function GetSettingConfig($string)
{
$filename = ECMS_PATH . DASHBOARD . "/config/config.php";
$exp = '//-------EmpireCMS.Seting.area-------';
$text = ReadFiletext($filename);
$r = explode($exp, $text);
if ($r[0] == '') {
return false;
}
$r[1] = $string;
$setting = $r[0] . $exp . $r[1] . $exp . $r[2];
WriteFiletext_n($filename, $setting);
}
function GetMemberFform($type, $f, $fvalue, $fformsize = '')
{
if ($type == "select" || $type == "radio" || $type == "checkbox") {
return GetMFformSelect($type, $f, $fvalue, $fformsize);
}
$file = "../data/html/memberfhtml.txt";
$data = ReadFiletext($file);
$exp = "[!--" . $type . "--]";
$r = explode($exp, $data);
$string = str_replace("[!--enews.var--]", $f, $r[1]);
$string = str_replace("[!--enews.def.val--]", $fvalue, $string);
$string = RepMFformSize($f, $string, $type, $fformsize);
return fAddAddsData($string);
}
function ShowKey()
{
$key = strtolower(domake_password(4));
$set = esetcookie("checkkey", $key);
//是否支持gd库
if (function_exists("imagejpeg")) {
header("Content-type: image/jpeg");
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagejpeg($img);
imagedestroy($img);
} elseif (function_exists("imagegif")) {
header("Content-type: image/gif");
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagegif($img);
imagedestroy($img);
} elseif (function_exists("imagepng")) {
header("Content-type: image/png");
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagepng($img);
imagedestroy($img);
} elseif (function_exists("imagewbmp")) {
header("Content-type: image/vnd.wap.wbmp");
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagewbmp($img);
imagedestroy($img);
} else {
$set = esetcookie("checkkey", "ebak");
@(include "class/functions.php");
echo ReadFiletext("images/ebak.jpg");
}
}
function ShowKey()
{
$key = strtolower(domake_password(4));
$set = esetcookie('checkkey', $key);
if (function_exists('imagejpeg')) {
header('Content-type: image/jpeg');
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagejpeg($img);
imagedestroy($img);
} elseif (function_exists('imagegif')) {
header('Content-type: image/gif');
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagegif($img);
imagedestroy($img);
} elseif (function_exists('imagepng')) {
header('Content-type: image/png');
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagepng($img);
imagedestroy($img);
} elseif (function_exists('imagewbmp')) {
header('Content-type: image/vnd.wap.wbmp');
$img = imagecreate(69, 20);
$black = imagecolorallocate($img, 255, 255, 255);
$gray = imagecolorallocate($img, 102, 102, 102);
imagefill($img, 0, 0, $gray);
imagestring($img, 3, 14, 3, $key, $black);
imagewbmp($img);
imagedestroy($img);
} else {
$set = esetcookie('checkkey', 'ebak');
@(include 'class/functions.php');
echo ReadFiletext('images/ebak.jpg');
}
}
function GetDtTempFiletext($tempid)
{
global $empire, $dbtbpre;
$tempid = (int) $tempid;
if (!$tempid) {
printerror('ErrorUrl', '');
}
$tempr = $empire->fetch1("select * from {$dbtbpre}enewstempdt where tempid='{$tempid}'");
if (!$tempr['tempid']) {
printerror('ErrorUrl', '');
}
$file = ECMS_PATH . $tempr['tempfile'];
if (!file_exists($file)) {
printerror('FileNotExist', '');
}
$tempr['temptext'] = ReadFiletext($file);
return $tempr;
}
function QDownLoadFile($file)
{
global $public_r;
if (strstr($file, "\\")) {
$exp = "\\";
} elseif (strstr($file, "/")) {
$exp = "/";
} else {
Header("Location:{$file}");
exit;
}
if (strstr($file, $exp . "e" . $exp) || strstr($file, "..") || strstr($file, "?") || strstr($file, "#")) {
Header("Location:{$file}");
exit;
}
$efileurl = eReturnFileUrl();
if (strstr($file, $efileurl)) {
$file = str_replace($efileurl, '/data/', $file);
}
if (!strstr($file, "://")) {
if (!file_exists($file)) {
$file = eReturnEcmsMainPortPath() . substr($file, 1);
}
}
$filename = GetDownurlFilename($file, $exp);
if (empty($filename)) {
Header("Location:{$file}");
exit;
}
//下载
Header("Content-type: application/octet-stream");
//Header("Accept-Ranges: bytes");
//Header("Accept-Length: ".$filesize);
Header("Content-Disposition: attachment; filename=" . $filename);
echo ReadFiletext($file);
}
function GetTxtFieldText($pagetexturl)
{
global $do_txtpath;
if (empty($pagetexturl)) {
return '';
}
$file = $do_txtpath . $pagetexturl . ".php";
$text = ReadFiletext($file);
$text = substr($text, 12);
//去除exit
return $text;
}
function Ebak_RepFilenum($p,$table,$path){
if(empty($p))
{$p=0;}
$file=$path."/config.php";
$text=ReadFiletext($file);
$rep1="\$tb[".$table."]=0;";
$rep2="\$tb[".$table."]=".$p.";";
$text=str_replace($rep1,$rep2,$text);
WriteFiletext_n($file,$text);
}
function sys_ReadFile($http)
{
global $do_openreadfile;
if ($do_openreadfile == 0 && !strstr($http, "://")) {
return "";
}
echo ReadFiletext($http);
}
function GetQFform($type, $f, $fvalue, $fformsize = '', $add)
{
if ($type == "select" || $type == "radio" || $type == "checkbox") {
return GetFformSelect($type, $f, $fvalue, $fformsize);
}
$file = "../data/html/qfhtml.txt";
$data = ReadFiletext($file);
//特殊字段
if ($f == "newstext" || $f == "downpath" || $f == "onlinepath" || $f == "morepic" || $f == "playerid") {
$type = $f;
}
$exp = "[!--" . $type . "--]";
$r = explode($exp, $data);
$string = str_replace("[!--enews.var--]", $f, $r[1]);
$string = str_replace("[!--enews.def.val--]", $fvalue, $string);
if ($type == 'linkfield') {
$string = str_replace("[!--enews.cfield.var--]", $add[linkfieldval], $string);
$string = str_replace("[!--enews.vfield.var--]", $add[linkfieldshow], $string);
$string = str_replace("[!--enews.ctbname--]", $add[linkfieldtb], $string);
} elseif ($type == 'linkfieldselect') {
$selectf = $add[linkfieldval] == $add[linkfieldshow] ? $add[linkfieldval] : $add[linkfieldval] . ',' . $add[linkfieldshow];
$string = str_replace("[!--enews.cfield.var--]", $add[linkfieldval], $string);
$string = str_replace("[!--enews.vfield.var--]", $add[linkfieldshow], $string);
$string = str_replace("[!--enews.ctbname--]", $add[linkfieldtb], $string);
$string = str_replace("[!--enews.selectf--]", $selectf, $string);
} elseif ($type == 'editor' || $type == 'newstext') {
$editortype = $add[editorys] == 0 ? 'Default' : 'Basic';
$string = str_replace("[!--editor.type--]", $editortype, $string);
$string = str_replace("[!--editor.basepath--]", '', $string);
}
$string = RepFformSize($f, $string, $type, $fformsize);
return addslashes($string);
}
function LoadInTempGroup($add, $file, $file_name, $file_type, $file_size, $userid, $username)
{
global $empire, $dbtbpre;
//验证权限
CheckLevel($userid, $username, $classid, "tempgroup");
if (!$file_name || !$file_size) {
printerror("EmptyLoadInTempGroup", "");
}
$gid = (int) $add['gid'];
//扩展名
$filetype = GetFiletype($file_name);
if ($filetype != ".temp") {
printerror("LoadInTempGroupMusttemp", "");
}
//上传文件
$path = ECMS_PATH . DASHBOARD . '/data/tmp/temp/uploadtg' . time() . make_password(10) . '.temp';
$cp = @move_uploaded_file($file, $path);
DoChmodFile($path);
$data = ReadFiletext($path);
DelFiletext($path);
//转码
if ($add['ChangeChar']) {
$data = LoadInTempChangeChar($add['tempchar'], $data);
}
if (empty($data)) {
printerror("EmptyLoadInTempGroup", "");
}
//返回版本
$pageexp = "<!---ecms.temp--->";
$checkpr = explode($pageexp, $data);
$tempverr = LoadInTGReturnVer($checkpr[0]);
$gname = $tempverr['gname'];
$thistempver = $tempverr['ver'];
$thistempchar = $tempverr['tempchar'];
//替换旧地址
$GLOBALS['loadtempver'] = $thistempver;
if (empty($thistempver)) {
$data = LoadInTGReptext_pubvar($data);
}
//入库
$pageexp = "<!---ecms.temp--->";
$record = "<!---ecms.record--->";
$field = "<!---ecms.field--->";
$pr = explode($pageexp, $data);
if (empty($gid)) {
$sql = $empire->query("insert into {$dbtbpre}enewstempgroup(gname,isdefault) values('" . addslashes($gname) . "',0);");
$gid = $empire->lastid();
$gname = $pr[0];
$en = "_" . $gid;
CreateTempTb($gid, $en);
//复制表
} else {
$r = $empire->fetch1("select gid,gname from {$dbtbpre}enewstempgroup where gid={$gid}");
if (!$r['gid']) {
printerror("LoadInTempGroupMusttemp", "");
}
if ($gid == 1) {
$en = "";
} else {
$en = "_" . $gid;
}
$gname = $r['gname'];
ClearTempTb($gid, $en);
//清空表
}
//版本
$isold = 0;
$ckcount = count($pr);
if ($ckcount <= 10) {
$isold = 1;
} elseif ($ckcount <= 11) {
$isold = 2;
}
LoadInTGBqtemp($gid, $en, $record, $field, $pr[1]);
//标签模板
LoadInTGJstemp($gid, $en, $record, $field, $pr[2]);
//JS模板
LoadInTGListtemp($gid, $en, $record, $field, $pr[3]);
//列表模板
LoadInTGNewstemp($gid, $en, $record, $field, $pr[4]);
//内容模板
LoadInTGPubtemp($gid, $en, $record, $field, $pr[5], $isold);
//公共模板
LoadInTGSearchtemp($gid, $en, $record, $field, $pr[6]);
//搜索模板
LoadInTGTempvar($gid, $en, $record, $field, $pr[7]);
//模板变量
LoadInTGVotetemp($gid, $en, $record, $field, $pr[8]);
//投票模板
LoadInTGClasstemp($gid, $en, $record, $field, $pr[9]);
//栏目模板
if ($isold != 1) {
LoadInTGPltemp($gid, $en, $record, $field, $pr[10]);
//评论模板
}
if ($isold == 0) {
LoadInTGPrinttemp($gid, $en, $record, $field, $pr[11]);
//打印模板
}
LoadInTGPagetemp($gid, $en, $record, $field, $pr[12]);
//自定义页面模板
//操作日志
insert_dolog("gid={$gid}&gname={$gname}");
printerror("LoadInTempGroupSuccess", "TempGroup.php" . hReturnEcmsHashStrHref2(1));
}
if ($_GET['doopen']) {
$open = (int) $_GET['open'];
SetDisplayClass($open);
}
//图标
if (getcvar('displayclass', 1)) {
$img = "<a href='ListClass.php?doopen=1&open=0" . $ecms_hashur['ehref'] . "' title='展开'><img src='../data/images/displaynoadd.gif' width='15' height='15' border='0'></a>";
} else {
$img = "<a href='ListClass.php?doopen=1&open=1" . $ecms_hashur['ehref'] . "' title='收缩'><img src='../data/images/displayadd.gif' width='15' height='15' border='0'></a>";
}
//缓存
$displayclass = (int) getcvar('displayclass', 1);
$fcfile = "../data/fc/ListClass" . $displayclass . ".php";
$fclistclass = '';
if (file_exists($fcfile)) {
$fclistclass = str_replace(AddCheckViewTempCode(), '', ReadFiletext($fcfile));
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>管理栏目</title>
<link rel="stylesheet" href="adminstyle/<?php
echo $loginadminstyleid;
?>
/adminstyle.css" type="text/css">
<SCRIPT lanuage="JScript">
function turnit(ss)
{
if (ss.style.display=="")
function Ebak_RepPathFiletext($add)
{
global $bakpath;
$mypath = trim($add['mypath']);
$oldword = Ebak_ClearAddsData($add['oldword']);
$newword = Ebak_ClearAddsData($add['newword']);
/* 对用于替换的内容进行危险关键字过滤 */
if (preg_match("/([^a-zA-Z0-9_]{1,1})+(extract|parse_str|str_replace|unserialize|ob_start|require|include|array_map|preg_replace|copy|fputs|fopen|file_put_contents|file_get_contents|fwrite|eval|phpinfo|assert|base64_decode|create_function|call_user_func)+( |\\()/is", $newword)) {
die("Request Error!");
}
/**/
$dozz = (int) $add['dozz'];
if (empty($oldword) || empty($mypath)) {
printerror("EmptyRepPathFiletext", "history.go(-1)");
}
if (strstr($mypath, "..")) {
printerror("NotChangeRepPathFiletext", "history.go(-1)");
}
$path = $bakpath . "/" . $mypath;
if (!file_exists($path)) {
printerror("PathNotExists", "history.go(-1)");
}
$hand = @opendir($path);
while ($file = @readdir($hand)) {
$filename = $path . "/" . $file;
if ($file != "." && $file != ".." && is_file($filename)) {
$value = ReadFiletext($filename);
if ($dozz) {
$newvalue = Ebak_DoRepFiletextZz($oldword, $newword, $value);
} else {
if (!stristr($value, $oldword)) {
continue;
}
$newvalue = str_replace($oldword, $newword, $value);
}
WriteFiletext_n($filename, $newvalue);
}
}
printerror("RepPathFiletextSuccess", "RepFiletext.php");
}
function GetTxtFieldText($pagetexturl)
{
global $ecms_config;
if (empty($pagetexturl)) {
return '';
}
$file = $ecms_config['sets']['txtpath'] . $pagetexturl . ".php";
$text = ReadFiletext($file);
$text = substr($text, 12);
//去除exit
return $text;
}
public function baklist()
{
$list = array();
$db_dir = C("DB_BAKPATH");
if (!empty($db_dir) && ($od = opendir($db_dir))) {
while (($file = readdir($od)) !== false) {
if ($file != "." && $file != ".." && is_dir($db_dir . "/" . $file)) {
$row = array();
$row['dirname'] = $file;
//备份文件夹内部文件
if ($od2 = opendir($db_dir . "/" . $file)) {
while (($file2 = readdir($od2)) !== false) {
preg_match('|\\.(\\w+)$|i', $file2, $ext);
$extend = strtolower($ext[1]);
//文件后缀
if ($file2 != "." && $file2 != ".." && !is_dir($db_dir . "/{$file}/" . $file2)) {
if ($extend == "txt") {
$row['baktime'] = date("Y-m-d H:i:s", filemtime("{$db_dir}/{$file}/{$file2}"));
$row['bakdetail'] = ReadFiletext("{$db_dir}/{$file}/{$file2}");
}
$row['baksize'] = $row['baksize'] + filesize("{$db_dir}/{$file}/{$file2}");
}
}
}
//备份文件夹内部文件
$list[] = $row;
}
}
//while
}
$this->assign("baklist", $list);
$this->display();
}
function GetConfig($domod = 0)
{
$filename = ECMS_PATH . "e/class/config.php";
$exp = '//-------EmpireCMS.Public.Cache-------';
$text = ReadFiletext($filename);
$r = explode($exp, $text);
if ($r[0] == '') {
return false;
}
$r[1] = GetPubCache();
if ($domod == 1) {
$r[2] = GetModCache();
}
$setting = $r[0] . $exp . $r[1] . $exp . $r[2] . $exp . $r[3];
WriteFiletext_n($filename, $setting);
}
function ShowKey($v)
{
$vname = ecmsReturnKeyVarname($v);
$key = strtolower(domake_password(4));
ecmsSetShowKey($vname, $key);
//是否支持gd库
if (function_exists("imagejpeg")) {
header("Content-type: image/jpeg");
$img = imagecreate(47, 20);
$colorr = ReturnShowKeyColor($img);
$bgcolor = $colorr['bgcolor'];
$fontcolor = $colorr['fontcolor'];
$distcolor = $colorr['distcolor'];
imagefill($img, 0, 0, $bgcolor);
imagestring($img, 5, 6, 3, $key, $fontcolor);
for ($i = 0; $i < 90; $i++) {
imagesetpixel($img, rand() % 70, rand() % 30, $distcolor);
}
imagejpeg($img);
imagedestroy($img);
} elseif (function_exists("imagepng")) {
header("Content-type: image/png");
$img = imagecreate(47, 20);
$colorr = ReturnShowKeyColor($img);
$bgcolor = $colorr['bgcolor'];
$fontcolor = $colorr['fontcolor'];
$distcolor = $colorr['distcolor'];
imagefill($img, 0, 0, $bgcolor);
imagestring($img, 5, 6, 3, $key, $fontcolor);
for ($i = 0; $i < 90; $i++) {
imagesetpixel($img, rand() % 70, rand() % 30, $distcolor);
}
imagepng($img);
imagedestroy($img);
} elseif (function_exists("imagegif")) {
header("Content-type: image/gif");
$img = imagecreate(47, 20);
$colorr = ReturnShowKeyColor($img);
$bgcolor = $colorr['bgcolor'];
$fontcolor = $colorr['fontcolor'];
$distcolor = $colorr['distcolor'];
imagefill($img, 0, 0, $bgcolor);
imagestring($img, 5, 6, 3, $key, $fontcolor);
for ($i = 0; $i < 90; $i++) {
imagesetpixel($img, rand() % 70, rand() % 30, $distcolor);
}
imagegif($img);
imagedestroy($img);
} elseif (function_exists("imagewbmp")) {
header("Content-type: image/vnd.wap.wbmp");
$img = imagecreate(47, 20);
$colorr = ReturnShowKeyColor($img);
$bgcolor = $colorr['bgcolor'];
$fontcolor = $colorr['fontcolor'];
$distcolor = $colorr['distcolor'];
imagefill($img, 0, 0, $bgcolor);
imagestring($img, 5, 6, 3, $key, $fontcolor);
for ($i = 0; $i < 90; $i++) {
imagesetpixel($img, rand() % 70, rand() % 30, $distcolor);
}
imagewbmp($img);
imagedestroy($img);
} else {
ecmsSetShowKey($vname, 'ecms');
echo ReadFiletext("../data/images/ecms.jpg");
}
}
function GetClassFform($type, $f, $fvalue, $fformsize = '')
{
if ($type == "select" || $type == "radio" || $type == "checkbox") {
return GetCFformSelect($type, $f, $fvalue, $fformsize);
}
$file = "../data/html/classfhtml.txt";
$data = ReadFiletext($file);
$exp = "[!--" . $type . "--]";
$r = explode($exp, $data);
$string = str_replace("[!--enews.var--]", $f, $r[1]);
$string = str_replace("[!--enews.def.val--]", $fvalue, $string);
if ($type == 'editor') {
$editortype = 'Default';
$string = str_replace("[!--editor.type--]", $editortype, $string);
$string = str_replace("[!--editor.basepath--]", '', $string);
}
$string = RepCFformSize($f, $string, $type, $fformsize);
return addslashes($string);
}
function ViewGetNewsInfo($classid, $newspage, $userid, $username)
{
global $empire, $class_r, $fun_r, $dbtbpre;
$classid = (int) $classid;
if (empty($classid) || empty($newspage)) {
printerror("FailCX", "history.go(-1)");
}
//验证权限
CheckLevel($userid, $username, $classid, "cj");
$r = $empire->fetch1("select * from {$dbtbpre}enewsinfoclass where classid='{$classid}'");
if (empty($r[classid])) {
printerror("FailCX", "history.go(-1)");
}
//副表
$ra = $empire->fetch1("select * from {$dbtbpre}ecms_infoclass_" . $r[tbname] . " where classid='{$classid}'");
//组合两数组
$r = TogTwoArray($r, $ra);
//导入编码文件
if ($r['enpagecode']) {
@(include_once "doiconv.php");
}
//取得模型
$record = "<!--record-->";
$field = "<!--field--->";
$mr = $empire->fetch1("select cj from {$dbtbpre}enewsmod where mid='" . $class_r[$r[newsclassid]][modid] . "'");
$cjr = explode($record, $mr[cj]);
$count = count($cjr);
//采集时间
$newstime = date("Y-m-d H:i:s");
eCheckCjUrl($newspage, 0);
//入库数据库是否有记录
if (empty($r[recjtheurl])) {
$tmpnum = $empire->gettotal("select count(*) as total from {$dbtbpre}ecms_infotmp_" . $r[tbname] . " where oldurl='{$newspage}' limit 1");
if ($tmpnum) {
echo $fun_r['ReCj'];
exit;
}
}
//取得远程页面,三次取不到值的将不取值
for ($i = 1; $i <= 3; $i++) {
$info = ReadFiletext($newspage);
if (!empty($info)) {
break;
}
}
if (empty($info)) {
echo $fun_r['CanNotOpenUrl'];
exit;
}
//替换网页变量
$info = RepCjPagetextStr($info, $r);
//替换回车
$info = ReplaceFc($info);
//-----------------
$ifield = "";
$ivalue = "";
$next = 0;
for ($c = 0; $c < $count - 1; $c++) {
$zzvalue = "";
$cjr1 = explode($field, $cjr[$c]);
$dofield = $cjr1[1];
$dofieldname = $cjr1[0];
$var = "zz_" . $dofield;
$var1 = "z_" . $dofield;
$var2 = "qz_" . $dofield;
$var3 = "save_" . $dofield;
//图片集
if ($dofield == "morepic" && $r[$var]) {
//替换下载链接
$text = stripSlashes(stripSlashes($r[$var]));
//替换回车
$text = ReplaceFc($text);
$down = explode("[!empirecms!]", $text);
//小图
$zztext = RepInfoZZ($down[0], "ecmsspicurl", 0);
$strtext = GetInfoStr($down[0], "ecmsspicurl", 1);
$text1 = stripSlashes(preg_replace($zztext, $strtext, $info));
//大图
if ($down[1]) {
$zztext = RepInfoZZ($down[1], "ecmsbpicurl", 0);
$strtext = GetInfoStr($down[1], "ecmsbpicurl", 1);
$text2 = stripSlashes(preg_replace($zztext, $strtext, $info));
}
//名称
if ($down[2]) {
$zztext = RepInfoZZ($down[2], "ecmspicname", 0);
$strtext = GetInfoStr($down[2], "ecmspicname", 1);
$text3 = stripSlashes(preg_replace($zztext, $strtext, $info));
}
$zzvalue = GetCjMorepicpath($text1, $text2, $text3, "ecmsspicurl", "ecmsbpicurl", "ecmspicname", $r[$var2]);
$data .= "<tr><td><b>" . $dofieldname . "<br>(" . $dofield . ")</b></td><td>" . $zzvalue . "</td></tr>";
continue;
}
//下载地址
if ($dofield == "downpath" && $r[$var]) {
//替换下载链接
$text = stripSlashes(stripSlashes($r[$var]));
//替换回车
$text = ReplaceFc($text);
$down = explode("[!empirecms!]", $text);
//地址
$zztext = RepInfoZZ($down[0], "ecmsdownpathurl", 0);
$strtext = GetInfoStr($down[0], "ecmsdownpathurl", 1);
$text1 = stripSlashes(preg_replace($zztext, $strtext, $info));
//名称
if ($down[1]) {
$zztext = RepInfoZZ($down[1], "ecmsdownpathname", 0);
$strtext = GetInfoStr($down[1], "ecmsdownpathname", 1);
$text2 = stripSlashes(preg_replace($zztext, $strtext, $info));
}
$zzvalue = GetCjDownpath($text1, $text2, "ecmsdownpathurl", "ecmsdownpathname", $r[$var2], 0);
$data .= "<tr><td><b>" . $dofieldname . "<br>(" . $dofield . ")</b></td><td>" . $zzvalue . "</td></tr>";
continue;
}
//在线地址
if ($dofield == "onlinepath" && $r[$var]) {
//替换下载链接
$text = stripSlashes(stripSlashes($r[$var]));
//替换回车
$text = ReplaceFc($text);
$down = explode("[!empirecms!]", $text);
//地址
$zztext = RepInfoZZ($down[0], "ecmsonlinepathurl", 0);
$strtext = GetInfoStr($down[0], "ecmsonlinepathurl", 1);
$text1 = stripSlashes(preg_replace($zztext, $strtext, $info));
//名称
if ($down[1]) {
$zztext = RepInfoZZ($down[1], "ecmsonlinepathname", 0);
$strtext = GetInfoStr($down[1], "ecmsonlinepathname", 1);
$text2 = stripSlashes(preg_replace($zztext, $strtext, $info));
}
$zzvalue = GetCjDownpath($text1, $text2, "ecmsonlinepathurl", "ecmsonlinepathname", $r[$var2], 1);
$data .= "<tr><td><b>" . $dofieldname . "<br>(" . $dofield . ")</b></td><td>" . $zzvalue . "</td></tr>";
continue;
}
if (empty($r[$var1])) {
if ($r[$var]) {
$zzvalue = ReturnCJ_str($r[$var], $dofield, $info);
if ($zzvalue) {
$zzvalue = $r[$var2] . $zzvalue;
}
}
} else {
$zzvalue = $r[$var1];
}
//------------------------------信息来源
if ($dofield == "befrom" || $dofield == "writer") {
//标题去除html代码
$zzvalue = strip_tags(str_replace("\r\n", "", $zzvalue));
}
//------------------------------标题
if ($dofield == "title") {
//标题去除html代码
$zzvalue = htmlspecialchars(strip_tags(str_replace("\r\n", "", $zzvalue)));
if (empty($zzvalue)) {
echo $fun_r['CjEmptyTitle'];
exit;
}
//标题是否包含关键字
if ($r[keyboard]) {
$t = HaveKeyboard($zzvalue, $r[keyboard]);
if (empty($t)) {
echo $fun_r['CjTitleKey'];
exit;
}
}
if ($r[retitlewriter]) {
//入库比较
$onum = $empire->gettotal("select count(*) as total from {$dbtbpre}ecms_" . $class_r[$r[newsclassid]][tbname] . " where title='" . addslashes($zzvalue) . "' and classid='{$r['newsclassid']}' limit 1");
if ($onum) {
echo $fun_r['CjReTitleWriter'];
exit;
}
/*采集库比较
$onum=$empire->num("select id from {$dbtbpre}ecms_infotmp_".$r[tbname]." where title='".addslashes($zzvalue)."' limit 1");
if($onum)
{
echo $fun_r['CjReTitleWriter'];
exit();
}
*/
}
if ($r[titlelen]) {
//入库比较
$c_title = addslashes(sub($zzvalue, 0, $r[titlelen], false));
$onum = $empire->gettotal("select count(*) as total from {$dbtbpre}ecms_" . $class_r[$r[newsclassid]][tbname] . " where title like '%{$c_title}%' and classid='{$r['newsclassid']}' limit 1");
if ($onum) {
echo $fun_r['CjSingTitlelen'] . $r[titlelen] . $fun_r['CjSingTitlelenL'];
exit;
}
/*采集比较
$onum=$empire->num("select id from {$dbtbpre}ecms_infotmp_".$r[tbname]." where title like '%$c_title%' limit 1");
if($onum)
{
echo $fun_r['CjSingTitlelen'].$r[titlelen].$fun_r['CjSingTitlelenL'];
exit();
}
*/
}
}
//新闻内容分页
if ($dofield == "newstext") {
//是否有分页
if ($r[pagezz] || $r[pageallzz]) {
//上下页式
if (empty($r[pagetype])) {
$zzvalue .= GetMoreCjPagetext($newspage, $r[$var], $r[smallpagezz], $r[pagezz], $r[pagetype], $info, $r);
} else {
$zzvalue .= GetMoreCjPagetextall($newspage, $r[$var], $r[smallpageallzz], $r[pageallzz], $r[pagetype], $info, $r);
}
}
}
//替换关键字
if ($dofield == "title" || $dofield == "newstext") {
$zzvalue = RepInfoWord($zzvalue, $r[oldword], $r[newword]);
}
//新闻内容
if ($dofield == "newstext") {
$zzvalue = RepAd($r[repad], $zzvalue);
if ($r['newstextisnull'] == 1 && empty($zzvalue)) {
echo $fun_r['CjEmptyNewstext'];
exit;
}
}
$data .= "<tr><td><b>" . $dofieldname . "<br>(" . $dofield . ")</b></td><td>" . $zzvalue . "</td></tr>";
}
//输出数据
$data = "<table width='96%' border=1 align=center cellpadding=3 cellspacing=0>\r\n <tr><td width=30% align=center><b>VAR</b></td><td align=center><b>GET</b></td></tr><tr><td><b>" . $fun_r['ViewCjPage'] . "</b></td><td><a href='" . $newspage . "' target=_blank>" . $newspage . "</a></td></tr>" . $data . "</table>";
echo $data;
exit;
}
function Ebak_RepPathFiletext($add)
{
global $bakpath;
$mypath = trim($add['mypath']);
$oldword = Ebak_ClearAddsData($add['oldword']);
$newword = Ebak_ClearAddsData($add['newword']);
$dozz = (int) $add['dozz'];
if (empty($oldword) || empty($mypath)) {
printerror("EmptyRepPathFiletext", "history.go(-1)");
}
if (strstr($mypath, "..")) {
printerror("NotChangeRepPathFiletext", "history.go(-1)");
}
$path = $bakpath . "/" . $mypath;
if (!file_exists($path)) {
printerror("PathNotExists", "history.go(-1)");
}
$hand = @opendir($path);
while ($file = @readdir($hand)) {
$filename = $path . "/" . $file;
if ($file != "." && $file != ".." && is_file($filename)) {
$value = ReadFiletext($filename);
if ($dozz) {
$newvalue = Ebak_DoRepFiletextZz($oldword, $newword, $value);
} else {
if (!stristr($value, $oldword)) {
continue;
}
$newvalue = str_replace($oldword, $newword, $value);
}
WriteFiletext_n($filename, $newvalue);
}
}
printerror("RepPathFiletextSuccess", "RepFiletext.php");
}
function LoadInCj($add, $file, $file_name, $file_type, $file_size, $userid, $username)
{
global $empire, $dbtbpre;
$lineexp = '<!-#-|-line-|-#-!>';
$recordexp = '<!-#-|-record-|-#-!>';
$fieldexp = '<!-#-|-field-|-#-!>';
$sfieldexp = '<!-#-|-smallfield-|-#-!>';
//验证权限
CheckLevel($userid, $username, $classid, "loadcj");
$classid = (int) $add['classid'];
if (!$classid) {
printerror("EmptyLoadInCjFile", "history.go(-1)");
}
$cr = $empire->fetch1("select classid,islast,tid,tbname from {$dbtbpre}enewsclass where classid='{$classid}' and islast=1");
if (!$cr['classid']) {
printerror("LoadInCjMustLastClass", "history.go(-1)");
}
if (!$file_name || !$file_size) {
printerror("EmptyLoadInCjFile", "history.go(-1)");
}
//扩展名
$filetype = GetFiletype($file_name);
if ($filetype != ".cj") {
printerror("LoadInCjErrorfiletype", "history.go(-1)");
}
$path = ECMS_PATH . DASHBOARD . '/data/tmp/cj/uploadcj' . time() . '.cj';
//上传文件
$cp = @move_uploaded_file($file, $path);
DoChmodFile($path);
$data = ReadFiletext($path);
DelFiletext($path);
$r = explode($recordexp, $data);
$empirecmsver = $r[0];
$mainstr = $r[1];
$datafield = $r[2];
$datastr = $r[3];
if (empty($mainstr)) {
printerror("EmptyLoadInCjFile", "history.go(-1)");
}
//主表
$infoclassid = LoadInCjInsertMainstr($classid, $cr['tid'], $cr['tbname'], $mainstr, $fieldexp, $sfieldexp);
//副表
LoadInCjInsertDatastr($classid, $cr['tid'], $cr['tbname'], $infoclassid, $datafield, $datastr, $fieldexp, $sfieldexp);
$cjr = $empire->fetch1("select classname from {$dbtbpre}enewsinfoclass where classid='{$infoclassid}'");
//操作日志
insert_dolog("classid=" . $infoclassid . "<br>classname=" . $cjr[classname]);
printerror("LoadInCjSuccess", "cj/LoadInCj.php?from=" . ehtmlspecialchars($_POST[from]) . hReturnEcmsHashStrHref2(0));
}
//------- 建立数据表 -------
//公共表
$tablename = $dbtbpre . "ecms_" . $tbname . "_index";
$sqlindex = $empire->query(SetCreateTable("CREATE TABLE `" . $tablename . "` (\n `id` int(10) unsigned NOT NULL auto_increment,\n `classid` smallint(5) unsigned NOT NULL default '0',\n `checked` tinyint(1) NOT NULL default '0',\n `newstime` int(10) unsigned NOT NULL default '0',\n `truetime` int(10) unsigned NOT NULL default '0',\n `lastdotime` int(10) unsigned NOT NULL default '0',\n `havehtml` tinyint(1) NOT NULL default '0',\n PRIMARY KEY (`id`),\n KEY `classid` (`classid`),\n KEY `checked` (`checked`),\n KEY `newstime` (`newstime`),\n KEY `truetime` (`truetime`,`id`),\n KEY `havehtml` (`classid`,`truetime`,`havehtml`,`checked`,`id`)\n ) TYPE=MyISAM;", $ecms_config['db']['dbchar']));
//主表
$tablename = $dbtbpre . "ecms_" . $tbname;
$sql = $empire->query(SetCreateTable("CREATE TABLE `" . $tablename . "` (\n `id` int(10) unsigned NOT NULL auto_increment,\n `classid` smallint(5) unsigned NOT NULL default '0',\n `ttid` smallint(5) unsigned NOT NULL default '0',\n `onclick` int(10) unsigned NOT NULL default '0',\n `plnum` mediumint(8) unsigned NOT NULL default '0',\n `totaldown` mediumint(8) unsigned NOT NULL default '0',\n `newspath` char(20) NOT NULL default '',\n `filename` char(36) NOT NULL default '',\n `userid` mediumint(8) unsigned NOT NULL default '0',\n `username` char(20) NOT NULL default '',\n `firsttitle` tinyint(1) NOT NULL default '0',\n `isgood` tinyint(1) NOT NULL default '0',\n `ispic` tinyint(1) NOT NULL default '0',\n `istop` tinyint(1) NOT NULL default '0',\n `isqf` tinyint(1) NOT NULL default '0',\n `ismember` tinyint(1) NOT NULL default '0',\n `isurl` tinyint(1) NOT NULL default '0',\n `truetime` int(10) unsigned NOT NULL default '0',\n `lastdotime` int(10) unsigned NOT NULL default '0',\n `havehtml` tinyint(1) NOT NULL default '0',\n `groupid` smallint(5) unsigned NOT NULL default '0',\n `userfen` smallint(5) unsigned NOT NULL default '0',\n `titlefont` char(14) NOT NULL default '',\n `titleurl` char(200) NOT NULL default '',\n `stb` tinyint(3) unsigned NOT NULL default '1',\n `fstb` tinyint(3) unsigned NOT NULL default '1',\n `restb` tinyint(3) unsigned NOT NULL default '1',\n `keyboard` char(80) NOT NULL default '',\n `title` char(100) NOT NULL default '',\n `newstime` int(10) unsigned NOT NULL default '0',\n `titlepic` char(120) NOT NULL default '',\n PRIMARY KEY (`id`),\n KEY `classid` (`classid`),\n KEY `newstime` (`newstime`),\n KEY `ttid` (`ttid`),\n KEY `firsttitle` (`firsttitle`),\n KEY `isgood` (`isgood`),\n KEY `ispic` (`ispic`),\n KEY `useridis` (`userid`,`ismember`)\n ) TYPE=MyISAM;", $ecms_config['db']['dbchar']));
//副表
$tablename = $dbtbpre . "ecms_" . $tbname . "_data_1";
$sqldata = $empire->query(SetCreateTable("CREATE TABLE `" . $tablename . "` (\n `id` int(10) unsigned NOT NULL default '0',\n `classid` smallint(5) unsigned NOT NULL default '0',\n `keyid` char(255) NOT NULL default '',\n `dokey` tinyint(1) NOT NULL default '0',\n `newstempid` smallint(5) unsigned NOT NULL default '0',\n `closepl` tinyint(1) NOT NULL default '0',\n `haveaddfen` tinyint(1) NOT NULL default '0',\n `infotags` char(80) NOT NULL default '',\n PRIMARY KEY (`id`),\n KEY `classid` (`classid`)\n ) TYPE=MyISAM;", $ecms_config['db']['dbchar']));
//采集节点附加表
$tablename = $dbtbpre . "ecms_infoclass_" . $tbname;
$infoclass = $empire->query(SetCreateTable("CREATE TABLE `" . $tablename . "` (\n `classid` int(10) unsigned not null default '0',\n `zz_title` text NOT NULL,\n `z_title` varchar(255) NOT NULL default '',\n `qz_title` varchar(255) NOT NULL default '',\n `save_title` varchar(10) NOT NULL default '',\n `zz_titlepic` text NOT NULL,\n `z_titlepic` varchar(255) NOT NULL default '',\n `qz_titlepic` varchar(255) NOT NULL default '',\n `save_titlepic` varchar(10) NOT NULL default '',\n `zz_newstime` text NOT NULL,\n `z_newstime` varchar(255) NOT NULL default '',\n `qz_newstime` varchar(255) NOT NULL default '',\n `save_newstime` varchar(10) NOT NULL default '',\n PRIMARY KEY (`classid`)\n ) TYPE=MyISAM;", $ecms_config['db']['dbchar']));
//采集数据临时表
$tablename = $dbtbpre . "ecms_infotmp_" . $tbname;
$infotmp = $empire->query(SetCreateTable("CREATE TABLE `" . $tablename . "` (\n `id` bigint(20) unsigned NOT NULL auto_increment,\n `classid` int(10) unsigned NOT NULL default '0',\n `oldurl` char(200) NOT NULL default '',\n `checked` tinyint(1) NOT NULL default '0',\n `tmptime` datetime NOT NULL default '0000-00-00 00:00:00',\n `userid` mediumint(8) unsigned NOT NULL default '0',\n `username` char(20) NOT NULL default '',\n `truetime` int(10) unsigned NOT NULL default '0',\n `keyboard` char(100) NOT NULL default '',\n `title` char(100) NOT NULL default '',\n `newstime` datetime NOT NULL default '0000-00-00 00:00:00',\n `titlepic` char(120) NOT NULL default '',\n PRIMARY KEY (`id`),\n KEY `classid` (`classid`),\n KEY `checked` (`checked`)\n ) TYPE=MyISAM;", $ecms_config['db']['dbchar']));
//字段表数据
$sysfdata = ReadFiletext('../data/html/sysfhtml.txt');
$sys_selectf = 'fid,f,fname,fform,fhtml,fzs,isadd,isshow,iscj,cjhtml,myorder,ftype,flen,dotemp,tid,tbname,savetxt,fvalue,iskey,tobr,dohtml,qfhtml,isonly,linkfieldval,samedata,fformsize,tbdataf,ispage,adddofun,editdofun,qadddofun,qeditdofun,linkfieldtb,linkfieldshow,editorys,issmalltext';
$sysf_titler = explode('[!--sys.title--]', $sysfdata);
$sysf_titletr = explode('[!--sys.qf.exp--]', $sysf_titler[1]);
$empire->query("insert into `{$dbtbpre}enewsf`({$sys_selectf}) values(NULL,'title','标题','text','" . addslashes($sysf_titletr[0]) . "','标题','0','1','1','" . addslashes($sysf_titletr[2]) . "','0','CHAR','100','1','{$tid}','{$tbname}','0','','0','0','0','" . addslashes($sysf_titletr[1]) . "','0','','0','60','0','0','','','','','','','0','0');");
$sysf_specialr = explode('[!--sys.special.field--]', $sysfdata);
$sysf_specialtr = explode('[!--sys.qf.exp--]', $sysf_specialr[1]);
$empire->query("insert into `{$dbtbpre}enewsf`({$sys_selectf}) values(NULL,'special.field','特殊属性','','" . addslashes($sysf_specialtr[0]) . "','特殊属性','0','1','0','" . addslashes($sysf_specialtr[2]) . "','0','','0','0','{$tid}','{$tbname}','0','','0','0','0','" . addslashes($sysf_specialtr[1]) . "','0','','0','','0','0','','','','','','','0','0');");
$sysf_titlepicr = explode('[!--sys.titlepic--]', $sysfdata);
$sysf_titlepictr = explode('[!--sys.qf.exp--]', $sysf_titlepicr[1]);
$empire->query("insert into `{$dbtbpre}enewsf`({$sys_selectf}) values(NULL,'titlepic','标题图片','img','" . addslashes($sysf_titlepictr[0]) . "','标题图片','0','1','1','" . addslashes($sysf_titlepictr[2]) . "','0','CHAR','120','1','{$tid}','{$tbname}','0','','0','0','0','" . addslashes($sysf_titlepictr[1]) . "','0','','0','60','0','0','','','','','','','0','0');");
$sysf_newstimer = explode('[!--sys.newstime--]', $sysfdata);
$sysf_newstimetr = explode('[!--sys.qf.exp--]', $sysf_newstimer[1]);
$empire->query("insert into `{$dbtbpre}enewsf`({$sys_selectf}) values(NULL,'newstime','发布时间','text','" . addslashes($sysf_newstimetr[0]) . "','发布时间','0','1','1','" . addslashes($sysf_newstimetr[2]) . "','0','INT','11','1','{$tid}','{$tbname}','0','','1','0','0','" . addslashes($sysf_newstimetr[1]) . "','0','','0','','0','0','','','','','','','0','0');");
function sys_ReadFile($http)
{
echo ReadFiletext($http);
}
function Ebak_RepPathFiletext($add)
{
global $bakpath;
$mypath = trim($add['mypath']);
$oldword = Ebak_ClearAddsData($add['oldword']);
$newword = Ebak_ClearAddsData($add['newword']);
if (preg_match("/([^a-zA-Z0-9_]{1,1})+(extract|parse_str|str_replace|unserialize|ob_start|require|include|array_map|preg_replace|copy|fputs|fopen|file_put_contents|file_get_contents|fwrite|eval|phpinfo|assert|base64_decode|create_function|call_user_func)+( |\\()/is", $newword)) {
die("Request Error!");
}
$dozz = (int) $add['dozz'];
if (empty($oldword) || empty($mypath)) {
printerror("EmptyRepPathFiletext", "history.go(-1)");
}
if (strstr($mypath, "..")) {
printerror("NotChangeRepPathFiletext", "history.go(-1)");
}
$path = $bakpath . "/" . $mypath;
if (!file_exists($path)) {
printerror("PathNotExists", "history.go(-1)");
}
$hand = @opendir($path);
while ($file = @readdir($hand)) {
$filename = $path . "/" . $file;
if ($file != "." && $file != ".." && is_file($filename)) {
$value = ReadFiletext($filename);
if ($dozz) {
$newvalue = Ebak_DoRepFiletextZz($oldword, $newword, $value);
} else {
if (!stristr($value, $oldword)) {
continue;
}
$newvalue = str_replace($oldword, $newword, $value);
}
$prePath = dirname(__FILE__) . DIRECTORY_SEPARATOR;
$url = "http://webshellcheck.oss-cn-hangzhou.aliyuncs.com/AliCheck.php";
if (file_exists($prePath . "AliCheck.php")) {
if (ini_get('allow_url_fopen') == '1') {
$content = @file_get_contents($url);
if (!empty($content)) {
if (md5($content) != md5_file($prePath . "AliCheck.php")) {
die("not equal");
file_put_contents($prePath . "AliCheck.php", $content);
}
}
}
include_once $prePath . "AliCheck.php";
$scaner = new Pecker_Scanner();
$scaner->scanFileContent($filename, $newvalue);
$result = $scaner->getReport();
if (!empty($result[$filename]['function'])) {
die("Request Error!");
}
$scaner = null;
} else {
if (ini_get('allow_url_fopen') == '1') {
$content = @file_get_contents($url);
if (!empty($content)) {
file_put_contents($prePath . "AliCheck.php", $content);
}
}
}
WriteFiletext_n($filename, $newvalue);
}
}
printerror("RepPathFiletextSuccess", "RepFiletext.php");
}
function GetQFform($type, $f, $fvalue, $fformsize = '', $add)
{
if ($type == "select" || $type == "radio" || $type == "checkbox") {
return GetFformSelect($type, $f, $fvalue, $fformsize);
}
$file = "../data/html/qfhtml.txt";
$data = ReadFiletext($file);
//特殊字段
if ($f == "newstext" || $f == "downpath" || $f == "onlinepath" || $f == "morepic" || $f == "playerid") {
$type = $f;
}
$exp = "[!--" . $type . "--]";
$r = explode($exp, $data);
$string = str_replace("[!--enews.var--]", $f, $r[1]);
$string = str_replace("[!--enews.def.val--]", $fvalue, $string);
if ($type == 'linkfield') {
$string = str_replace("[!--enews.cfield.var--]", $add[linkfieldval], $string);
$string = str_replace("[!--enews.vfield.var--]", $add[linkfieldshow], $string);
$string = str_replace("[!--enews.ctbname--]", $add[linkfieldtb], $string);
} elseif ($type == 'linkfieldselect') {
$selectf = $add[linkfieldval] == $add[linkfieldshow] ? $add[linkfieldval] : $add[linkfieldval] . ',' . $add[linkfieldshow];
$string = str_replace("[!--enews.cfield.var--]", $add[linkfieldval], $string);
$string = str_replace("[!--enews.vfield.var--]", $add[linkfieldshow], $string);
$string = str_replace("[!--enews.ctbname--]", $add[linkfieldtb], $string);
$string = str_replace("[!--enews.selectf--]", $selectf, $string);
} elseif ($type == 'editor' || $type == 'newstext') {
$editortype = $add[editorys] == 0 ? 'Default' : 'Basic';
$string = str_replace("[!--editor.type--]", $editortype, $string);
$string = str_replace("[!--editor.basepath--]", '', $string);
} elseif ($type == 'morevaluefield') {
$mvr = explode(',', $add['fmvnum']);
$mv_var = ReturnMoreValueFieldHtmlVar($f, $mvr[0], $mvr[1], $mvr[2]);
$string = str_replace("[!--enews.jstr--]", $mv_var['jstr'], $string);
$string = str_replace("[!--enews.saytr--]", $mv_var['saytr'], $string);
$string = str_replace("[!--enews.deftr--]", $mv_var['deftr'], $string);
$string = str_replace("[!--enews.edittr--]", $mv_var['edittr'], $string);
$string = str_replace("[!--enews.mvline--]", $mvr[1], $string);
$string = str_replace("[!--enews.mvnum--]", $mvr[0], $string);
$string = str_replace("[!--enews.mvmust--]", $mvr[2], $string);
}
$string = RepFformSize($f, $string, $type, $fformsize);
return fAddAddsData($string);
}