function is_write($file)
{
if (DT_WIN) {
if (substr($file, -1) == '/') {
if (is_dir($file)) {
$file = $file . 'writeable-test.tmp';
if (@($fp = fopen($file, 'a'))) {
flock($fp, LOCK_EX);
fwrite($fp, 'OK');
flock($fp, LOCK_UN);
fclose($fp);
$tmp = file_get_contents($file);
unlink($file);
if ($tmp == 'OK') {
return true;
}
}
return false;
} else {
dir_create($file);
if (is_dir($file)) {
return is_write($file);
}
return false;
}
} else {
if (@($fp = fopen($file, 'a'))) {
fclose($fp);
return true;
}
return false;
}
} else {
return is_writeable($file);
}
}
<th>值</th>
<th>说明</th>
</tr>
<?php
if (strpos(get_env('self'), '/admin.php') !== false) {
?>
<tr>
<td class="t1">后台登录地址</td>
<td class="t2"><span>admin.php</span></td>
<td class="t3">
如果管理帐号泄漏,后台容易遭受攻击,为了系统安全,请修改根目录admin.php的文件名
</td>
</tr>
<?php
}
$D = is_write(DT_ROOT . '/file/') && is_write(DT_ROOT . '/file/cache/') && is_write(DT_ROOT . '/file/cache/tpl/') && is_write(DT_ROOT . '/file/upload/');
?>
<tr>
<td class="t1">file目录是否可写</td>
<td class="t2"><?php
echo $D ? '可写' : '<span>不可写</span>';
?>
</td>
<td class="t3">
file目录及所有子目录和子文件都必须设置可写,否则会出现以下问题:<br/>
系统缓存无法更新<br/>
后台无法登录<br/>
登录后台不显示密码输入框<br/>
前台页面无法正常显示<br/>
文件无法上传<br/>
</td>
}
if (!preg_match("/^[0-9a-z_-]+\$/i", $dir)) {
msg('目录名不合法,请更换一个再试');
}
$r = $db->get_one("SELECT moduleid FROM {$DT_PRE}module WHERE moduledir='{$dir}' AND islink=0");
if ($r) {
msg('此目录名已经被其他模块使用,请更换一个再试');
}
$sysdirs = array('ad', 'admin', 'announce', 'api', 'archiver', 'comment', 'feed', 'file', 'gift', 'guestbook', 'include', 'install', 'lang', 'link', 'module', 'poll', 'sitemap', 'skin', 'spread', 'template', 'upgrade', 'vote', 'mobile', 'form');
if (in_array($dir, $sysdirs)) {
msg('安装目录与系统目录冲突,请更换安装目录');
}
if (!dir_create(DT_ROOT . '/' . $dir . '/')) {
msg('无法创建' . $dir . '目录,请检查PHP是否有创建权限或手动创建');
}
if (!is_write(DT_ROOT . '/' . $dir . '/')) {
msg('目录' . $dir . '无法写入,请设置此目录可写权限');
}
if (!file_put(DT_ROOT . '/' . $dir . '/config.inc.php', "DESTOON")) {
msg('目录' . $dir . '无法写入,请设置此目录可写权限');
}
}
if ($post['domain']) {
if (substr($post['domain'], 0, 4) != 'http') {
$post['domain'] = 'http://' . $post['domain'];
}
if (substr($post['domain'], -1) != '/') {
$post['domain'] = $post['domain'] . '/';
}
}
$post['linkurl'] = $post['islink'] ? $post['linkurl'] : ($post['domain'] ? $post['domain'] : linkurl($post['moduledir'] . "/"));
if ($config['cookie_domain'] && substr($config['cookie_domain'], 0, 1) != '.') {
$config['cookie_domain'] = '.' . $config['cookie_domain'];
}
if ($config['cookie_domain'] != $CFG['cookie_domain']) {
$config['cookie_pre'] = 'D' . random(2) . '_';
}
$setting['smtp_pass'] = pass_decode($setting['smtp_pass'], $DT['smtp_pass']);
$setting['ftp_pass'] = pass_decode($setting['ftp_pass'], $DT['ftp_pass']);
$setting['sms_key'] = pass_decode($setting['sms_key'], $DT['sms_key']);
$setting['trade_pw'] = pass_decode($setting['trade_pw'], $DT['trade_pw']);
$setting['admin_week'] = implode(',', $setting['admin_week']);
$setting['check_week'] = implode(',', $setting['check_week']);
if ($setting['logo'] != $DT['logo']) {
clear_upload($setting['logo']);
}
if (!is_write(DT_ROOT . '/config.inc.php')) {
msg('根目录config.inc.php无法写入,请设置可写权限');
}
$tmp = file_get(DT_ROOT . '/config.inc.php');
foreach ($config as $k => $v) {
$tmp = preg_replace("/[\$]CFG\\['{$k}'\\]\\s*\\=\\s*[\"'].*?[\"']/is", "\$CFG['{$k}'] = '{$v}'", $tmp);
}
file_put(DT_ROOT . '/config.inc.php', $tmp);
update_setting($moduleid, $setting);
cache_module(1);
cache_module();
file_put(DT_ROOT . '/file/avatar/remote.html', $setting['ftp_remote'] && $setting['remote_url'] ? $setting['remote_url'] : 'URL');
$filename = DT_ROOT . '/' . $setting['index'] . '.' . $setting['file_ext'];
if (!$setting['index_html'] && $setting['file_ext'] != 'php') {
file_del($filename);
}
file_copy($dfile, $bakfile);
break;
}
}
}
file_put($nfile, template_safe($content));
if ($dfileid != $fileid) {
file_del($dfile);
}
if ($name != $fileid) {
template_name($fileid, $name);
}
dmsg('修改成功', '?file=' . $file . '&action=' . $action . '&fileid=' . $fileid . '&dir=' . $dir);
} else {
$fileid or msg();
if (!is_write($template_root . '/' . $fileid . '.htm')) {
msg($fileid . '.htm不可写,请将其属性设置为可写');
}
if ($dir) {
$template_path = $template_path . '/';
}
$name = isset($names[$fileid]) && $names[$fileid] ? $names[$fileid] : $fileid;
$content = htmlspecialchars(file_get($template_root . '/' . $fileid . '.htm'));
include tpl('template_edit');
}
break;
case 'preview':
$db->halt = 0;
require_once DT_ROOT . '/include/template.func.php';
$tpl_content = template_safe($content);
unset($content);
include IN_ROOT . '/step_' . $step . '.tpl.php';
break;
case '3':
//属性
$ISWIN = strpos(strtoupper(PHP_OS), 'WIN') === false ? false : true;
$files = file_get_contents(IN_ROOT . '/chmod.txt');
$files = explode("\n", $files);
$files = array_map('trim', $files);
$FILES = array();
$pass = true;
foreach ($files as $k => $v) {
$FILES[$k]['name'] = $v;
if (!$ISWIN) {
dir_chmod(DT_ROOT . '/' . $v, DT_CHMOD);
}
if (is_write(DT_ROOT . '/' . str_replace('*', 'index.html', $v))) {
$FILES[$k]['write'] = true;
if (strpos($v, 'index.html') !== false) {
$c = file_get(DT_ROOT . '/' . $v) . '<!--WriteTest-->';
file_put(DT_ROOT . '/' . $v, $c);
$c = file_get(DT_ROOT . '/' . $v);
if (strpos($c, 'WriteTest') === false) {
$FILES[$k]['write'] = $pass = false;
}
}
if ($ISWIN && $v == 'config.inc.php') {
$c = file_get(DT_ROOT . '/' . $v);
$c = str_replace($CFG['authkey'], 'WriteTest', $c);
file_put(DT_ROOT . '/' . $v, $c);
$c = file_get(DT_ROOT . '/' . $v);
if (strpos($c, 'WriteTest') === false) {
$i = 0;
while (++$i) {
$bakfile = $skin_root . $dfileid . '.' . $i . '.bak';
if (!is_file($bakfile)) {
file_copy($dfile, $bakfile);
break;
}
}
}
file_put($nfile, stripslashes($content));
if ($dfileid != $fileid) {
file_del($dfile);
}
dmsg('风格修改成功', $forward);
} else {
if (!is_write($skin_root . $fileid . '.css')) {
msg($fileid . '.css不可写,请将其属性设置为可写');
}
$content = file_get($skin_root . $fileid . '.css');
include tpl('skin_edit');
}
break;
case 'import':
if (!$fileid) {
msg('文件名不能为空');
}
if (!$bakid) {
msg('Invalid Request');
}
if (file_copy($skin_root . $fileid . '.' . $bakid . '.bak', $skin_root . $fileid . '.css')) {
dmsg('备份文件恢复成功', $this_forward);