/**
* This is v1.3 of the config except the password is now MD5
*
*/
function Set_Configuration($prefix)
{
global $data, $lang_populated, $lang_create_populate;
$site_url = get_env('/');
$images_path = "../images/";
$admin = addslashes($data['admin_username']);
$password = addslashes(decode($data['admin_password1']));
$query = mysql_query("INSERT INTO `{$prefix}config`\n\t\n\t(`admin` , `password` , `email` , `commentemail` , `template` , `imagepath` , `siteurl` , `sitetitle` , `langfile` , `calendar` , `crop` , `thumbwidth` , `thumbheight` , `thumbnumber` , `compression` , `dateformat` )VALUES\n\t('{$admin}', MD5('{$password}') , '' , 'no' , 'simple' , '{$images_path}' , '{$site_url}' , 'Pixelpost' , 'english' , 'No Calendar' , 'yes' , '100' , '75' , '5' , '75' , 'Y-m-d H:i:s' )\n\t\n\t") or die("MySQL Error: " . mysql_error());
$create_status[$lang_create_populate] = $lang_populated;
return $create_status;
}
/**
* Get real IP.
* @return string|null
*/
function ip() : string
{
$ip = '';
if (null != ($ip = get_env('HTTP_X_FORWARDED_FOR'))) {
if (strpos($ip, ',') !== false) {
$ip = trim(end(explode(',', $ip)));
}
} elseif (null != ($ip = get_env('HTTP_CLIENT_IP'))) {
// ok..
} elseif (null != ($ip = get_env('HTTP_X_REAL_IP'))) {
// ok..
} elseif (null != ($ip = get_env('REMOTE_ADDR'))) {
// ok..
}
return $ip;
}
function curl_get($url)
{
//open connection
$url = $_SERVER['SERVER_NAME'] . $url;
$ch = curl_init();
if (get_env() == "DEV") {
curl_setopt($ch, CURLOPT_PROXY, '127.0.0.1:8888');
}
//set the url, number of POST vars, POST data
curl_setopt($ch, CURLOPT_URL, $url);
//curl_setopt($ch,CURLOPT_POST,count($fields));
//curl_setopt($ch,CURLOPT_POSTFIELDS,$fields_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//execute post
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
/**
* Check to see if current working progress in development mode or production mode
* @author Faisal <*****@*****.**>
* @return bool
*/
function env_is_production_mode()
{
return 'production' == get_env();
}
<?php
!defined('DEBUG') and exit('Access Denied.');
// 初始状态为通过
$succeed = 1;
$env = $write = array();
get_env($env, $write);
include './install/view/step1.htm';
function get_env(&$env, &$write)
{
$env['os']['name'] = '操作系统';
$env['os']['must'] = TRUE;
$env['os']['current'] = PHP_OS;
$env['os']['need'] = '类UNIX';
$env['os']['status'] = 1;
$env['php_version']['name'] = 'PHP版本';
$env['php_version']['must'] = TRUE;
$env['php_version']['current'] = PHP_VERSION;
$env['php_version']['need'] = '5.0';
$env['php_version']['status'] = version_compare(PHP_VERSION, '5') > 0;
$env['gd_version']['name'] = 'GD图像处理库';
$env['gd_version']['must'] = FALSE;
$env['gd_version']['need'] = '1.0';
// 头像缩略需要,没有也可以。
if (function_exists('gd_info')) {
$gd_info = gd_info();
preg_match('/\\d(?:.\\d)+/', $gd_info['GD Version'], $arr);
$gd_version = $arr[0];
$env['gd_version']['current'] = $gd_version;
$env['gd_version']['status'] = version_compare($gd_version, '1') > 0 ? 1 : 2;
} else {
if ($_GET) {
$_GET = daddslashes($_GET);
}
if ($_COOKIE) {
$_COOKIE = daddslashes($_COOKIE);
}
}
if (function_exists('date_default_timezone_set')) {
date_default_timezone_set($CFG['timezone']);
}
$DT_PRE = $CFG['tb_pre'];
$DT_QST = addslashes($_SERVER['QUERY_STRING']);
$DT_TIME = time() + $CFG['timediff'];
$DT_IP = get_env('ip');
$DT_URL = get_env('url');
$DT_REF = get_env('referer');
$DT_BOT = is_robot();
header("Content-Type:text/html;charset=" . DT_CHARSET);
require DT_ROOT . '/include/db_' . $CFG['database'] . '.class.php';
require DT_ROOT . '/include/cache_' . $CFG['cache'] . '.class.php';
require DT_ROOT . '/include/session_' . $CFG['session'] . '.class.php';
require DT_ROOT . '/include/file.func.php';
if (!empty($_SERVER['REQUEST_URI'])) {
strip_uri($_SERVER['REQUEST_URI']);
}
if ($_POST) {
$_POST = strip_sql($_POST);
strip_key($_POST);
}
if ($_GET) {
$_GET = strip_sql($_GET);
}
?>
<tr>
<td></td>
<td><input type="submit" name="submit" value="登 录" class="btn" tabindex="4" id="submit"/> <input type="button" value="退 出" class="btn" onclick="top.Go('<?php
echo DT_PATH;
?>
');"/>
</td>
</tr>
</table>
</form>
</div>
</div>
<?php
if (strpos(get_env('self'), '/admin.php') !== false || is_file(DT_ROOT . '/admin.php')) {
?>
<div style="margin:10px 40px 0 40px;border:#FF8D21 1px solid;background:#FFFFDD;padding:8px;"><img src="admin/image/notice.gif" align="absmiddle"/> 提示:为了系统安全,请立即修改后台文件名 <a href="http://help.destoon.com/use/34.html" target="_blank" style="color:#006699;">帮助»</a></div>
<script type="text/javascript">
try{Dd('username').disabled=true;Dd('password').disabled=true;Dd('submit').disabled=true;$('.c_p').hide();<?php
if ($DT['captcha_admin']) {
?>
Dd('captcha').disabled=true;<?php
}
?>
}catch(e){}
</script>
<?php
}
?>
</td>
function log_write($message, $type = 'php', $force = 0)
{
global $DT_IP, $DT_TIME, $_username;
if (!DT_DEBUG && !$force) {
return;
}
$DT_IP or $DT_IP = get_env('ip');
$DT_TIME or $DT_TIME = time();
$user = $_username ? $_username : '******';
$log = "<?php exit;?>\n<{$type}>\n";
$log .= "\t<time>" . date('Y-m-d H:i:s', $DT_TIME) . "</time>\n";
$log .= "\t<ip>" . $DT_IP . "</ip>\n";
$log .= "\t<user>" . $user . "</user>\n";
$log .= "\t<php>" . $_SERVER['SCRIPT_NAME'] . "</php>\n";
$log .= "\t<querystring>" . str_replace('&', '&', $_SERVER['QUERY_STRING']) . "</querystring>\n";
$log .= "\t<message>" . (is_array($message) ? var_export($message, true) : $message) . "</message>\n";
$log .= "</{$type}>";
file_put(DT_ROOT . '/file/log/' . date('Ym', $DT_TIME) . '/' . date('Y.m.d H.i.s', $DT_TIME) . '-' . mt_rand(10, 99) . '-' . $type . '.php', $log);
}
function queue_sms( $application_id,$billing_id,$phone,$message_text,$schedule,$callback_page,$secret_key){
$user = $this->user_model->get_user_from_secret_key($secret_key);
$retval = array('result'=>'fail','error_message'=>'');
$sms_server_url = $this->config->item("smss_sms_server_url");
$url = $sms_server_url . "queue/queue_sms/";
$fields = array(
'application_id'=>urlencode($application_id),
'billing_id'=>urlencode($billing_id),
'phone'=>urlencode($phone),
'message_text'=>urlencode($message_text),
'schedule'=>urlencode($schedule),
'callback_page'=>urlencode($callback_page)
);
//url-ify the data for the POST
$fields_string = "";
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string,'&');
//open connection
$ch = curl_init();
if(get_env() == "DEV"){
curl_setopt($ch, CURLOPT_PROXY, '127.0.0.1:8888');
}
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_POST,count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS,$fields_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//execute post
$result = curl_exec($ch);
$return_object = json_decode($result);
log_message('debug', "Queue URL: $url");
log_message('debug', "Queue data: $fields_string");
log_message('debug', "Return Object: $result");
if($return_object && $return_object->result == "success")
{
//sms was queued successfully - add it to transaction log.
$insert = array(
'id'=>$return_object->sms_id,
'phone'=>$phone,
'message_text'=>$message_text,
'schedule'=>$schedule,
'secret_key'=>$secret_key,
'owner_id'=>$user['id'],
'time_queued'=>date ("Y-m-d H:i:s",now()),
'company_id'=>'');
$this->db->insert('sms',$insert);
$this->billing_model->use_credit($user['id'],1,$return_object->sms_id);
$retval['result'] = "success";
$retval['error_message'] = "";
}
else
{
//something went wrong? echo a fail object.
if($return_object)
{
$retval['error_message'] = $return_object->error->message;
}
else
{
$retval['error_message'] = "An internal error occurred.";
}
}
//close connection
curl_close($ch);
if($retval['result'] == "success"){
$this->session->set_flashdata("flash","Message to ".$this->input->post('phone') ." queued successfully");
}
return $retval;
}
<?php
/*
[Destoon B2B System] Copyright (c) 2008-2013 Destoon.COM
This is NOT a freeware, use is subject to license.txt
*/
defined('IN_DESTOON') or exit('Access Denied');
$AREA = cache_read('area.php');
$c = array();
$city = get_cookie('city');
$http_host = get_env('host');
if ($city) {
list($cityid, $city_domain) = explode('|', $city);
$cityid = intval($cityid);
if (strpos(DT_PATH, $http_host) === false && strpos($city_domain, $http_host) === false) {
$c = $db->get_one("SELECT * FROM {$DT_PRE}city WHERE domain='http://" . $http_host . "/'");
if ($c) {
set_cookie('city', $c['areaid'] . '|' . $c['domain'], $DT_TIME + 365 * 86400);
$cityid = $c['areaid'];
}
}
#if($city_domain && !defined('DT_ADMIN') && strpos($DT_URL, DT_PATH) !== false) dheader(str_replace(DT_PATH, $city_domain, $DT_URL));
} else {
if (strpos(DT_PATH, $http_host) === false) {
$c = $db->get_one("SELECT * FROM {$DT_PRE}city WHERE domain='http://" . $http_host . "/'");
if ($c) {
set_cookie('city', $c['areaid'] . '|' . $c['domain'], $DT_TIME + 365 * 86400);
$cityid = $c['areaid'];
}
} else {
if ($DT['city_ip'] && !defined('DT_ADMIN') && !$DT_BOT) {
function log_write($message, $type = 'php', $force = 0)
{
global $DT_IP, $_username, $log_id;
if (!DT_DEBUG && !$force) {
return;
}
if ($log_id) {
$log_id++;
} else {
$log_id = 1;
}
$DT_IP or $DT_IP = get_env('ip');
$user = $_username ? $_username : '******';
check_name($type) or $type = 'php';
$log = "<?php exit;?>\n<{$type}>\n";
$log .= "\t<time>" . timetodate() . "</time>\n";
$log .= "\t<ip>" . $DT_IP . "</ip>\n";
$log .= "\t<user>" . $user . "</user>\n";
$log .= "\t<php>" . $_SERVER['SCRIPT_NAME'] . "</php>\n";
$log .= "\t<querystring>" . str_replace('&', '&', $_SERVER['QUERY_STRING']) . "</querystring>\n";
$log .= "\t<message>" . (is_array($message) ? var_export($message, true) : $message) . "</message>\n";
$log .= "</{$type}>";
file_put(DT_ROOT . '/file/log/' . timetodate(0, 'Ym/d') . '/' . $type . '-' . timetodate(0, 'Y.m.d H.i.s') . '-' . $log_id . '.php', $log);
}
function get_client_address()
{
$val = server('HTTP_X_FORWARDED_FOR');
if (!empty($val)) {
$val = $val = explode(' ', $val);
$val = $val[0];
} else {
$val = server('REMOTE_ADDR');
if (empty($val)) {
$val = get_env('SSH_CLIENT');
if (empty($val)) {
$val = get_env('SSH_CONNECTION');
}
if (!empty($val)) {
$val = $val = explode(' ', $val);
$val = $val[0];
}
}
}
return $val;
}
<?php
require __DIR__ . '/../../lib/php/env_helper.inc.php';
?>
driver_class=org.postgresql.Driver
url=jdbc:postgresql://<?php
echo $host;
?>
:<?php
echo $_ENV['PGPORT'];
?>
/<?php
echo $_ENV['PGDATABASE'], "\n";
?>
biomart_username=biomart
biomart_password=<?php
echo get_env('BIOMART_PWD', 'biomart'), "\n";
?>
deapp_username=deapp
deapp_password=<?php
echo get_env('DEAPP_PWD', 'deapp'), "\n";
?>
searchapp_username=searchapp
searchapp_password=<?php
echo get_env('SEARCHAPP_PWD', 'searchapp'), "\n";
foreach ($pay as $k => $v) {
update_setting('pay-' . $k, $v);
}
$oauth = (include DT_ROOT . '/file/setting/oauth.php');
foreach ($oauth as $k => $v) {
update_setting('oauth-' . $k, $v);
}
for ($i = 1; $i <= 7; $i++) {
$setting = (include DT_ROOT . '/file/setting/group-' . $i . '.php');
if ($setting) {
unset($setting['groupid'], $setting['groupname'], $setting['vip']);
update_setting('group-' . $i, $setting);
}
}
$DT_TIME = time();
$DT_IP = get_env('ip');
//模块安装时间
$db->query("UPDATE {$DT_PRE}module SET installtime='{$DT_TIME}'");
//设置管理员
$md5_password = md5(md5($password));
$db->query("UPDATE {$DT_PRE}member SET username='******',passport='{$username}',password='******',payword='{$md5_password}',email='{$email}',regip='{$DT_IP}',regtime='{$DT_TIME}',loginip='{$DT_IP}',logintime='{$DT_TIME}' WHERE userid=1");
$userurl = $CFG['url'] . 'index.php?homepage=' . $username;
$db->query("UPDATE {$DT_PRE}company SET username='******',linkurl='{$userurl}' WHERE userid=1");
//替换广告位 单网页路径
$content = cache_read('ad_14_0.htm', 'htm', 1);
$content = str_replace('http://demo.destoon.com/v' . DT_VERSION . '/', $CFG['url'], $content);
cache_write('ad_14_0.htm', $content, 'htm');
$db->query("UPDATE {$DT_PRE}ad_place SET addtime='{$DT_TIME}',edittime='{$DT_TIME}',editor='{$username}'");
$db->query("UPDATE {$DT_PRE}ad SET addtime='{$DT_TIME}',edittime='{$DT_TIME}',username='******',editor='{$username}'");
$db->query("UPDATE {$DT_PRE}link SET addtime='{$DT_TIME}',edittime='{$DT_TIME}',editor='{$username}'");
$db->query("UPDATE {$DT_PRE}style SET addtime='{$DT_TIME}',edittime='{$DT_TIME}',editor='{$username}'");
function send_email($recipient)
{
global $data;
global $lang_email_subject, $lang_email_message_0, $lang_email_message_1, $lang_email_message_2, $lang_install_admin, $lang_admin_user;
global $lang_admin_pass1, $lang_install_db, $lang_db_host, $lang_db_name, $lang_db_user;
global $lang_db_pass, $lang_db_prefix, $lang_email_footer, $lang_email_signature;
$server_name = !empty($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME');
$server_name = preg_replace('#^www\\.#', '', strtolower($server_name));
$admin_username = stripslashes($data['admin_username']);
$admin_password = stripslashes(decode($data['admin_password1']));
$db_host = stripslashes($data['db_host']);
$db_name = stripslashes($data['db_name']);
$db_user = stripslashes($data['db_user']);
$db_pass = stripslashes(decode($data['db_pass']));
$db_prefix = stripslashes($data['tbl_prefix']);
$recipient = strtolower($recipient);
$subject = $lang_email_subject;
$body = "{$lang_email_message_0}\r\n";
$body .= "{$lang_email_message_1}\r\n\r\n";
$body .= "{$lang_email_message_2}\r\n";
$body .= get_env('/', false) . "\r\n\r\n";
$body .= $lang_install_admin . ":\r\n";
$body .= "------------------------------------------------------------\r\n\r\n";
$body .= "{$lang_admin_user} {$admin_username}\r\n\r\n";
$body .= "{$lang_admin_pass1} {$admin_password}\r\n\r\n\r\n";
$body .= $lang_install_db . ":\r\n";
$body .= "------------------------------------------------------------\r\n\r\n";
$body .= "{$lang_db_host} {$db_host}\r\n\r\n";
$body .= "{$lang_db_name} {$db_name}\r\n\r\n";
$body .= "{$lang_db_user} {$db_user}\r\n\r\n";
$body .= "{$lang_db_pass} {$db_pass}\r\n\r\n";
$body .= "{$lang_db_prefix} {$db_prefix}\r\n\r\n\r\n";
$body .= "{$lang_email_footer}\r\n\r\n";
$body .= "--\r\n";
$body .= "{$lang_email_signature}\r\n";
$headers = "Content-type: text/plain; charset=UTF-8\r\n";
$headers .= "Content-Transfer-Encoding: 8bit\r\n";
$headers .= "From: Pixelpost Installer <pixelpost@{$server_name}>\r\n";
if (mail($recipient, $subject, $body, $headers)) {
return true;
}
return false;
}
?>
<style type="text/css">
.t1 {width:200px;padding:3px 10px 3px 10px;color:#006699;}
.t2 {width:100px;padding:3px 10px 3px 10px;color:green;text-align:center;}
.t2 span {color:red;}
.t3 {padding:5px 10px 5px 10px;line-height:180%;}
</style>
<div class="tt">系统体检</div>
<table cellpadding="2" cellspacing="1" class="tb" style="line-height:200%;">
<tr>
<th>项目</th>
<th>值</th>
<th>说明</th>
</tr>
<?php
if (strpos(get_env('self'), '/admin.php') !== false) {
?>
<tr>
<td class="t1">后台登录地址</td>
<td class="t2"><span>admin.php</span></td>
<td class="t3">
如果管理帐号泄漏,后台容易遭受攻击,为了系统安全,请修改根目录admin.php的文件名
</td>
</tr>
<?php
}
$D = is_write(DT_ROOT . '/file/') && is_write(DT_ROOT . '/file/cache/') && is_write(DT_ROOT . '/file/cache/tpl/') && is_write(DT_ROOT . '/file/upload/');
?>
<tr>
<td class="t1">file目录是否可写</td>
<td class="t2"><?php
echo $CFG['charset'];
?>
" /></head><body><div style="width:650px;font-size:10pt;line-height:19px;font-family:Verdana,Arial;">'+$('license').value+'</div></body></html>');
w.window.print();
}
var i = 9;
var interval=window.setInterval(
function() {
if(i == 0) {
$('read').value = '我同意(I)';
$('read').disabled = false;
} else {
$('read').value = '我同意('+i+')';
i--;
}
},
1000);
</script>
<?php
include IN_ROOT . '/footer.tpl.php';
?>
<script type="text/javascript" src="http://www.destoon.com/install.php?release=<?php
echo DT_RELEASE;
?>
&charset=<?php
echo $CFG['charset'];
?>
&domain=<?php
echo urlencode(get_env('url'));
?>
"></script>
<?php
require __DIR__ . '/../lib/php/env_helper.inc.php';
?>
batch.jdbc.driver=oracle.jdbc.driver.OracleDriver
batch.jdbc.url=jdbc:oracle:thin:@<?php
echo $_ENV['ORAHOST'];
?>
:<?php
echo $_ENV['ORAPORT'];
?>
:<?php
echo $_ENV['ORASID'], "\n";
?>
batch.jdbc.user=tm_cz
batch.jdbc.password=<?php
echo get_env('TM_CZ_PWD', 'tm_cz'), "\n";
<?php
/*
[Destoon B2B System] Copyright (c) 2008-2015 www.destoon.com
This is NOT a freeware, use is subject to license.txt
*/
require 'common.inc.php';
$username = $domain = '';
if (isset($homepage) && check_name($homepage)) {
$username = $homepage;
} else {
if (!$cityid) {
$host = get_env('host');
if (substr($host, 0, 4) == 'www.') {
$whost = $host;
$host = substr($host, 4);
} else {
$whost = $host;
}
if ($host && strpos(DT_PATH, $host) === false) {
if (substr($host, -strlen($CFG['com_domain'])) == $CFG['com_domain']) {
$www = substr($host, 0, -strlen($CFG['com_domain']));
if (check_name($www)) {
$username = $homepage = $www;
} else {
include load('company.lang');
$head_title = $L['not_company'];
dhttp(404, $DT_BOT);
include template('com-notfound', 'message');
exit;
}
$_GET = daddslashes($_GET);
}
if ($_COOKIE) {
$_COOKIE = daddslashes($_COOKIE);
}
}
if (function_exists('date_default_timezone_set')) {
date_default_timezone_set($CFG['timezone']);
}
$DT_PRE = $CFG['tb_pre'];
$DT_QST = addslashes($_SERVER['QUERY_STRING']);
$DT_TIME = time() + $CFG['timediff'];
$DT_IP = get_env('ip');
$DT_URL = get_env('url');
$DT_REF = get_env('referer');
$DT_MOB = get_env('mobile');
$DT_BOT = is_robot();
$DT_TOUCH = is_touch();
header("Content-Type:text/html;charset=" . DT_CHARSET);
require DT_ROOT . '/include/db_' . $CFG['database'] . '.class.php';
require DT_ROOT . '/include/cache_' . $CFG['cache'] . '.class.php';
require DT_ROOT . '/include/session_' . $CFG['session'] . '.class.php';
require DT_ROOT . '/include/file.func.php';
if (!empty($_SERVER['REQUEST_URI'])) {
strip_uri($_SERVER['REQUEST_URI']);
}
if ($_POST) {
$_POST = strip_sql($_POST);
strip_key($_POST);
}
if ($_GET) {
if ($DT['admin_week'] && !check_period(',' . $DT['admin_week']) || $DT['admin_hour'] && !check_period($DT['admin_hour'])) {
set_cookie('auth', '');
dalert('未被允许的管理时间', $MODULE[2]['linkurl'] . 'logout.php?forward=' . urlencode(DT_PATH));
}
}
if ($CFG['authadmin'] == 'cookie') {
set_cookie($secretkey, $user['userid']);
} else {
$_SESSION[$secretkey] = $user['userid'];
}
require DT_ROOT . '/admin/admin.class.php';
$admin = new admin();
$admin->cache_right($user['userid']);
$admin->cache_menu($user['userid']);
if ($DT['login_log']) {
$do->login_log($username, $password, $user['passsalt'], 1);
}
dheader($forward);
} else {
if ($DT['login_log']) {
$do->login_log($username, $password, $user['passsalt'], 1, $do->errmsg);
}
msg($do->errmsg);
}
} else {
if (strpos($DT_URL, DT_PATH) === false) {
dheader(DT_PATH . basename(get_env('self')));
}
$username = isset($username) ? $username : $_username;
include tpl('login');
}
/**
* Fetch a number of URLs as a string
*
* @return string containing the (concatenated) HTML documents
* @param array $urls array of fully qualified URLs
*/
function _curl_get($urls)
{
$html_str = '';
foreach ($urls as $url) {
$curl_handle = curl_init();
if (get_env() == "DEV") {
curl_setopt($curl_handle, CURLOPT_PROXY, '127.0.0.1:8888');
}
curl_setopt($curl_handle, CURLOPT_URL, $url);
curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, 1);
$html_str .= curl_exec($curl_handle);
curl_close($curl_handle);
}
return $html_str;
}