipfile();
$zip->addFile($content, basename($dumpfilename));
$fp = @fopen(sprintf($backupfilename . "-%s" . '.zip', $volume), 'w');
if (fwrite($fp, $zip->file()) !== FALSE) {
@unlink($dumpfilename);
}
fclose($fp);
}
unset($sqldump, $zip, $content);
$this->Messager("分卷备份: 数据文件 #{$volume} 成功创建,程序将自动继续。\r\n", "admin.php?mod=db&code=doexport&type=" . rawurlencode($type) . "&saveto=server&filename=" . rawurlencode($filename) . "&method=multivol&sizelimit=" . rawurlencode($sizelimit) . "&volume=" . rawurlencode($volume) . "&tableid=" . rawurlencode($tableid) . "&startfrom=" . rawurlencode($startrow) . "&extendins=" . rawurlencode($extendins) . "&sqlcharset=" . rawurlencode($sqlcharset) . "&sqlcompat=" . rawurlencode($sqlcompat) . "&exportsubmit=yes&usehex={$usehex}&usezip={$usezip}");
}
} else {
$volume--;
$filelist = '<ul>';
if ($usezip == 1) {
$zip = new zipfile();
$zipfilename = $backupfilename . '.zip';
$unlinks = array();
for ($i = 1; $i <= $volume; $i++) {
$filename = sprintf($dumpfile, $i);
$fp = @fopen($filename, "r");
$content = @fread($fp, filesize($filename));
fclose($fp);
$zip->addFile($content, basename($filename));
$unlinks[] = $filename;
$filelist .= "<li><a href=\"{$filename}\">{$filename}</a></li>\n";
}
$fp = @fopen($zipfilename, 'w');
if (fwrite($fp, $zip->file()) !== FALSE) {
foreach ($unlinks as $f) {
jio()->DeleteFile($f);
}
} else {
$this->Messager('database_export_multivol_succeed');
}
unset($sqldump, $zip, $content);
fclose($fp);
touch('./data/backup/' . $backupdir . '/index.htm');
$filename = $zipfilename;
$this->Messager("数据成功备份并压缩至服务器 data/backup/db/ 目录下。<br />" . (true === JISHIGOU_FOUNDER ? $filelist : ""), null);
} else {
touch('./data/backup/' . $backupdir . '/index.htm');
for ($i = 1; $i <= $volume; $i++) {
$filename = sprintf($usezip == 2 ? $backupfilename . "-%s" . '.zip' : $dumpfile, $i);
$filelist .= "<li><a href=\"{$filename}\">{$filename}</a></li>\n";
}
$this->Messager("恭喜您,全部 {$volume} 个备份文件成功创建,备份完成。\r\n" . (true === JISHIGOU_FOUNDER ? $filelist : "<br />文件备份在 data/backup/db/ 目录下"), null);
}
}
} else {
$tablesstr = '';
foreach ($tables as $table) {
$tablesstr .= '"' . $table . '" ';
}
$query = $this->DatabaseHandler->Query("SHOW VARIABLES LIKE 'basedir'");
list(, $mysql_base) = $query->GetRow('row');
$dumpfile = addslashes(dirname(dirname(__FILE__))) . '/' . $backupfilename . '.sql';
@unlink($dumpfile);
$mysqlbin = $mysql_base == '/' ? '' : addslashes($mysql_base) . 'bin/';
@shell_exec($mysqlbin . 'mysqldump --force --quick ' . ($this->DatabaseHandler->GetVersion() > '4.1' ? '--skip-opt --create-options' : '-all') . ' --add-drop-table' . ($extendins == 1 ? ' --extended-insert' : '') . '' . ($this->DatabaseHandler->GetVersion() > '4.1' && $sqlcompat == 'MYSQL40' ? ' --compatible=mysql40' : '') . ' --host="' . $this->Config['db_host'] . ($this->Config['db_port'] ? is_numeric($this->Config['db_port']) ? ' --port=' . $this->Config['db_port'] : ' --socket="' . $this->Config['db_port'] . '"' : '') . '" --user="******" --password="******" "' . $this->Config['db_name'] . '" ' . $tablesstr . ' > ' . $dumpfile);
if (is_file($dumpfile)) {
if ($usezip) {
require_once ROOT_PATH . 'include/func/zip.func.php';
$zip = new zipfile();
$zipfilename = $backupfilename . '.zip';
$fp = @fopen($dumpfile, "r");
$content = @fread($fp, filesize($dumpfile));
fclose($fp);
$zip->addFile($idstring . "# <?exit();?>\n " . $setnames . "\n #" . $content, basename($dumpfile));
$fp = @fopen($zipfilename, 'w');
fwrite($fp, $zip->file());
fclose($fp);
@unlink($dumpfile);
touch('./data/backup/' . $backupdir . '/index.htm');
$filename = $backupfilename . '.zip';
unset($sqldump, $zip, $content);
$this->Messager('database_export_zip_succeed');
} else {
if (is_writeable($dumpfile)) {
$fp = @fopen($dumpfile, 'rb+');
fwrite($fp, $idstring . "# <?exit();?>\n " . $setnames . "\n #");
fclose($fp);
}
touch('./data/backup/' . $backupdir . '/index.htm');
$filename = $backupfilename . '.sql';
$this->Messager('database_export_succeed');
}
} else {
$this->Messager('database_shell_fail');
}
}
}
function DoAddMyBlackList()
{
$uid = MEMBER_ID;
if ($uid < 1) {
json_error("请先登录或者注册一个帐号");
}
$touid = (int) $this->Post['touid'];
if ($touid < 1) {
json_error("请指定要拉黑的用户");
}
$member = $this->TopicLogic->GetMember($touid);
if (!$member) {
json_error("请指定一个正确的用户ID");
}
$types = $this->Post['types'];
$follow_html = $this->_AddBlackList($uid, $touid, $types);
$template = $this->Post['template'];
if ($template) {
$template = dir_safe($template);
include template($template);
}
}
function writelog($file, $log)
{
$logdir = ROOT_PATH . './data/log/';
$file = dir_safe($file);
$logfile = $logdir . $file . '.php';
if (!is_dir($logdir)) {
jmkdir($logdir);
}
$log = is_array($log) ? $log : array($log);
return jio()->WriteFile($logfile, '<?php $log=' . var_export($log, 'true') . '?>');
}