Example #1
0
 function DoModify()
 {
     $id = (int) get_param('id');
     $info = DB::fetch_first("select * from " . DB::table('output') . " where `id`='{$id}'");
     if (!$info) {
         $this->Messager('您要编辑的内容已经不存在了');
     }
     $data = get_param('data');
     $data['name'] = trim($data['name']);
     $data['lock_host'] = trim(strtolower($data['lock_host']));
     $data['content_default'] = strip_tags($data['content_default']);
     $data['type_first'] = $data['type_first'] ? 1 : 0;
     $data['per_page_num'] = max(0, (int) $data['per_page_num']);
     $data['width'] = $data['width'] ? $data['width'] : '100%';
     $data['height'] = $data['height'] ? $data['height'] : '1000px';
     $data['tpl_enable'] = $data['tpl_enable'] ? 1 : 0;
     if ($data['tpl_enable'] && true === JISHIGOU_FOUNDER) {
         $data['tpl_file'] = $data['tpl_file'] && false !== strpos($data['tpl_file'], 'output/') ? dir_safe(str_replace(array('.html', '.htm'), '', $data['tpl_file'])) : 'output/output_' . $id;
         $data['tpl_data'] = trim($data['tpl_data']);
         if ($data['tpl_enable']) {
             $tpl_file = ROOT_PATH . 'templates/default/' . $data['tpl_file'] . '.html';
             jio()->MakeDir(dirname($tpl_file));
             jio()->WriteFile($tpl_file, jstripslashes($data['tpl_data']));
         }
     } else {
         unset($data['tpl_file']);
     }
     unset($data['tpl_data']);
     DB::update('output', $data, array('id' => $id));
     $this->Messager('修改成功');
 }
Example #2
0
 function doUnlink($pic)
 {
     $pic = dir_safe($pic);
     if (!$pic) {
         return false;
     }
     $pic = str_replace(array('\\'), array('/'), $pic);
     $pic = str_replace(array('/' . '/', '/./', '././'), array('/', '/', './'), $pic);
     if (false !== strpos($pic, '../')) {
         return false;
     }
     $exp = '~^(\\./){0,2}images/event/\\d{10}' . MEMBER_ID . '_b\\.(jpg|jpeg|gif|png|bmp)$~';
     if (preg_match($exp, $pic)) {
         unlink($pic);
         unlink(strtr($pic, '_b.', '_s.'));
         return true;
     } else {
         return false;
     }
 }
Example #3
0
 function DoModify()
 {
     if (isset($this->Post['show'])) {
         jconf::set('show', $this->Post['show']);
     }
     if (isset($this->Post['cache'])) {
         jconf::set('cache', $this->Post['cache']);
     }
     cache_clear();
     $config = array();
     if ($this->Post['template_path'] != "" && $this->Post['template_path'] != $this->Config['template_path']) {
         $this->Post['template_path'] = dir_safe($this->Post['template_path']);
         $config['template_path'] = $this->Post['template_path'];
     }
     if (isset($this->Post['templatedeveloper']) && $this->Post['templatedeveloper'] != $this->Config['templatedeveloper']) {
         $config['templatedeveloper'] = $this->Post['templatedeveloper'] ? 1 : 0;
     }
     if (isset($this->Post['style_three_tol']) && $this->Post['style_three_tol'] != $this->Config['style_three_tol']) {
         $config['style_three_tol'] = $this->Post['style_three_tol'] ? 1 : 0;
     }
     if ($config) {
         jconf::update($config);
     }
     $this->Messager("设置成功");
 }
Example #4
0
 public function modify_left_icon()
 {
     $key = $this->Get['key'];
     $group = $this->Get['group'];
     $name = $this->Get['name'];
     $file = $key;
     $slide = $this->Post['slide'];
     if ($_FILES[$file]['name']) {
         $image_name = dir_safe($key) . ".jpg";
         $image_path = RELATIVE_ROOT_PATH . 'images/lefticon/';
         $image_file = $image_path . $image_name;
         if (!is_dir($image_path)) {
             jio()->MakeDir($image_path);
         }
         jupload()->init($image_path, $file, true);
         jupload()->setMaxSize(512);
         jupload()->setNewName($image_name);
         $result = jupload()->doUpload();
         if ($result) {
             $result = is_image($image_file);
         }
         if (!$result) {
             $this->_js_output('alert("图片上传失败");');
         }
         image_thumb($image_file, $image_file, 100, 100);
         if ($this->Config['ftp_on']) {
             $ftp_key = randgetftp();
             $get_ftps = jconf::get('ftp');
             $site_url = $get_ftps[$ftp_key]['attachurl'];
             $ftp_result = ftpcmd('upload', $image_file, '', $ftp_key);
             if ($ftp_result > 0) {
                 jio()->DeleteFile($image_file);
                 $image_file = $site_url . '/' . str_replace('./', '', $image_file);
             }
         }
     } else {
         echo "<script type='text/javascript'>";
         echo "alert('没有图片');";
         echo "</script>";
         exit;
     }
     $slide_config = jconf::get('left_navigation');
     foreach ($slide_config[$group] as &$v) {
         if ($v['code'] == $name) {
             $v['icon'] = $image_file;
         }
     }
     jconf::set('left_navigation', $slide_config);
     echo "<script type='text/javascript'>";
     echo "parent.document.getElementById('show_image_{$key}').src='{$image_file}';";
     echo "parent.document.getElementById('show_image_{$key}').style.display='block';";
     echo "parent.document.getElementById('show_image_{$key}_value').value='{$image_file}';";
     echo "parent.document.location.reload();";
     echo "</script>";
     exit;
 }
Example #5
0
 function DoExport()
 {
     global $sizelimit, $startrow, $extendins, $sqlcompat, $sqlcharset, $dumpcharset, $usehex, $complete, $excepttables;
     $excepttables = array(TABLE_PREFIX . "sessions", TABLE_PREFIX . "cache");
     $time = $timestamp = time();
     $tablepre = TABLE_PREFIX;
     $this->DatabaseHandler->Query('SET SQL_QUOTE_SHOW_CREATE=1', 'SKIP_ERROR');
     $filename = get_param('filename');
     if (!$filename || preg_match("/(\\.)(exe|php|jsp|asp|aspx|cgi|fcgi|pl)(\\.|\$)/i", $filename) || !preg_match('~^[\\w\\d\\-\\_]+$~', $filename)) {
         $this->Messager("备份文件名无效");
     }
     $type = get_param('type');
     $setup = get_param('setup');
     $customtables = get_param('customtables');
     $startrow = get_param('startrow');
     $extendins = get_param('extendins');
     $usehex = get_param('usehex');
     $usezip = get_param('usezip');
     $sizelimit = get_param('sizelimit');
     $volume = (int) get_param('volume');
     $method = 'multivol';
     $sqlcharset = get_param('sqlcharset');
     $sqlcompat = get_param('sqlcompat');
     if ($type == 'all_tables') {
         $tables = $this->_array_keys2($this->_fetch_table_list($tablepre), 'Name');
     } elseif ($type == 'custom') {
         $tables = array();
         $cache_id = "tables";
         if (empty($setup)) {
             $tables = cache_file('get', $cache_id);
         } else {
             cache_file('set', $cache_id, $customtables);
             $tables =& $customtables;
         }
         if (!is_array($tables) || empty($tables)) {
             $this->Messager("没有要导出的数据表");
         }
     }
     $volume = intval($volume) + 1;
     $idstring = '# Identify: ' . base64_encode("{$timestamp}," . SYS_VERSION . ",{$type},{$method},{$volume}") . "\n";
     $dumpcharset = $sqlcharset ? $sqlcharset : str_replace('-', '', $this->Config['charset']);
     $setnames = $sqlcharset && $this->DatabaseHandler->GetVersion() > '4.1' && (!$sqlcompat || $sqlcompat == 'MYSQL41') ? "SET NAMES '{$dumpcharset}';\n\n" : '';
     if ($this->DatabaseHandler->GetVersion() > '4.1') {
         if ($sqlcharset) {
             $this->DatabaseHandler->Query("SET NAMES '" . $sqlcharset . "';\n\n");
         }
         if ($sqlcompat == 'MYSQL40') {
             $this->DatabaseHandler->Query("SET SQL_MODE='MYSQL40'");
         } elseif ($sqlcompat == 'MYSQL41') {
             $this->DatabaseHandler->Query("SET SQL_MODE=''");
         }
     }
     $f = str_replace(array('/', '\\', '.'), '', $filename);
     $f = dir_safe($f);
     $backupdir = 'db/' . $f;
     $backupfilename = './data/backup/' . $backupdir . '/' . $f;
     if (!is_dir($d = dirname($backupfilename))) {
         jio()->MakeDir($d);
     }
     if ($usezip) {
         require_once ROOT_PATH . 'include/func/zip.func.php';
     }
     if ($method == 'multivol') {
         $sqldump = '';
         $tableid = intval(get_param('tableid'));
         $startfrom = intval(get_param('startfrom'));
         $complete = TRUE;
         for (; $complete && $tableid < count($tables) && strlen($sqldump) + 500 < $sizelimit * 1000; $tableid++) {
             $sqldump .= $this->_sql_dump_table($tables[$tableid], $startfrom, strlen($sqldump));
             if ($complete) {
                 $startfrom = 0;
             }
         }
         $dumpfile = $backupfilename . "-%s" . '.sql';
         !$complete && $tableid--;
         if (trim($sqldump)) {
             $sqldump = "{$idstring}" . "# <?php exit(); ?>\n" . "# JishiGou Multi-Volume Data Dump Vol.{$volume}\n" . "# Version: JishiGou " . SYS_VERSION . "\n" . "# Time: {$time}\n" . "# Type: {$type}\n" . "# Table Prefix: {$tablepre}\n" . "#\n" . "# JishiGou Home: http:\\/\\/www.jishigou.net\n" . "# Please visit our website for newest infomation about JishiGou\n" . "# --------------------------------------------------------\n\n\n" . "{$setnames}" . $sqldump;
             $dumpfilename = sprintf($dumpfile, $volume);
             $fp = fopen($dumpfilename, 'wb');
             flock($fp, 2);
             if (!fwrite($fp, $sqldump)) {
                 fclose($fp);
                 $this->Messager("备份文件写入失败,请检查是否有足够的权限或联系管理员");
             } else {
                 fclose($fp);
                 if ($usezip == 2) {
                     $fp = @fopen($dumpfilename, "r");
                     $content = @fread($fp, filesize($dumpfilename));
                     fclose($fp);
                     $zip = new zipfile();
                     $zip->addFile($content, basename($dumpfilename));
                     $fp = @fopen(sprintf($backupfilename . "-%s" . '.zip', $volume), 'w');
                     if (fwrite($fp, $zip->file()) !== FALSE) {
                         @unlink($dumpfilename);
                     }
                     fclose($fp);
                 }
                 unset($sqldump, $zip, $content);
                 $this->Messager("分卷备份: 数据文件 #{$volume} 成功创建,程序将自动继续。\r\n", "admin.php?mod=db&code=doexport&type=" . rawurlencode($type) . "&saveto=server&filename=" . rawurlencode($filename) . "&method=multivol&sizelimit=" . rawurlencode($sizelimit) . "&volume=" . rawurlencode($volume) . "&tableid=" . rawurlencode($tableid) . "&startfrom=" . rawurlencode($startrow) . "&extendins=" . rawurlencode($extendins) . "&sqlcharset=" . rawurlencode($sqlcharset) . "&sqlcompat=" . rawurlencode($sqlcompat) . "&exportsubmit=yes&usehex={$usehex}&usezip={$usezip}");
             }
         } else {
             $volume--;
             $filelist = '<ul>';
             if ($usezip == 1) {
                 $zip = new zipfile();
                 $zipfilename = $backupfilename . '.zip';
                 $unlinks = array();
                 for ($i = 1; $i <= $volume; $i++) {
                     $filename = sprintf($dumpfile, $i);
                     $fp = @fopen($filename, "r");
                     $content = @fread($fp, filesize($filename));
                     fclose($fp);
                     $zip->addFile($content, basename($filename));
                     $unlinks[] = $filename;
                     $filelist .= "<li><a href=\"{$filename}\">{$filename}</a></li>\n";
                 }
                 $fp = @fopen($zipfilename, 'w');
                 if (fwrite($fp, $zip->file()) !== FALSE) {
                     foreach ($unlinks as $f) {
                         jio()->DeleteFile($f);
                     }
                 } else {
                     $this->Messager('database_export_multivol_succeed');
                 }
                 unset($sqldump, $zip, $content);
                 fclose($fp);
                 touch('./data/backup/' . $backupdir . '/index.htm');
                 $filename = $zipfilename;
                 $this->Messager("数据成功备份并压缩至服务器  data/backup/db/ 目录下。<br />" . (true === JISHIGOU_FOUNDER ? $filelist : ""), null);
             } else {
                 touch('./data/backup/' . $backupdir . '/index.htm');
                 for ($i = 1; $i <= $volume; $i++) {
                     $filename = sprintf($usezip == 2 ? $backupfilename . "-%s" . '.zip' : $dumpfile, $i);
                     $filelist .= "<li><a href=\"{$filename}\">{$filename}</a></li>\n";
                 }
                 $this->Messager("恭喜您,全部 {$volume} 个备份文件成功创建,备份完成。\r\n" . (true === JISHIGOU_FOUNDER ? $filelist : "<br />文件备份在  data/backup/db/ 目录下"), null);
             }
         }
     } else {
         $tablesstr = '';
         foreach ($tables as $table) {
             $tablesstr .= '"' . $table . '" ';
         }
         $query = $this->DatabaseHandler->Query("SHOW VARIABLES LIKE 'basedir'");
         list(, $mysql_base) = $query->GetRow('row');
         $dumpfile = addslashes(dirname(dirname(__FILE__))) . '/' . $backupfilename . '.sql';
         @unlink($dumpfile);
         $mysqlbin = $mysql_base == '/' ? '' : addslashes($mysql_base) . 'bin/';
         @shell_exec($mysqlbin . 'mysqldump --force --quick ' . ($this->DatabaseHandler->GetVersion() > '4.1' ? '--skip-opt --create-options' : '-all') . ' --add-drop-table' . ($extendins == 1 ? ' --extended-insert' : '') . '' . ($this->DatabaseHandler->GetVersion() > '4.1' && $sqlcompat == 'MYSQL40' ? ' --compatible=mysql40' : '') . ' --host="' . $this->Config['db_host'] . ($this->Config['db_port'] ? is_numeric($this->Config['db_port']) ? ' --port=' . $this->Config['db_port'] : ' --socket="' . $this->Config['db_port'] . '"' : '') . '" --user="******" --password="******" "' . $this->Config['db_name'] . '" ' . $tablesstr . ' > ' . $dumpfile);
         if (is_file($dumpfile)) {
             if ($usezip) {
                 require_once ROOT_PATH . 'include/func/zip.func.php';
                 $zip = new zipfile();
                 $zipfilename = $backupfilename . '.zip';
                 $fp = @fopen($dumpfile, "r");
                 $content = @fread($fp, filesize($dumpfile));
                 fclose($fp);
                 $zip->addFile($idstring . "# <?exit();?>\n " . $setnames . "\n #" . $content, basename($dumpfile));
                 $fp = @fopen($zipfilename, 'w');
                 fwrite($fp, $zip->file());
                 fclose($fp);
                 @unlink($dumpfile);
                 touch('./data/backup/' . $backupdir . '/index.htm');
                 $filename = $backupfilename . '.zip';
                 unset($sqldump, $zip, $content);
                 $this->Messager('database_export_zip_succeed');
             } else {
                 if (is_writeable($dumpfile)) {
                     $fp = @fopen($dumpfile, 'rb+');
                     fwrite($fp, $idstring . "# <?exit();?>\n " . $setnames . "\n #");
                     fclose($fp);
                 }
                 touch('./data/backup/' . $backupdir . '/index.htm');
                 $filename = $backupfilename . '.sql';
                 $this->Messager('database_export_succeed');
             }
         } else {
             $this->Messager('database_shell_fail');
         }
     }
 }
Example #6
0
 function DoAddMyBlackList()
 {
     $uid = MEMBER_ID;
     if ($uid < 1) {
         json_error("请先登录或者注册一个帐号");
     }
     $touid = (int) $this->Post['touid'];
     if ($touid < 1) {
         json_error("请指定要拉黑的用户");
     }
     $member = $this->TopicLogic->GetMember($touid);
     if (!$member) {
         json_error("请指定一个正确的用户ID");
     }
     $types = $this->Post['types'];
     $follow_html = $this->_AddBlackList($uid, $touid, $types);
     $template = $this->Post['template'];
     if ($template) {
         $template = dir_safe($template);
         include template($template);
     }
 }
Example #7
0
function writelog($file, $log)
{
    $logdir = ROOT_PATH . './data/log/';
    $file = dir_safe($file);
    $logfile = $logdir . $file . '.php';
    if (!is_dir($logdir)) {
        jmkdir($logdir);
    }
    $log = is_array($log) ? $log : array($log);
    return jio()->WriteFile($logfile, '<?php $log=' . var_export($log, 'true') . '?>');
}