function sax_stripslashes(&$array)
{
if (is_array($array)) {
foreach ($array as $k => $v) {
$array[$k] = sax_stripslashes($v);
}
} else {
if (is_string($array)) {
$array = stripslashes($array);
}
}
return $array;
}
$onlineip = sax_addslashes($onlineip);
@preg_match("/[\\d\\.]{7,15}/", $onlineip, $onlineipmatches);
$onlineip = $onlineipmatches[0] ? $onlineipmatches[0] : 'unknown';
unset($onlineipmatches);
// 允许程序在 register_globals = off 的环境下工作
$onoff = function_exists('ini_get') ? ini_get('register_globals') : get_cfg_var('register_globals');
if ($onoff != 1) {
@extract($_POST, EXTR_SKIP);
@extract($_GET, EXTR_SKIP);
@extract($_COOKIE, EXTR_SKIP);
}
// 判断 magic_quotes_gpc 状态
if (@get_magic_quotes_gpc()) {
$_GET = sax_stripslashes($_GET);
$_POST = sax_stripslashes($_POST);
$_COOKIE = sax_stripslashes($_COOKIE);
}
// 调试函数
function pr($a)
{
echo '<pre>';
print_r($a);
echo '</pre>';
}
function cpmsg($message, $url = 'javascript:history.go(-1);')
{
$message = "<meta HTTP-EQUIV=\"REFRESH\" content=\"2;URL={$url}\" /><p>{$message}</p>";
if ($url) {
$message .= "<p><a href=\"{$url}\">跳转</a></p>";
}
echo $message;
<?php
if (!defined('SABLOG_ROOT') || !isset($php_self) || !preg_match("/[\\/\\\\]cp\\.php\$/", $php_self)) {
exit('Access Denied');
}
permission(array(1, 2));
if ($_POST['action'] == 'autosave') {
if ($_POST['title'] || $_POST['description'] || $_POST['content']) {
autosave_recache($_POST['title'], $_POST['description'], $_POST['content']);
}
}
if ($_GET['action'] == 'switchtodraft') {
if (@(include_once SABLOG_ROOT . 'data/cache/cache_autosave.php')) {
$autosavedb = sax_stripslashes($autosavedb);
$title = $autosavedb[$sax_uid]['title'];
$description = $autosavedb[$sax_uid]['description'];
$content = $autosavedb[$sax_uid]['content'];
$content = str_replace(array("\r", "\n"), '', $content);
$description = str_replace(array("\r", "\n"), '', $description);
?>
var timestamp = '<?php
echo sadate('m月d日,H:i:s');
?>
';
$('#title').val('<?php
echo $title;
?>
');
oEditor.html('<?php
echo $content;
?>
function transhash($url, $tag = '')
{
global $sax_hash;
$tag = sax_stripslashes($tag);
if (!$tag || !preg_match("/^(http:\\/\\/|mailto:|#|javascript)/i", $url) && !strpos($url, 'sax_hash=')) {
if ($pos = strpos($url, '#')) {
$urlret = substr($url, $pos);
$url = substr($url, 0, $pos);
} else {
$urlret = '';
}
$url .= (strpos($url, '?') ? '&' : '?') . 'sax_hash=' . $sax_hash . $urlret;
}
return $tag . $url;
}
$DB->query("REPLACE INTO {$db_prefix}settings VALUES ('templatename', '" . sax_addslashes($name) . "')");
settings_recache();
$location = getlink('template', 'template', array('message' => 3, 'name' => $name));
$options['templatename'] = $name;
} else {
$location = getlink('template', 'template', array('message' => 4, 'name' => $name));
}
header("Location: {$location}");
exit;
}
//保存文件
if ($action == 'savefile' && $tpledit) {
$ext = in_array($ext, array('php', 'css')) ? $ext : 'php';
$filepath = SABLOG_ROOT . $template_dir . $path . '/' . $file . '.' . $ext;
if (file_exists($filepath)) {
$content = sax_stripslashes(trim($_POST['content']));
writefile($filepath, $content);
$location = getlink('template', 'filelist', array('message' => 5, 'name' => $desc[$file]));
} else {
$location = getlink('template', 'filelist', array('message' => 6, 'name' => $desc[$file]));
}
header("Location: {$location}");
exit;
}
//设置状态
if ($action == 'visible') {
if ($stylevar['visible']) {
$visible = 0;
$state = '禁用';
$location = getlink('template', 'stylevar', array('message' => 7, 'stylevarid' => $stylevarid));
} else {
