Example #1
0
 public function manage()
 {
     if (!$this->admin_username) {
         return false;
     }
     set_time_limit(0);
     // 最多显示400张
     $infos = Loader::model('attachment_model')->field('filepath')->limit(400)->order('aid DESC')->select();
     $str = "";
     foreach ($infos as $r) {
         $ext = File::get_suffix($r['filepath']);
         if (in_array($ext, $this->imgext)) {
             $str .= $this->upload_url . $r['filepath'] . 'ue_separate_ue';
         }
     }
     exit($str);
 }
Example #2
0
 /**
  * 获取临时未处理文件列表
  *
  * @return Ambigous <boolean, mixed, string>
  */
 private function att_not_used()
 {
     $this->att_db = Loader::model('attachment_model');
     if ($att_json = cookie('att_json')) {
         if ($att_json) {
             $att_cookie_arr = explode('||', $att_json);
         }
         foreach ($att_cookie_arr as $_att_c) {
             $att[] = json_decode($_att_c, true);
         }
         if (is_array($att) && !empty($att)) {
             foreach ($att as $n => $v) {
                 $ext = File::get_suffix($v['src']);
                 if (in_array($ext, $this->imgext)) {
                     $att[$n]['fileimg'] = $v['src'];
                     $att[$n]['width'] = '80';
                     $att[$n]['filename'] = urldecode($v['filename']);
                 } else {
                     $att[$n]['fileimg'] = file_icon($v['src']);
                     $att[$n]['width'] = '64';
                     $att[$n]['filename'] = urldecode($v['filename']);
                 }
                 $this->cookie_att .= '|' . $v['src'];
             }
         }
     }
     return isset($att) ? $att : false;
 }
Example #3
0
 /**
  * 判断是否为图片
  */
 function is_image($file)
 {
     $ext_arr = array('jpg', 'gif', 'png', 'bmp', 'jpeg', 'tiff');
     $ext = File::get_suffix($file);
     return in_array($ext, $ext_arr) ? $ext_arr : false;
 }
Example #4
0
 /**
  * 数据库恢复
  *
  * @param unknown_type $filename
  */
 private function import_database($filename)
 {
     if ($filename && File::get_suffix($filename) == 'sql') {
         $filepath = DATA_PATH . 'bakup' . DIRECTORY_SEPARATOR . $this->pdo_name . DIRECTORY_SEPARATOR . $filename;
         if (!file_exists($filepath)) {
             showmessage(L('database_sorry') . " {$filepath} " . L('database_not_exist'));
         }
         $sql = file_get_contents($filepath);
         self::sql_execute($sql);
         showmessage("{$filename} " . L('data_have_load_to_database'));
     } else {
         $fileid = $this->fileid ? $this->fileid : 1;
         $pre = $filename;
         $filename = $filename . $fileid . '.sql';
         $filepath = DATA_PATH . 'bakup' . DIRECTORY_SEPARATOR . $this->pdo_name . DIRECTORY_SEPARATOR . $filename;
         if (file_exists($filepath)) {
             $sql = File::read($filepath);
             self::sql_execute($sql);
             $fileid++;
             showmessage(L('bakup_data_file') . " {$filename} " . L('load_success'), U('admin/database/import', array('pdoname' => $this->pdo_name, 'pre' => $pre, 'fileid' => $fileid, 'dosubmit' => '1')));
         } else {
             showmessage(L('data_recover_succ'), U('admin/database/import'));
         }
     }
 }
Example #5
0
echo L('block_data');
?>
</legend>
			<table width="100%" class="table_form" id="table_form">
<?php 
if ($data['type'] == 1) {
    ?>
<script language="Javascript" type="text/javascript">
editAreaLoader.init({
	id: "data"
	,start_highlight: true
	,allow_toggle: true
	,word_wrap: true
	,language: "zh"
	,syntax: "<?php 
    echo File::get_suffix(C('template', 'ext'));
    ?>
"	//语法
});
</script>
  <tr>
					<td class="y-bg"><textarea cols="80" id="data" name="data"
							rows="20"><?php 
    echo htmlspecialchars($data['data']);
    ?>
</textarea></td>
				</tr>
<?php 
} else {
    if (is_array($data['data'])) {
        foreach ($data['data'] as $key => $val) {
Example #6
0
 public function download()
 {
     $a_k = trim($_GET['a_k']);
     $yun_auth_key = md5($this->auth_key . $_SERVER['HTTP_USER_AGENT']);
     $a_k = String::authcode($a_k, 'DECODE', $yun_auth_key);
     if (empty($a_k)) {
         showmessage(L('illegal_parameters'));
     }
     unset($i, $m, $f, $t, $ip);
     parse_str($a_k);
     if (isset($i)) {
         $downid = intval($i);
     }
     if (!isset($m)) {
         showmessage(L('illegal_parameters'));
     }
     if (!isset($modelid)) {
         showmessage(L('illegal_parameters'));
     }
     if (empty($f)) {
         showmessage(L('url_invalid'));
     }
     if (!$i || $m < 0) {
         showmessage(L('illegal_parameters'));
     }
     if (!isset($t)) {
         showmessage(L('illegal_parameters'));
     }
     if (!isset($ip)) {
         showmessage(L('illegal_parameters'));
     }
     $starttime = intval($t);
     if (preg_match('/(php|phtml|php3|php4|jsp|dll|asp|cer|asa|shtml|shtm|aspx|asax|cgi|fcgi|pl)(\\.|$)/i', $f) || strpos($f, ":\\") !== FALSE || strpos($f, '..') !== FALSE) {
         showmessage(L('url_error'));
     }
     $fileurl = trim($f);
     if (!isset($downid) || empty($fileurl) || !preg_match("/[0-9]{10}/", $starttime) || !preg_match("/[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/", $ip) || $ip != IP) {
         showmessage(L('illegal_parameters'));
     }
     $endtime = TIME - $starttime;
     if ($endtime > 3600) {
         showmessage(L('url_invalid'));
     }
     if ($m) {
         $fileurl = trim($s) . trim($fileurl);
     }
     //远程文件
     if (strpos($fileurl, ':/') && strpos($fileurl, C('attachment', 'upload_url')) === false) {
         header("Location: {$fileurl}");
     } else {
         if ($d == 0) {
             header("Location: " . $fileurl);
         } else {
             $fileurl = str_replace(array(C('attachment', 'upload_url'), '/'), array(C('attachment', 'upload_path'), DIRECTORY_SEPARATOR), $fileurl);
             $filename = basename($fileurl);
             //处理中文文件
             if (preg_match("/^([\\s\\S]*?)([�-�][@-�])([\\s\\S]*?)/", $fileurl)) {
                 $filename = str_replace(array("%5C", "%2F", "%3A"), array("\\", "/", ":"), urlencode($fileurl));
                 $filename = urldecode(basename($filename));
             }
             $ext = File::get_suffix($filename);
             $filename = date('Ymd_his') . String::rand_string(3) . '.' . $ext;
             File::down($fileurl, $filename);
         }
     }
 }
Example #7
0
/**
 * 判断是否为视频
 */
function is_video($file)
{
    $ext_arr = array('rm', 'mpg', 'avi', 'mpeg', 'wmv', 'flv', 'asf', 'rmvb');
    $ext = File::get_suffix($file);
    return in_array($ext, $ext_arr) ? $ext_arr : false;
}
Example #8
0
 /**
  * 修改模版
  */
 public function edit_file()
 {
     if (empty($this->tpl_edit)) {
         showmessage(L('tpl_edit'));
     }
     $dir = isset($_GET['dir']) && trim($_GET['dir']) ? str_replace(array('..\\', '../', './', '.\\'), '', urldecode(trim($_GET['dir']))) : '';
     $file = isset($_GET['file']) && trim($_GET['file']) ? trim($_GET['file']) : '';
     if ($file) {
         preg_match('/^([a-zA-Z0-9])?([^.|-|_]+)/i', $file, $file_t);
         $file_t = $file_t[0];
         $file_t_v = array('header' => array('{$SEO[\'title\']}' => L('seo_title'), '{$SEO[\'site_title\']}' => L('site_title'), '{$SEO[\'keyword\']}' => L('seo_keyword'), '{$SEO[\'description\']}' => L('seo_des')), 'category' => array('{$catid}' => L('cat_id'), '{$catname}' => L('cat_name'), '{$url}' => L('cat_url'), '{$r[catname]}' => L('cat_name'), '{$r[url]}' => 'URL', '{$CATEGORYS}' => L('cats')), 'list' => array('{$catid}' => L('cat_id'), '{$catname}' => L('cat_name'), '{$url}' => L('cat_url'), '{$CATEGORYS}' => L('cats')), 'show' => array('{$title}' => L('title'), '{$inputtime}' => L('inputtime'), '{$copyfrom}' => L('comeform'), '{$content}' => L('content'), '{$previous_page[url]}' => L('pre_url'), '{$previous_page[title]}' => L('pre_title'), '{$next_page[url]}' => L('next_url'), '{$next_page[title]}' => L('next_title')), 'page' => array('{$CATEGORYS}' => L('cats'), '{$content}' => L('content')));
     }
     if ('.' . File::get_suffix($file) != $this->suffix) {
         showmessage(L("can_edit_files"));
     }
     $filepath = $this->filepath . $dir . DIRECTORY_SEPARATOR . $file;
     $is_write = 0;
     if (is_writable($filepath)) {
         $is_write = 1;
     }
     if (isset($_POST['dosubmit'])) {
         $code = isset($_POST['code']) ? stripslashes($_POST['code']) : showmessage(L('illegal_operation'), HTTP_REFERER);
         if ($is_write == 1) {
             Loader::helper('template:global');
             creat_template_bak($filepath, $this->style, $dir);
             file_put_contents($filepath, htmlspecialchars_decode($code));
             showmessage(L('operation_success'), HTTP_REFERER);
         } else {
             showmessage(L("file_does_not_writable"), HTTP_REFERER);
         }
     } else {
         if (file_exists($filepath)) {
             $data = htmlspecialchars(file_get_contents($filepath));
         } else {
             showmessage(L('file_does_not_exists'));
         }
     }
     $show_header = true;
     include $this->view('file_edit_file');
 }