function __construct() {
parent::__construct();
$this->userid = $_SESSION['userid'];
pc_base::load_sys_class('db_factory');
pc_base::load_sys_class('form');
pc_base::load_sys_func('dir');
}
function keyword($field, $value)
{
//获取post过来的关键字,关键字用空格或者‘,’分割的
$data = array();
$data = preg_split("/[ ,]+/", $value);
//加载关键字的数据模型
$keyword_db = pc_base::load_model('keyword_model');
$keyword_data_db = pc_base::load_model('keyword_data_model');
pc_base::load_sys_func('iconv');
if (is_array($data) && !empty($data)) {
$siteid = get_siteid();
foreach ($data as $v) {
$v = defined('IN_ADMIN') ? $v : safe_replace(addslashes($v));
$v = str_replace(array('//', '#', '.'), ' ', $v);
if (!($r = $keyword_db->get_one(array('keyword' => $v, 'siteid' => $siteid)))) {
$letters = gbk_to_pinyin($v);
$letter = strtolower(implode('', $letters));
$tagid = $keyword_db->insert(array('keyword' => $v, 'siteid' => $siteid, 'pinyin' => $letter, 'videonum' => 1), true);
} else {
$keyword_db->update(array('videonum' => '+=1'), array('id' => $r['id']));
$tagid = $r['id'];
}
$contentid = $this->id . '-' . $this->modelid;
if (!$keyword_data_db->get_one(array('tagid' => $tagid, 'siteid' => $siteid, 'contentid' => $contentid))) {
$keyword_data_db->insert(array('tagid' => $tagid, 'siteid' => $siteid, 'contentid' => $contentid));
}
unset($contentid, $tagid, $letters);
}
}
return $value;
}
function __construct($module='', $catid = 0,$siteid = 0,$upload_dir = '') {
$this->catid = intval($catid);
$this->siteid = intval($siteid)== 0 ? 1 : intval($siteid);
$this->module = $module ? $module : 'content';
pc_base::load_sys_func('dir');
pc_base::load_sys_class('image','','0');
$this->upload_root = pc_base::load_config('system','upload_path');
$this->upload_func = 'copy';
$this->upload_dir = $upload_dir;
}
public function public_test_mail()
{
pc_base::load_sys_func('mail');
$subject = 'phpcms test mail';
$message = 'this is a test mail from phpcms team';
$mail = array('mailsend' => 2, 'maildelimiter' => 1, 'mailusername' => 1, 'server' => $_POST['mail_server'], 'port' => intval($_POST['mail_port']), 'mail_type' => intval($_POST['mail_type']), 'auth' => intval($_POST['mail_auth']), 'from' => $_POST['mail_from'], 'auth_username' => $_POST['mail_user'], 'auth_password' => $_POST['mail_password']);
if (sendmail($_GET['mail_to'], $subject, $message, $_POST['mail_from'], $mail)) {
echo L('test_email_succ') . $_GET['mail_to'];
} else {
echo L('test_email_faild');
}
}
public function getJs()
{
//合并分开的app.js
pc_base::load_sys_func('dir');
$filelist = dir_list(PHPCMS_PATH . 'statics/js/app/build/', 'js');
$models_js = '';
foreach ($filelist as $k => $v) {
$value = file_get_contents($v);
$models_js .= "\r" . $value;
}
$app_path = "http://" . $_SERVER['HTTP_HOST'] . "/";
//dump($filelist);
//echo template('content','js');
include template('content', 'js');
}
/**
* 通过外部接口方式获取详细地址信息
* @return $localinfo province 省份 city城市 sp网络 提供商 pinyin拼音
*/
public function getcitybyapi($ip) {
$api_url = $localinfo = '';
$xml = pc_base::load_sys_class('xml');
pc_base::load_sys_func('iconv');
$api_url = 'http://ipquery.sdo.com/getipinfo.php?ip='.$ip;
$data = $xml->xml_unserialize(@file_get_contents($api_url));
if (CHARSET == 'gbk') {
$data = !empty($data) ? array_iconv($data, 'utf-8', 'gbk') : array();
}
if($data['ip']['result']) {
$localinfo['province'] = $data['ip']['country'];
$localinfo['city'] = $data['ip']['city'];
$localinfo['sp'] = $data['ip']['sp'];
//$name = strtolower(CHARSET) == 'gbk' ? $localinfo['city'] : iconv(CHARSET,'gbk',$localinfo['city']);
$name = str_replace(L('city'),'',$localinfo['city']);
$letters = gbk_to_pinyin($name);
$localinfo['pinyin'] =strtolower(implode('', $letters));
}
return $localinfo;
}
/**
* 保存城市
*/
public function save_city()
{
pc_base::load_sys_func('iconv');
$id = intval($_POST['id']);
$city['name'] = iconv('utf-8', CHARSET, addslashes($_POST['name']));
//没有填写拼音默认将城市中文名称转化为拼音
if ($_POST['pinyin'] == '') {
if (strtolower(CHARSET) == 'utf-8') {
$str_py = gbk_to_pinyin(iconv(CHARSET, gbk, $city['name']));
$city['pinyin'] = strtolower(implode('', $str_py));
} else {
$city['pinyin'] = strtolower(implode('', gbk_to_pinyin($city['name'])));
}
} else {
$city['pinyin'] = trim($_POST['pinyin']);
}
$city['linkageid'] = $_POST['linkageid'];
if ($city['name'] == '' || $city['pinyin'] == '') {
exit('post_error');
}
$city = array2string($city);
if ($id == 0) {
$insertid = $this->db->insert(array('key' => 'info_city', 'data' => $city), TRUE);
$this->_cache();
if ($insertid) {
echo $insertid;
exit;
} else {
exit('0');
}
} else {
$this->db->update(array('data' => $city), array('key' => 'info_city', 'id' => $id));
$this->_cache();
exit('1');
}
}
/**
* 修改财务
* Enter description here ...
*/
public function modify_deposit()
{
if (isset($_POST['dosubmit'])) {
$username = isset($_POST['username']) && trim($_POST['username']) ? trim($_POST['username']) : showmessage(L('username') . L('error'));
$usernote = isset($_POST['usernote']) && trim($_POST['usernote']) ? addslashes(trim($_POST['usernote'])) : showmessage(L('usernote') . L('error'));
$userinfo = $this->get_useid($username);
if ($userinfo) {
//如果增加金钱或点数,想pay_account 中记录数据
if ($_POST['pay_unit']) {
$value = floatval($_POST['unit']);
$payment = L('admin_recharge');
$receipts = pc_base::load_app_class('receipts');
$func = $_POST['pay_type'] == '1' ? 'amount' : 'point';
$receipts->{$func}($value, $userinfo['userid'], $username, create_sn(), 'offline', $payment, param::get_cookie('admin_username'), $status = 'succ', $usernote);
} else {
$value = floatval($_POST['unit']);
$msg = L('background_operation') . $usernote;
$spend = pc_base::load_app_class('spend');
$func = $_POST['pay_type'] == '1' ? 'amount' : 'point';
$spend->{$func}($value, $msg, $userinfo['userid'], $username, param::get_cookie('userid'), param::get_cookie('admin_username'));
}
if (intval($_POST['sendemail'])) {
pc_base::load_sys_func('mail');
$op = $_POST['pay_unit'] ? $value : '-' . $value;
$op = $_POST['pay_type'] ? $op . L('yuan') : $op . L('point');
$msg = L('account_changes_notice_tips', array('username' => $username, 'time' => date('Y-m-d H:i:s', SYS_TIME), 'op' => $op, 'note' => $usernote, 'amount' => $userinfo['amount'], 'point' => $userinfo['point']));
sendmail($userinfo['email'], L('send_account_changes_notice'), $msg);
}
showmessage(L('public_discount_succ'), HTTP_REFERER);
}
} else {
$show_validator = true;
include $this->admin_tpl('modify_deposit');
}
}
/**
* 提示搜索接口
* TODO 暂时未启用,用的是google的接口
*/
public function public_suggest_search()
{
//关键词转换为拼音
pc_base::load_sys_func('iconv');
$pinyin = gbk_to_pinyin($q);
if (is_array($pinyin)) {
$pinyin = implode('', $pinyin);
}
$this->keyword_db = pc_base::load_model('search_keyword_model');
$suggest = $this->keyword_db->select("pinyin like '{$pinyin}%'", '*', 10, 'searchnums DESC');
foreach ($suggest as $v) {
echo $v['keyword'] . "\n";
}
}
/**
* ignore member
*/
function ignore() {
if(isset($_POST['userid'])) {
$uidarr = isset($_POST['userid']) ? $_POST['userid'] : showmessage(L('illegal_parameters'), HTTP_REFERER);
$where = to_sqls($uidarr, '', 'userid');
$res = $this->db->update(array('status'=>2, 'message'=>$_POST['message']), $where);
//发送 email通知
if($res) {
if($_POST['sendemail']) {
$memberinfo = $this->db->select($where);
pc_base::load_sys_func('mail');
foreach ($memberinfo as $v) {
sendmail($v['email'], L('reg_ignore'), $_POST['message']);
}
}
}
showmessage(L('ignore').L('operation_success'), HTTP_REFERER);
} else {
showmessage(L('operation_failure'), HTTP_REFERER);
}
}
/**
* 删除专题分类
* @param intval $typeid 专题附属分类ID
* @param intval $siteid 站点ID
* @param intval $ishtml 专题是否生成静态
*/
private function delete_type($typeid = 0, $siteid = 0, $ishtml = 0)
{
$typeid = intval($typeid);
if (!$typeid) {
return false;
}
pc_base::load_sys_func('dir');
$info = $this->type_db->get_one(array('typeid' => $typeid));
if ($ishtml) {
$siteid = $siteid ? intval($siteid) : get_siteid();
if ($siteid > 1) {
$site = pc_base::load_app_class('sites', 'admin');
$site_info = $site->get_by_id($siteid);
$queue = pc_base::load_model('queue_model');
for ($i = 1; $i > 0; $i++) {
if ($i == 1) {
$file = str_replace($site_info['domain'], pc_base::load_config('system', 'html_root') . '/' . $site_info['dirname'] . '/', $info['url']);
} else {
$file = str_replace(array($site_info['domain'], '.html'), array(pc_base::load_config('system', 'html_root') . '/' . $site_info['dirname'] . '/', '-' . $i . '.html'), $info['url']);
}
if (!file_exists(PHPCMS_PATH . $file)) {
break;
} else {
$queue->add_queue('del', $file, $siteid);
//并加入到消息队列中,便以其他站点删除文件
unlink(PHPCMS_PATH . $file);
//删除生成的静态文件
}
}
} else {
for ($i = 1; $i > 0; $i++) {
if ($i == 1) {
$file = str_replace(APP_PATH, '', $info['url']);
} else {
$file = str_replace(array(APP_PATH, '.html'), array('', '-' . $i . '.html'), $info['url']);
}
if (!file_exists(PHPCMS_PATH . $file)) {
break;
} else {
unlink(PHPCMS_PATH . $file);
//删除生成的静态文件
}
}
}
}
$this->type_db->delete(array('typeid' => $typeid));
//删除数据表记录
return true;
}
/**
* 表单展示
*/
public function show()
{
if (!isset($_GET['formid']) || empty($_GET['formid'])) {
$_GET['action'] ? exit : showmessage(L('form_no_exist'), HTTP_REFERER);
}
$siteid = $_GET['siteid'] ? intval($_GET['siteid']) : 1;
$formid = intval($_GET['formid']);
$r = $this->db->get_one(array('modelid' => $formid, 'siteid' => $siteid, 'disabled' => 0), 'tablename, setting');
if (!$r) {
$_GET['action'] ? exit : showmessage(L('form_no_exist'), HTTP_REFERER);
}
$setting = string2array($r['setting']);
if ($setting['enabletime']) {
if ($setting['starttime'] > SYS_TIME || $setting['endtime'] + 3600 * 24 < SYS_TIME) {
$_GET['action'] ? exit : showmessage(L('form_expired'), APP_PATH . 'index.php?m=formguide&c=index&a=index');
}
}
$userid = param::get_cookie('_userid');
if ($setting['allowunreg'] == 0 && !$userid && $_GET['action'] != 'js') {
showmessage(L('please_login_in'), APP_PATH . 'index.php?m=member&c=index&a=login&forward=' . urlencode(HTTP_REFERER));
}
if (isset($_POST['dosubmit'])) {
$tablename = 'form_' . $r['tablename'];
$this->m_db->change_table($tablename);
$data = array();
require CACHE_MODEL_PATH . 'formguide_input.class.php';
$formguide_input = new formguide_input($formid);
$data = new_addslashes($_POST['info']);
$data = new_html_special_chars($data);
$data = $formguide_input->get($data);
$data['userid'] = $userid;
$data['username'] = param::get_cookie('_username');
$data['datetime'] = SYS_TIME;
$data['ip'] = ip();
$dataid = $this->m_db->insert($data, true);
if ($dataid) {
if ($setting['sendmail']) {
pc_base::load_sys_func('mail');
$mails = explode(',', $setting['mails']);
if (is_array($mails)) {
foreach ($mails as $m) {
sendmail($m, L('tips'), $this->M['mailmessage']);
}
}
}
$this->db->update(array('items' => '+=1'), array('modelid' => $formid, 'siteid' => $this->siteid));
}
showmessage(L('thanks'), APP_PATH);
} else {
if ($setting['allowunreg'] == 0 && !$userid && $_GET['action'] == 'js') {
$no_allowed = 1;
}
pc_base::load_sys_class('form', '', '');
$f_info = $this->db->get_one(array('modelid' => $formid, 'siteid' => $this->siteid));
extract($f_info);
$tablename = 'form_' . $r['tablename'];
$this->m_db->change_table($tablename);
$ip = ip();
$where = array();
if ($userid) {
$where = array('userid' => $userid);
} else {
$where = array('ip' => $ip);
}
$re = $this->m_db->get_one($where, 'datetime');
$setting = string2array($setting);
if ($setting['allowmultisubmit'] == 0 && $re['datetime'] || SYS_TIME - $re['datetime'] < $this->M['interval'] * 60) {
$_GET['action'] ? exit : showmessage(L('had_participate'), APP_PATH . 'index.php?m=formguide&c=index&a=index');
}
require CACHE_MODEL_PATH . 'formguide_form.class.php';
$formguide_form = new formguide_form($formid, $no_allowed);
$forminfos_data = $formguide_form->get();
$SEO = seo($this->siteid, L('formguide'), $name);
if (isset($_GET['action']) && $_GET['action'] == 'js') {
if (!function_exists('ob_gzhandler')) {
ob_clean();
}
ob_start();
}
$template = $_GET['action'] == 'js' ? $js_template : $show_template;
include template('formguide', $template, $default_style);
if (isset($_GET['action']) && $_GET['action'] == 'js') {
$data = ob_get_contents();
ob_clean();
exit(format_js($data));
}
}
}
protected function dealSchoolArr($school = array())
{
if (empty($school)) {
return array("error" => true);
}
//判断该学校是否已存在
$where['name'] = $school['name'];
$where['xiaozhang'] = $school['xiaozhang'];
$where['type'] = $school['type'];
$M = M('safe_school');
$info = $M->count($where);
if ($info) {
return array("error" => true);
}
//学校已存在,返回
//不存在,添加
$school_id = $M->insert($school, true);
if (!$school_id) {
return array("error" => -1);
}
//创建学校管理员
pc_base::load_sys_func("iconv");
//构造管理员数据
$manager['username'] = gbk_to_pinyin($school['admin']);
$manager['username'] = implode("", $manager['username']);
$pwd = password($school['admin_tel']);
$manager['password'] = $pwd['password'];
$manager['encrypt'] = $pwd['encrypt'];
$manager['roleid'] = 10;
$manager['school_id'] = $school_id;
$manager['realname'] = $school['admin'];
$M_admin = M("admin");
$admin_id = $M_admin->insert($manager);
if (!$admin_id) {
return array("error" => -2);
}
//是否存在中心校
if (!empty($school['lianxiao'])) {
$lianxiao['name'] = $school['lianxiao'];
$M_lianxiao = M("safe_data_lianxiao");
$num = $M_lianxiao->count($lianxiao);
if (!$num) {
$lianxiao_id = $M_lianxiao->insert($lianxiao);
if (!$lianxiao_id) {
return array("error" => -3);
}
//添加中心校管理员
$manager['username'] = gbk_to_pinyin($lianxiao['name']);
$manager['username'] = implode("", $manager['username']);
$pwd = password($manager['username']);
$manager['password'] = $pwd['password'];
$manager['encrypt'] = $pwd['encrypt'];
$manager['roleid'] = 11;
$manager['school_id'] = 0;
$manager['realname'] = '';
$ladmin_id = $M_admin->insert($manager);
if (!$ladmin_id) {
return array("error" => -4);
}
}
}
return array("error" => true, 'school_id' => $school_id);
}
function iconv($in_charset, $out_charset, $str)
{
$in_charset = strtoupper($in_charset);
$out_charset = strtoupper($out_charset);
if (function_exists('mb_convert_encoding')) {
return mb_convert_encoding($str, $out_charset, $in_charset);
} else {
pc_base::load_sys_func('iconv');
$in_charset = strtoupper($in_charset);
$out_charset = strtoupper($out_charset);
if ($in_charset == 'UTF-8' && ($out_charset == 'GBK' || $out_charset == 'GB2312')) {
return utf8_to_gbk($str);
}
if (($in_charset == 'GBK' || $in_charset == 'GB2312') && $out_charset == 'UTF-8') {
return gbk_to_utf8($str);
}
return $str;
}
}
/**
* 批量修改
*/
public function batch_edit()
{
$categorys = getcache('category_content_' . $this->siteid, 'commons');
if (isset($_POST['dosubmit'])) {
pc_base::load_sys_func('iconv');
$catid = intval($_POST['catid']);
$post_setting = $_POST['setting'];
//栏目生成静态配置
$infos = $info = array();
$infos = $_POST['info'];
if (empty($infos)) {
showmessage(L('operation_success'));
}
$this->attachment_db = pc_base::load_model('attachment_model');
foreach ($infos as $catid => $info) {
$setting = string2array($categorys[$catid]['setting']);
if ($_POST['type'] != 2) {
if ($post_setting[$catid]['ishtml']) {
$setting['category_ruleid'] = $_POST['category_html_ruleid'][$catid];
} else {
$setting['category_ruleid'] = $_POST['category_php_ruleid'][$catid];
$info['url'] = '';
}
}
foreach ($post_setting[$catid] as $_k => $_setting) {
$setting[$_k] = $_setting;
}
//内容生成静态配置
if ($post_setting[$catid]['content_ishtml']) {
$setting['show_ruleid'] = $_POST['show_html_ruleid'][$catid];
} else {
$setting['show_ruleid'] = $_POST['show_php_ruleid'][$catid];
}
if ($setting['repeatchargedays'] < 1) {
$setting['repeatchargedays'] = 1;
}
$info['sethtml'] = $post_setting[$catid]['create_to_html_root'];
$info['setting'] = array2string($setting);
$info['module'] = 'content';
$catname = CHARSET == 'gbk' ? $info['catname'] : iconv('utf-8', 'gbk', $info['catname']);
$letters = gbk_to_pinyin($catname);
$info['letter'] = strtolower(implode('', $letters));
$this->db->update($info, array('catid' => $catid, 'siteid' => $this->siteid));
//更新附件状态
if ($info['image'] && pc_base::load_config('system', 'attachment_stat')) {
$this->attachment_db->api_update($info['image'], 'catid-' . $catid, 1);
}
}
$this->public_cache();
showmessage(L('operation_success'), '?m=admin&c=category&a=init&module=admin&menuid=43');
} else {
if (isset($_POST['catids'])) {
//获取站点模板信息
pc_base::load_app_func('global');
$template_list = template_list($this->siteid, 0);
foreach ($template_list as $k => $v) {
$template_list[$v['dirname']] = $v['name'] ? $v['name'] : $v['dirname'];
unset($template_list[$k]);
}
$show_validator = $show_header = '';
$catid = intval($_GET['catid']);
$type = $_POST['type'] ? intval($_POST['type']) : 0;
pc_base::load_sys_class('form', '', 0);
if (empty($_POST['catids'])) {
showmessage(L('illegal_parameters'));
}
$batch_array = $workflows = array();
foreach ($categorys as $catid => $cat) {
if ($cat['type'] == $type && in_array($catid, $_POST['catids'])) {
$batch_array[$catid] = $cat;
}
}
if (empty($batch_array)) {
showmessage(L('please_select_category'));
}
$workflows = getcache('workflow_' . $this->siteid, 'commons');
if ($workflows) {
$workflows_datas = array();
foreach ($workflows as $_k => $_v) {
$workflows_datas[$_v['workflowid']] = $_v['workname'];
}
}
if ($type == 1) {
include $this->admin_tpl('category_batch_edit_page');
} else {
include $this->admin_tpl('category_batch_edit');
}
} else {
$type = isset($_GET['select_type']) ? intval($_GET['select_type']) : 0;
$tree = pc_base::load_sys_class('tree');
$tree->icon = array(' │ ', ' ├─ ', ' └─ ');
$tree->nbsp = ' ';
$category = array();
foreach ($categorys as $catid => $r) {
if ($this->siteid != $r['siteid'] || $r['type'] == 2 && $r['child'] == 0) {
continue;
}
$category[$catid] = $r;
}
$str = "<option value='\$catid' \$selected>\$spacer \$catname</option>";
$tree->init($category);
$string .= $tree->get_tree(0, $str);
include $this->admin_tpl('category_batch_select');
}
}
}
/**
* 手机短信方式找回密码
*/
public function public_forget_password_mobile()
{
$email_config = getcache('common', 'commons');
$this->_session_start();
$member_setting = getcache('member_setting');
if (isset($_POST['dosubmit'])) {
//处理提交申请,以手机号为准
if ($_SESSION['code'] != strtolower($_POST['code'])) {
showmessage(L('code_error'), HTTP_REFERER);
}
$mobile = $_POST['mobile'];
$mobile_verify = intval($_POST['mobile_verify']);
$password = $_POST['password'];
$pwdconfirm = $_POST['pwdconfirm'];
if ($password != $pwdconfirm) {
showmessage(L('passwords_not_match'), HTTP_REFERER);
}
//验证手机号和传递的验证码是否匹配
$sms_report_db = pc_base::load_model('sms_report_model');
$sms_report_array = $sms_report_db->get_one(array("mobile" > $mobile, 'in_code' => $mobile_verify));
if (empty($sms_report_array)) {
showmessage("手机和验证码不对应,请通过正常渠道修改密码!", HTTP_REFERER);
}
//更新密码
$updateinfo = array();
$updateinfo['password'] = $password;
$this->db->update($updateinfo, array('userid' => $this->memberinfo['userid']));
if (pc_base::load_config('system', 'phpsso')) {
//初始化phpsso
$this->_init_phpsso();
$res = $this->client->ps_member_edit('', $email, $_POST['info']['password'], $_POST['info']['newpassword'], $this->memberinfo['phpssouid'], $this->memberinfo['encrypt']);
}
$memberinfo = $this->db->get_one(array('email' => $_POST['email']));
if (!empty($memberinfo['email'])) {
$email = $memberinfo['email'];
} else {
showmessage(L('email_error'), HTTP_REFERER);
}
pc_base::load_sys_func('mail');
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent);
$code = sys_auth($memberinfo['userid'] . "\t" . SYS_TIME, 'ENCODE', $phpcms_auth_key);
$url = APP_PATH . "index.php?m=member&c=index&a=public_forget_password&code={$code}";
$message = $member_setting['forgetpassword'];
$message = str_replace(array('{click}', '{url}'), array('<a href="' . $url . '">' . L('please_click') . '</a>', $url), $message);
//获取站点名称
$sitelist = getcache('sitelist', 'commons');
if (isset($sitelist[$memberinfo['siteid']]['name'])) {
$sitename = $sitelist[$memberinfo['siteid']]['name'];
} else {
$sitename = 'PHPCMS_V9_MAIL';
}
sendmail($email, L('forgetpassword'), $message, '', '', $sitename);
showmessage(L('operation_success'), 'index.php?m=member&c=index&a=login');
} else {
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
$siteinfo = siteinfo($siteid);
include template('member', 'forget_password_mobile');
}
}
define('PC_PATH', dirname(__FILE__) . DIRECTORY_SEPARATOR);
if (!defined('PHPCMS_PATH')) {
define('PHPCMS_PATH', PC_PATH . '..' . DIRECTORY_SEPARATOR);
}
//缓存文件夹地址
define('CACHE_PATH', PC_PATH . '..' . DIRECTORY_SEPARATOR . 'caches' . DIRECTORY_SEPARATOR);
//主机协议
define('SITE_PROTOCOL', isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443' ? 'https://' : 'http://');
//当前访问的主机名
define('SITE_URL', isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '');
//来源
define('HTTP_REFERER', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '');
//系统开始时间
define('SYS_START_TIME', microtime());
//加载公用函数库
pc_base::load_sys_func('global');
pc_base::load_config('system', 'errorlog') ? set_error_handler('my_error_handler') : error_reporting(E_ERROR | E_WARNING | E_PARSE);
//设置本地时差
function_exists('date_default_timezone_set') && date_default_timezone_set(pc_base::load_config('system', 'timezone'));
define('CHARSET', pc_base::load_config('system', 'charset'));
//输出页面字符集
header('Content-type: text/html; charset=' . CHARSET);
define('SYS_TIME', time());
//定义网站根路径
define('WEB_PATH', pc_base::load_config('system', 'web_path'));
//js 路径
define('JS_PATH', pc_base::load_config('system', 'js_path'));
//css 路径
define('CSS_PATH', pc_base::load_config('system', 'css_path'));
//img 路径
define('IMG_PATH', pc_base::load_config('system', 'img_path'));
/**
* Function importfalbum
* 将专辑载入到专题
* @param array $info 专辑详细信息
*/
public function importfalbum($info = array())
{
static $siteid, $sitelists;
if (!$siteid) {
$siteid = get_siteid();
}
if (!$sitelists) {
$sitelists = getcache('sitelist', 'commons');
}
pc_base::load_sys_func('iconv');
if (is_array($info)) {
$username = param::get_cookie('admin_username');
$userid = param::get_cookie('userid');
$arr = array('siteid' => $siteid, 'aid' => $info['id'], 'title' => $info['title'], 'thumb' => format_url($info['coverurl']), 'banner' => format_url($info['coverurl']), 'description' => $info['desc'], 'ishtml' => 0, 'ispage' => 0, 'style' => 'default', 'index_template' => 'index_video', 'list_template' => 'list_video', 'show_template' => 'show_video', 'username' => $username, 'userid' => $userid, 'createtime' => SYS_TIME, 'isvideo' => 1);
//将数据插入到专题表中
$arr = new_html_special_chars($arr);
$specialid = $this->db->insert($arr, true);
$url = $sitelists[$siteid]['domain'] . 'index.php?m=special&c=index&id=' . $specialid;
$this->db->update(array('url' => $url), array('id' => $specialid));
//组合子分类数组
$letters = gbk_to_pinyin($info['title']);
$type_info = array('siteid' => $siteid, 'module' => 'special', 'modelid' => 0, 'name' => new_html_special_chars($info['title']), 'parentid' => $specialid, 'typedir' => strtolower(implode('', $letters)), 'listorder' => 1);
$typeid = $this->type_db->insert($type_info, true);
$url = $sitelists[$siteid]['domain'] . 'index.php?m=special&c=index&a=type&specialid=' . $specialid . '&typeid=' . $typeid;
$this->type_db->update(array('url' => $url), array('typeid' => $typeid));
return $specialid;
} else {
return false;
}
}
public function crop_upload()
{
if (isset($GLOBALS["HTTP_RAW_POST_DATA"])) {
$pic = $GLOBALS["HTTP_RAW_POST_DATA"];
if (isset($_GET['width']) && !empty($_GET['width'])) {
$width = intval($_GET['width']);
}
if (isset($_GET['height']) && !empty($_GET['height'])) {
$height = intval($_GET['height']);
}
if (isset($_GET['file']) && !empty($_GET['file'])) {
$_GET['file'] = str_ireplace(';', '', 'php', $_GET['file']);
if (is_image($_GET['file']) == false || stripos($_GET['file'], '.php') !== false) {
exit;
}
if (strpos($_GET['file'], pc_base::load_config('system', 'upload_url')) !== false) {
$file = $_GET['file'];
$basename = basename($file);
if (strpos($basename, 'thumb_') !== false) {
$file_arr = explode('_', $basename);
$basename = array_pop($file_arr);
}
$new_file = 'thumb_' . $width . '_' . $height . '_' . $basename;
} else {
pc_base::load_sys_class('attachment', '', 0);
$module = trim($_GET['module']);
$catid = intval($_GET['catid']);
$siteid = $this->get_siteid();
$attachment = new attachment($module, $catid, $siteid);
$uploadedfile['filename'] = basename($_GET['file']);
$uploadedfile['fileext'] = fileext($_GET['file']);
if (in_array($uploadedfile['fileext'], array('jpg', 'gif', 'jpeg', 'png', 'bmp'))) {
$uploadedfile['isimage'] = 1;
}
$file_path = $this->upload_path . date('Y/md/');
pc_base::load_sys_func('dir');
dir_create($file_path);
$new_file = date('Ymdhis') . rand(100, 999) . '.' . $uploadedfile['fileext'];
$uploadedfile['filepath'] = date('Y/md/') . $new_file;
$aid = $attachment->add($uploadedfile);
}
$filepath = date('Y/md/');
file_put_contents($this->upload_path . $filepath . $new_file, $pic);
} else {
return false;
}
echo pc_base::load_config('system', 'upload_url') . $filepath . $new_file;
exit;
}
}
<?php
/**
* plugin.php 插件入口
*
* @copyright (C) 2005-2010 PHPCMS
* @license http://www.phpcms.cn/license/
* @lastmodify 2013-06-07
*/
define('PHPCMS_PATH', dirname(__FILE__) . DIRECTORY_SEPARATOR);
include PHPCMS_PATH . 'phpcms/base.php';
$param = pc_base::load_sys_class('param');
pc_base::load_sys_func('plugin');
$cache = '';
if (isset($_GET['id'])) {
if (!preg_match("/^[a-z0-9_\\-]+\$/i", $_GET['id'])) {
showmessage(L('illegal_parameters'));
}
list($identification, $filename, $action) = explode('-', $_GET['id']);
$filename = !empty($filename) ? $filename : $identification;
$action = !empty($action) ? $action : 'init';
}
if (!preg_match("/^[a-z0-9_\\-]+\$/i", $identification)) {
showmessage(L('plugin_not_exist', '', 'plugin'));
}
$cache = getcache($identification, 'plugins');
if (!$cache['disable'] || $filename == 'plugin_admin' || $filename == 'hook') {
showmessage(L('plugin_not_exist', '', 'plugin'));
} else {
$status = plugin_stat($cache['appid']);
if ($status == 0 || $app_status == 1) {
/**
* 更新删除缓存文件方法
*/
public function del_file()
{
$path = PHPCMS_PATH . 'caches' . DIRECTORY_SEPARATOR . 'caches_template' . DIRECTORY_SEPARATOR;
$files = glob($path . '*');
pc_base::load_sys_func('dir');
if (is_array($files)) {
foreach ($files as $f) {
$dir = basename($f);
if (!in_array($dir, array('block', 'dbsource'))) {
dir_delete($path . $dir);
}
}
}
$path = PHPCMS_PATH . 'caches' . DIRECTORY_SEPARATOR . 'caches_tpl_data' . DIRECTORY_SEPARATOR . 'caches_data' . DIRECTORY_SEPARATOR;
$files = glob($path . '*');
if (is_array($files)) {
foreach ($files as $f) {
$dir = basename($f);
@unlink($path . $dir);
}
}
return true;
}
/**
* 应用删除程序
*/
public function delete() {
if(isset($_POST['dosubmit'])) {
$pluginid = intval($_POST['pluginid']);
$plugin_data = $this->db->get_one(array('pluginid'=>$pluginid));
$op_status = FALSE;
$dir = $plugin_data['dir'];
$config_file = PC_PATH.'plugin'.DIRECTORY_SEPARATOR.$dir.DIRECTORY_SEPARATOR.'plugin_'.$dir.'.cfg.php';
if(file_exists($config_file)) {
$plugin_data = @require($config_file);
}
$filename = PC_PATH.'plugin'.DIRECTORY_SEPARATOR.$dir.DIRECTORY_SEPARATOR.$plugin_data['plugin']['uninstallfile'];
if(file_exists($filename)) {
@include_once $filename;
} else {
showmessage(L('plugin_lacks_uninstall_file','','plugin'),HTTP_REFERER);
}
if($op_status) {
$this->db->delete(array('pluginid'=>$pluginid));
$this->db_var->delete(array('pluginid'=>$pluginid));
delcache($dir,'plugins');
delcache($dir.'_var','plugins');
$this->set_hook_cache();
if($plugin_data['plugin']['iframe']) {
pc_base::load_sys_func('dir');
if(!dir_delete(PC_PATH.'plugin'.DIRECTORY_SEPARATOR.$dir)) {
showmessage(L('plugin_uninstall_success_no_delete','','plugin'),'?m=admin&c=plugin');
}
}
showmessage(L('plugin_uninstall_success','','plugin'),'?m=admin&c=plugin');
} else {
showmessage(L('plugin_uninstall_fail','','plugin'),'?m=admin&c=plugin');
}
} else {
$show_header = 0;
$pluginid = intval($_GET['pluginid']);
$plugin_data = $this->db->get_one(array('pluginid'=>$pluginid));
include $this->admin_tpl('plugin_delete_confirm');
}
}
function getlocalinfo($ip)
{
pc_base::load_sys_func('iconv');
$ip_area = pc_base::load_sys_class('ip_area');
$localinfo = $ip_area->getcitybyapi($ip);
$info['name'] = $localinfo['city'];
$info['pinyin'] = $localinfo['pinyin'];
return $info;
}
/**
* 找回密码
*/
public function public_forget_password()
{
$email_config = getcache('common', 'commons');
//SMTP MAIL 二种发送模式
if ($email_config['mail_type'] == '1') {
if (empty($email_config['mail_user']) || empty($email_config['mail_password'])) {
showmessage(L('email_config_empty'), HTTP_REFERER);
}
}
$this->_session_start();
$member_setting = getcache('member_setting');
if (isset($_POST['dosubmit'])) {
if ($_SESSION['code'] != strtolower($_POST['code'])) {
showmessage(L('code_error'), HTTP_REFERER);
}
$memberinfo = $this->db->get_one(array('email' => $_POST['email']));
if (!empty($memberinfo['email'])) {
$email = $memberinfo['email'];
} else {
showmessage(L('email_error'), HTTP_REFERER);
}
pc_base::load_sys_func('mail');
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent);
$code = sys_auth($memberinfo['userid'] . "\t" . SYS_TIME, 'ENCODE', $phpcms_auth_key);
$url = APP_PATH . "index.php?m=member&c=index&a=public_forget_password&code={$code}";
$message = $member_setting['forgetpassword'];
$message = str_replace(array('{click}', '{url}'), array('<a href="' . $url . '">' . L('please_click') . '</a>', $url), $message);
//获取站点名称
$sitelist = getcache('sitelist', 'commons');
if (isset($sitelist[$memberinfo['siteid']]['name'])) {
$sitename = $sitelist[$memberinfo['siteid']]['name'];
} else {
$sitename = 'PHPCMS_V9_MAIL';
}
sendmail($email, L('forgetpassword'), $message, '', '', $sitename);
showmessage(L('operation_success'), 'index.php?m=member&c=index&a=login');
} elseif ($_GET['code']) {
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent);
$hour = date('y-m-d h', SYS_TIME);
$code = sys_auth($_GET['code'], 'DECODE', $phpcms_auth_key);
$code = explode("\t", $code);
if (is_array($code) && is_numeric($code[0]) && date('y-m-d h', SYS_TIME) == date('y-m-d h', $code[1])) {
$memberinfo = $this->db->get_one(array('userid' => $code[0]));
if (empty($memberinfo['phpssouid'])) {
showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login');
}
$password = random(8);
$updateinfo['password'] = password($password, $memberinfo['encrypt']);
$this->db->update($updateinfo, array('userid' => $code[0]));
if (pc_base::load_config('system', 'phpsso')) {
//初始化phpsso
$this->_init_phpsso();
$this->client->ps_member_edit('', $email, '', $password, $memberinfo['phpssouid'], $memberinfo['encrypt']);
}
showmessage(L('operation_success') . L('newpassword') . ':' . $password);
} else {
showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login');
}
} else {
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
$siteinfo = siteinfo($siteid);
include template('member', 'forget_password');
}
}
if (!defined('PHPCMS_PATH')) {
define('PHPCMS_PATH', PC_PATH . '..' . DIRECTORY_SEPARATOR);
}
// 缓存文件夹地址
define('CACHE_PATH', PHPCMS_PATH . 'caches' . DIRECTORY_SEPARATOR);
// 主机协议
define('SITE_PROTOCOL', isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443' ? 'https://' : 'http://');
// 当前访问的主机名
define('SITE_URL', isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '');
// 来源
define('HTTP_REFERER', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '');
// 系统开始时间
define('SYS_START_TIME', microtime());
// 加载公用函数库
pc_base::load_sys_func('global');
pc_base::load_sys_func('extention');
pc_base::auto_load_func();
pc_base::load_config('system', 'errorlog') ? set_error_handler('my_error_handler') : error_reporting(E_ERROR | E_WARNING | E_PARSE);
// 设置本地时差
function_exists('date_default_timezone_set') && date_default_timezone_set(pc_base::load_config('system', 'timezone'));
define('CHARSET', pc_base::load_config('system', 'charset'));
// 输出页面字符集
header('Content-type: text/html; charset=' . CHARSET);
define('SYS_TIME', time());
// 定义网站根路径
define('WEB_PATH', pc_base::load_config('system', 'web_path'));
// js 路径
define('JS_PATH', pc_base::load_config('system', 'js_path'));
// css 路径
define('CSS_PATH', pc_base::load_config('system', 'css_path'));
// img 路径
public function public_get_email_verify()
{
pc_base::load_sys_func('mail');
$this->_session_start();
$code = $_SESSION['emc'] = random(8, "23456789abcdefghkmnrstwxy");
$_SESSION['emc_times'] = 5;
$message = '您的验证码为:' . $code;
sendmail($_SESSION['email'], '邮箱找回密码验证', $message);
echo '1';
}
public function design() {
if(isset($_POST['dosubmit'])) {
$data['identification'] = $_POST['info']['identification'];
$data['realease'] = date('YMd',SYS_TIME);
$data['dir'] = $_POST['info']['identification'];
$data['appid'] = '';
$data['plugin'] = array(
'version' => '0.0.2',
'name' => $_POST['info']['name'],
'copyright' => $_POST['info']['copyright'],
'description' => "",
'installfile' => 'install.php',
'uninstallfile' => 'uninstall.php',
);
$filepath = PC_PATH.'plugin'.DIRECTORY_SEPARATOR.$data['identification'].DIRECTORY_SEPARATOR.'plugin_'.$data['identification'].'.cfg.php';
pc_base::load_sys_func('dir');
dir_create(dirname($filepath));
$data = "<?php\nreturn ".var_export($data, true).";\n?>";
if(pc_base::load_config('system', 'lock_ex')) {
$file_size = file_put_contents($filepath, $data, LOCK_EX);
} else {
$file_size = file_put_contents($filepath, $data);
}
echo 'success';
} else {
include $this->admin_tpl('plugin_design');
}
}
public function public_get_email_verify()
{
pc_base::load_sys_func('mail');
$this->_session_start();
$code = $_SESSION['emc'] = random(6);
$message = '您的验证码为:' . $code;
sendmail($_SESSION['email'], '邮箱找回密码验证', $message);
echo '1';
}
<?php
/**
* position_api.class.php 模块安装接口类
*
* @copyright (C) 2005-2010 PHPCMS
* @license http://www.phpcms.cn/license/
* @lastmodify 2010-8-31
*/
defined('IN_PHPCMS') or exit('No permission resources.');
pc_base::load_sys_func('dir');
class module_api
{
private $db, $m_db, $installdir, $uninstaldir, $module, $isall;
public $error_msg = '';
public function __construct()
{
$this->db = pc_base::load_model('module_model');
}
/**
* 模块安装
* @param string $module 模块名
*/
public function install($module = '')
{
define('INSTALL', true);
if ($module) {
$this->module = $module;
}
$this->installdir = PC_PATH . 'modules' . DIRECTORY_SEPARATOR . $this->module . DIRECTORY_SEPARATOR . 'install' . DIRECTORY_SEPARATOR;
$this->check();
/**
* 生成静态文件
* @param string $file 文件路径
* @return boolen/intval 成功返回生成文件的大小
*/
private function create_html($file)
{
$data = ob_get_contents();
ob_end_clean();
pc_base::load_sys_func('dir');
dir_create(dirname($file));
$strlen = file_put_contents($file, $data);
@chmod($file, 0777);
return $strlen;
}
