function GetPicJs($picid)
{
global $empire, $dbtbpre;
$r = $empire->fetch1("select * from {$dbtbpre}enewspic where picid='{$picid}'");
$string = "<a href='" . $r[url] . "' title='" . $r[title] . "' target='" . $r[open_pic] . "'><img src='" . $r[pic_url] . "' width=" . $r[pic_width] . " height=" . $r[pic_height] . " border=" . $r[border] . "><br>" . $r[title] . "</a>";
$string = "document.write(\"" . addslashes($string) . "\");";
$filename = "../../../d/js/pic/pic_" . $picid . ".js";
WriteFiletext_n($filename, $string);
}
function GetSettingConfig($string)
{
$filename = ECMS_PATH . DASHBOARD . "/config/config.php";
$exp = '//-------EmpireCMS.Seting.area-------';
$text = ReadFiletext($filename);
$r = explode($exp, $text);
if ($r[0] == '') {
return false;
}
$r[1] = $string;
$setting = $r[0] . $exp . $r[1] . $exp . $r[2];
WriteFiletext_n($filename, $setting);
}
function InstallGetPlfaceJs()
{
global $empire, $dbtbpre, $public_r;
$r = $empire->fetch1("select plface,plfacenum from {$dbtbpre}enewspublic limit 1");
if (empty($r['plfacenum'])) {
return '';
}
$filename = "../../d/js/js/plface.js";
$facer = explode('||', $r['plface']);
$count = count($facer);
for ($i = 1; $i < $count - 1; $i++) {
if ($i % $r['plfacenum'] == 0) {
$br = "<br>";
} else {
$br = " ";
}
$face = explode('##', $facer[$i]);
$allface .= "<a href='#eface' onclick=\\\"eaddplface('" . $face[0] . "');\\\"><img src='" . $public_r[newsurl] . "e/data/face/" . $face[1] . "' border=0></a>" . $br;
}
$allface = "document.write(\"<script src='" . $public_r[newsurl] . "e/data/js/addplface.js'></script>\");document.write(\"" . $allface . "\");";
WriteFiletext_n($filename, $allface);
}
function EditDtTempFiletext($add, $userid, $username)
{
global $empire, $dbtbpre;
//操作权限
CheckLevel($userid, $username, $classid, 'dttemp');
$tempid = (int) $add['tempid'];
if (!$tempid) {
printerror('ErrorUrl', '');
}
$tempr = $empire->fetch1("select tempid,tempname,tempvar,tempfile from {$dbtbpre}enewstempdt where tempid='{$tempid}'");
if (!$tempr['tempid']) {
printerror('ErrorUrl', '');
}
$file = ECMS_PATH . $tempr['tempfile'];
if (!file_exists($file)) {
printerror('FileNotExist', '');
}
$temptext = ClearAddsData($add['temptext']);
WriteFiletext_n($file, $temptext);
//操作日志
insert_dolog("tempid=" . $tempid . "<br>tempname=" . $tempr['tempname']);
printerror("EditDttempSuccess", "EditDttemp.php?tempid={$tempid}" . hReturnEcmsHashStrHref2(0));
}
ContextMenu.display(popupoptions)
}
</SCRIPT>
</head>
<body onLoad="initialize();ContextMenu.intializeContextMenu();" bgcolor="#FFCFAD">
<table border='0' cellspacing='0' cellpadding='0'>
<tr height=20>
<td id="home"><img src="../data/images/homepage.gif" border=0></td>
<td><a href="#ecms" onclick="parent.main.location.href='ListAllInfo.php';" onmouseout="this.style.fontWeight=''" onmouseover="this.style.fontWeight='bold'" oncontextmenu="ShRM(this,0,0,'',2)"><b>管理信息</b></a></td>
</tr>
</table>
<?php
$notrecordword = "您还未添加栏目,<br><a href='AddClass.php?enews=AddClass' target='main'><u><b>点击这里</b></u></a>进行添加操作";
$jsstr = ShowClass_ListNews($user_r[adminclass], $gr[doall], 0, '');
if ($gr['doall']) {
$jsfile = "../data/fc/cmsclass.js";
$search_jsfile = "../data/fc/searchclass.js";
$search_jsstr = str_replace(" style='background:#99C4E3'", "", $jsstr);
WriteFiletext_n($jsfile, "document.write(\"" . addslashes($jsstr) . "\");");
WriteFiletext_n($search_jsfile, "document.write(\"" . addslashes($search_jsstr) . "\");");
}
?>
</body>
</html>
<?php
db_close();
$empire = null;
if ($gr['doall'] || file_exists('../data/fc/ListEnews.php')) {
$string = @ob_get_contents();
WriteFiletext($fcfile, AddCheckViewTempCode() . $string);
}
function Ebak_RepPathFiletext($add)
{
global $bakpath;
$mypath = trim($add['mypath']);
$oldword = Ebak_ClearAddsData($add['oldword']);
$newword = Ebak_ClearAddsData($add['newword']);
$dozz = (int) $add['dozz'];
if (empty($oldword) || empty($mypath)) {
printerror("EmptyRepPathFiletext", "history.go(-1)");
}
if (strstr($mypath, "..")) {
printerror("NotChangeRepPathFiletext", "history.go(-1)");
}
$path = $bakpath . "/" . $mypath;
if (!file_exists($path)) {
printerror("PathNotExists", "history.go(-1)");
}
$hand = @opendir($path);
while ($file = @readdir($hand)) {
$filename = $path . "/" . $file;
if ($file != "." && $file != ".." && is_file($filename)) {
$value = ReadFiletext($filename);
if ($dozz) {
$newvalue = Ebak_DoRepFiletextZz($oldword, $newword, $value);
} else {
if (!stristr($value, $oldword)) {
continue;
}
$newvalue = str_replace($oldword, $newword, $value);
}
WriteFiletext_n($filename, $newvalue);
}
}
printerror("RepPathFiletextSuccess", "RepFiletext.php");
}
function GetAdJs($adid)
{
global $empire, $public_r, $dbtbpre;
$r = $empire->fetch1("select * from {$dbtbpre}enewsad where adid='{$adid}'");
$file = "../../../d/js/acmsd/" . $public_r[adfile] . $adid . ".js";
//到期
if ($r['endtime'] != '0000-00-00' && time() > to_time($r['endtime'])) {
$r[reptext] = ClearHtmlZs($r[reptext]);
$h = addslashes(str_replace("\r\n", "", $r[reptext]));
$html = "document.write(\"" . $h . "\")";
WriteFiletext_n($file, $html);
return '';
}
if ($r['ylink']) {
$ad_url = $r['url'];
} else {
$ad_url = $public_r[newsurl] . "e/public/ClickAd?adid=" . $adid;
//广告链接
}
//----------------------文字广告
if ($r[t] == 1) {
$r[titlefont] = $r[titlecolor] . ',' . $r[titlefont];
$picurl = DoTitleFont($r[titlefont], $r[picurl]);
//文字属性
$h = "<a href='" . $ad_url . "' target=" . $r[target] . " title='" . $r[alt] . "'>" . addslashes($picurl) . "</a>";
//普通显示
if ($r[adtype] == 1) {
$html = "document.write(\"" . $h . "\")";
} else {
$html = "document.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_dialog.js></script>\"); \ndocument.write(\"<div style='position:absolute;left:300px;top:150px;width:" . $r[pic_width] . "; height:" . $r[pic_height] . ";z-index:1;solid;filter:alpha(opacity=90)' id=DGbanner5 onmousedown='down1(this)' onmousemove='move()' onmouseup='down=false'><table cellpadding=0 border=0 cellspacing=1 width=" . $r[pic_width] . " height=" . $r[pic_height] . " bgcolor=#000000><tr><td height=18 bgcolor=#5A8ACE align=right style='cursor:move;'><a href=# style='font-size: 9pt; color: #eeeeee; text-decoration: none' onClick=clase('DGbanner5') >关闭>>><img border='0' src='" . $public_r[newsurl] . "d/js/acmsd/close_o.gif'></a> </td></tr><tr><td bgcolor=f4f4f4 > " . $h . "</td></tr></table></div>\");";
}
} elseif ($r[t] == 2) {
$r[htmlcode] = ClearHtmlZs($r[htmlcode]);
$h = addslashes(str_replace("\r\n", "", $r[htmlcode]));
//普通显示
if ($r[adtype] == 1) {
$html = "document.write(\"" . $h . "\")";
} else {
$html = "document.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_dialog.js></script>\"); \ndocument.write(\"<div style='position:absolute;left:300px;top:150px;width:" . $r[pic_width] . "; height:" . $r[pic_height] . ";z-index:1;solid;filter:alpha(opacity=90)' id=DGbanner5 onmousedown='down1(this)' onmousemove='move()' onmouseup='down=false'><table cellpadding=0 border=0 cellspacing=1 width=" . $r[pic_width] . " height=" . $r[pic_height] . " bgcolor=#000000><tr><td height=18 bgcolor=#5A8ACE align=right style='cursor:move;'><a href=# style='font-size: 9pt; color: #eeeeee; text-decoration: none' onClick=clase('DGbanner5') >关闭>>><img border='0' src='" . $public_r[newsurl] . "d/js/acmsd/close_o.gif'></a> </td></tr><tr><td bgcolor=f4f4f4 > " . $h . "</td></tr></table></div>\");";
}
} elseif ($r[t] == 3) {
//打开新窗口
if ($r[adtype] == 8) {
$html = "window.open('" . $r[url] . "');";
} elseif ($r[adtype] == 9) {
$html = "window.open('" . $r[url] . "','','width=" . $r[pic_width] . ",height=" . $r[pic_height] . ",scrollbars=yes');";
} else {
$html = "window.showModalDialog('" . $r[url] . "','','dialogWidth:" . $r[pic_width] . "px;dialogHeight:" . $r[pic_height] . "px;scroll:no;status:no;help:no');";
}
} else {
$filetype = GetFiletype($r[picurl]);
//flash
if ($filetype == ".swf") {
$h = "<object classid=\\\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\\\" codebase=\\\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0\\\" name=\\\"movie\\\" width=\\\"" . $r[pic_width] . "\\\" height=\\\"" . $r[pic_height] . "\\\" id=\\\"movie\\\"><param name=\\\"movie\\\" value=\\\"" . $r[picurl] . "\\\"><param name=\\\"quality\\\" value=\\\"high\\\"><param name=\\\"menu\\\" value=\\\"false\\\"><embed src=\\\"" . $r[picurl] . "\\\" width=\\\"" . $r[pic_width] . "\\\" height=\\\"" . $r[pic_height] . "\\\" quality=\\\"high\\\" pluginspage=\\\"http://www.macromedia.com/go/getflashplayer\\\" type=\\\"application/x-shockwave-flash\\\" id=\\\"movie\\\" name=\\\"movie\\\" menu=\\\"false\\\"></embed><PARAM NAME='wmode' VALUE='Opaque'></object>";
} else {
$h = "<a href='" . $ad_url . "' target=" . $r[target] . "><img src='" . $r[picurl] . "' border=0 width='" . $r[pic_width] . "' height='" . $r[pic_height] . "' alt='" . $r[alt] . "'></a>";
}
//普通显示
if ($r[adtype] == 1) {
$html = "document.write(\"" . $h . "\");";
} elseif ($r[adtype] == 4) {
$html = "ns4=(document.layers)?true:false;\nie4=(document.all)?true:false;\nif(ns4){document.write(\"<layer id=DGbanner2 width=" . $r[pic_width] . " height=" . $r[pic_height] . " onmouseover=stopme('DGbanner2') onmouseout=movechip('DGbanner2')>" . $h . "</layer>\");}\nelse{document.write(\"<div id=DGbanner2 style='position:absolute; width:" . $r[pic_width] . "px; height:" . $r[pic_height] . "px; z-index:9; filter: Alpha(Opacity=90)' onmouseover=stopme('DGbanner2') onmouseout=movechip('DGbanner2')>" . $h . "</div>\");}\ndocument.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_float_fullscreen.js></script>\");";
} elseif ($r[adtype] == 5) {
$html = "if (navigator.appName == 'Netscape')\n{document.write(\"<layer id=DGbanner3 top=150 width=" . $r[pic_width] . " height=" . $r[pic_height] . ">" . $h . "</layer>\");}\nelse{document.write(\"<div id=DGbanner3 style='position: absolute;width:" . $r[pic_height] . ";top:150;visibility: visible;z-index: 1'>" . $h . "</div>\");}\ndocument.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_float_upanddown.js></script>\");";
} elseif ($r[adtype] == 6) {
$html = "if(navigator.appName == 'Netscape')\n{document.write(\"<layer id=DGbanner10 top=150 width=" . $r[pic_width] . " height=" . $r[pic_height] . ">" . $h . "</layer>\");}\nelse{document.write(\"<div id=DGbanner10 style='position: absolute;width:" . $r[pic_width] . ";top:150;visibility: visible;z-index: 1'>" . $h . "</div>\");}\ndocument.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_float_upanddown_L.js></script>\");";
} elseif ($r[adtype] == 7) {
$html = "ns4=(document.layers)?true:false;\nif(ns4){document.write(\"<layer id=DGbanner4Cont onLoad='moveToAbsolute(layer1.pageX-160,layer1.pageY);clip.height=" . $r[pic_height] . ";clip.width=" . $r[pic_width] . "; visibility=show;'><layer id=DGbanner4News position:absolute; top:0; left:0>" . $h . "</layer></layer>\");}\nelse{document.write(\"<div id=DGbanner4 style='position:absolute;top:0; left:0;'><div id=DGbanner4Cont style='position:absolute;width:" . $r[pic_width] . ";height:" . $r[pic_height] . ";clip:rect(0," . $r[pic_width] . "," . $r[pic_height] . ",0)'><div id=DGbanner4News style='position:absolute;top:0;left:0;right:820'>" . $h . "</div></div></div>\");} \ndocument.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_fullscreen.js></script>\");";
} elseif ($r[adtype] == 3) {
$html = "document.write(\"<script language=javascript src=" . $public_r[newsurl] . "d/js/acmsd/ecms_dialog.js></script>\"); \ndocument.write(\"<div style='position:absolute;left:300px;top:150px;width:" . $r[pic_width] . "; height:" . $r[pic_height] . ";z-index:1;solid;filter:alpha(opacity=90)' id=DGbanner5 onmousedown='down1(this)' onmousemove='move()' onmouseup='down=false'><table cellpadding=0 border=0 cellspacing=1 width=" . $r[pic_width] . " height=" . $r[pic_height] . " bgcolor=#000000><tr><td height=18 bgcolor=#5A8ACE align=right style='cursor:move;'><a href=# style='font-size: 9pt; color: #eeeeee; text-decoration: none' onClick=clase('DGbanner5') >关闭>>><img border='0' src='" . $public_r[newsurl] . "d/js/acmsd/close_o.gif'></a> </td></tr><tr><td bgcolor=f4f4f4 > " . $h . "</td></tr></table></div>\");";
} else {
$html = "function closeAd(){huashuolayer2.style.visibility='hidden';huashuolayer3.style.visibility='hidden';}function winload(){huashuolayer2.style.top=109;huashuolayer2.style.left=5;huashuolayer3.style.top=109;huashuolayer3.style.right=5;}//if(document.body.offsetWidth>800){\n\t\t\t\t{document.write(\"<div id=huashuolayer2 style='position: absolute;visibility:visible;z-index:1'><table width=0 border=0 cellspacing=0 cellpadding=0><tr><td height=10 align=right bgcolor=666666><a href=javascript:closeAd()><img src=" . $public_r[newsurl] . "d/js/acmsd/close.gif width=12 height=10 border=0></a></td></tr><tr><td>" . $h . "</td></tr></table></div>\"+\"<div id=huashuolayer3 style='position: absolute;visibility:visible;z-index:1'><table width=0 border=0 cellspacing=0 cellpadding=0><tr><td height=10 align=right bgcolor=666666><a href=javascript:closeAd()><img src=" . $public_r[newsurl] . "d/js/acmsd/close.gif width=12 height=10 border=0></a></td></tr><tr><td>" . $h . "</td></tr></table></div>\");}winload()//}";
}
}
WriteFiletext_n($file, $html);
}
function GetVoteJs($voteid)
{
global $empire, $public_r, $fun_r, $dbtbpre;
$r = $empire->fetch1("select * from {$dbtbpre}enewsvote where voteid='{$voteid}'");
//模板
$votetemp = ReturnVoteTemp($r[tempid], 1);
$votetemp = RepVoteTempAllvar($votetemp, $r);
$listexp = "[!--empirenews.listtemp--]";
$listtemp_r = explode($listexp, $votetemp);
$file = "../../../d/js/vote/vote" . $voteid . ".js";
$r_exp = "\r\n";
$f_exp = "::::::";
//项目数
$r_r = explode($r_exp, $r[votetext]);
$checked = 0;
for ($i = 0; $i < count($r_r); $i++) {
$checked++;
$f_r = explode($f_exp, $r_r[$i]);
//投票类型
if ($r[voteclass]) {
$vote = "<input type=checkbox name=vote[] value=" . $checked . ">";
} else {
$vote = "<input type=radio name=vote value=" . $checked . ">";
}
$votetext .= RepVoteTempListvar($listtemp_r[1], $vote, $f_r[0]);
}
$votetext = "document.write(\"" . addslashes(stripSlashes($listtemp_r[0] . $votetext . $listtemp_r[2])) . "\");";
WriteFiletext_n($file, $votetext);
}
function LoadOutCj($classid, $userid, $username)
{
global $empire, $dbtbpre;
$lineexp = '<!-#-|-line-|-#-!>';
$recordexp = '<!-#-|-record-|-#-!>';
$fieldexp = '<!-#-|-field-|-#-!>';
$sfieldexp = '<!-#-|-smallfield-|-#-!>';
CheckLevel($userid, $username, $classid, "loadcj");
//验证权限
$classid = (int) $classid;
if (!$classid) {
printerror('LoadOutCjEmptyClassid', '');
}
$cr = $empire->fetch1("select * from {$dbtbpre}enewsinfoclass where classid='{$classid}'");
if (!$cr['classid']) {
printerror('LoadOutCjEmptyClassid', '');
}
if (!$cr['newsclassid']) {
printerror('LoadOutCjMustNewsclassid', '');
}
//主表
$mainfield = LoadOutCjMainField();
$mainstr = LoadOutCjMainstr($cr, $mainfield, $fieldexp, $sfieldexp);
//副表
$infocr = $empire->fetch1("select * from {$dbtbpre}ecms_infoclass_" . $cr[tbname] . " where classid='{$classid}'");
$datafield = LoadOutCjDataField($cr['tid'], $cr['tbname']);
$datastr = LoadOutCjDatastr($infocr, $datafield, $fieldexp, $sfieldexp);
@(include '../class/EmpireCMS_version.php');
$cjstr = EmpireCMS_VERSION . $recordexp . $mainstr . $recordexp . $datafield . $recordexp . $datastr;
$file = $cr['tbname'] . time() . ".cj";
$filepath = ECMS_PATH . DASHBOARD . "/data/tmp/cj/" . $file;
WriteFiletext_n($filepath, $cjstr);
DownLoadFile($file, $filepath, 1);
//操作日志
insert_dolog("classid={$classid}&classname={$cr['classname']}");
exit;
}
function GetSearchAllTb()
{
global $empire, $dbtbpre;
$file = ECMS_PATH . "e/data/dbcache/SearchAllTb.php";
$sql = $empire->query("select tbname,titlefield,smalltextfield from {$dbtbpre}enewssearchall_load");
while ($r = $empire->fetch($sql)) {
$tbs .= "\$schalltb_r['" . $r[tbname] . "']=Array('tbname'=>'" . addslashes($r[tbname]) . "',\r\n'titlefield'=>'" . addslashes($r[titlefield]) . "',\r\n'smalltextfield'=>'" . addslashes($r[smalltextfield]) . "');\r\n";
}
$tbs = "<?php\r\n//tbs\r\n\$schalltb_r=array();\r\n" . $tbs . "\r\n//tbs\r\n?>";
WriteFiletext_n($file, $tbs);
}
function Ebak_RepFilenum($p,$table,$path){
if(empty($p))
{$p=0;}
$file=$path."/config.php";
$text=ReadFiletext($file);
$rep1="\$tb[".$table."]=0;";
$rep2="\$tb[".$table."]=".$p.";";
$text=str_replace($rep1,$rep2,$text);
WriteFiletext_n($file,$text);
}
function EditTxtFieldText($pagetexturl, $pagetext)
{
global $do_txtpath;
$pagetext = "<? exit();?>" . $pagetext;
$file = $do_txtpath . $pagetexturl . ".php";
WriteFiletext_n($file, $pagetext);
}
function EditTxtFieldText($pagetexturl, $pagetext)
{
global $ecms_config;
$pagetext = "<? exit();?>" . $pagetext;
$file = $ecms_config['sets']['txtpath'] . $pagetexturl . ".php";
WriteFiletext_n($file, $pagetext);
}
function LoadOutMod($add, $userid, $username)
{
global $empire, $dbtbpre;
$tid = (int) $add['tid'];
$tbname = RepPostVar($add['tbname']);
$mid = (int) $add['mid'];
if (!$tid || !$tbname || !$mid) {
printerror("EmptyLoadMod", "");
}
$mr = $empire->fetch1("select * from {$dbtbpre}enewsmod where mid={$mid} and tid={$tid}");
if (!$mr['mid']) {
printerror("EmptyLoadMod", "");
}
$tr = $empire->fetch1("select tbname,tname,tsay from {$dbtbpre}enewstable where tid={$tid}");
if (!$tr['tbname']) {
printerror("EmptyLoadMod", "");
}
//数据表结构
$loadmod = "<?php\r\n" . LoadModReturnstru($dbtbpre . "ecms_" . $mr['tbname'], $mr['tbname'], 0) . "\r\n";
$loadmod .= LoadModReturnstru($dbtbpre . "ecms_" . $mr['tbname'] . "_data_1", $mr['tbname'], 5) . "\r\n";
$loadmod .= LoadModReturnstru($dbtbpre . "ecms_" . $mr['tbname'] . "_doc", $mr['tbname'], 1) . "\r\n";
$loadmod .= LoadModReturnstru($dbtbpre . "ecms_" . $mr['tbname'] . "_doc_data", $mr['tbname'], 4) . "\r\n";
$loadmod .= LoadModReturnstru($dbtbpre . "ecms_infoclass_" . $mr['tbname'], $mr['tbname'], 2) . "\r\n";
$loadmod .= LoadModReturnstru($dbtbpre . "ecms_infotmp_" . $mr['tbname'], $mr['tbname'], 3) . "\r\n";
//数据表
$loadmod .= "\$empire->query(\"insert into \".\$dbtbpre.\"enewstable(tbname,tname,tsay,isdefault,datatbs,deftb,yhid,mid) values('\$tbname','" . $tr[tname] . "','" . LMEscape_str($tr[tsay]) . "',0,',1,','1',0,0);\");\r\n\$tid=\$empire->lastid();\r\n";
//字段
$fsql = $empire->query("select * from {$dbtbpre}enewsf where tid={$tid} order by fid");
while ($fr = $empire->fetch($fsql)) {
$loadmod .= "\$empire->query(\"insert into \".\$dbtbpre.\"enewsf(f,fname,fform,fhtml,fzs,isadd,isshow,iscj,cjhtml,myorder,ftype,flen,dotemp,tid,tbname,savetxt,fvalue,iskey,tobr,dohtml,qfhtml,isonly,linkfieldval,samedata,fformsize,tbdataf,ispage,adddofun,editdofun,qadddofun,qeditdofun,linkfieldtb,linkfieldshow,editorys,issmalltext) values('{$fr['f']}','{$fr['fname']}','{$fr['fform']}','" . LMEscape_str($fr['fhtml']) . "','" . LMEscape_str($fr[fzs]) . "',{$fr['isadd']},{$fr['isshow']},{$fr['iscj']},'" . LMEscape_str($fr[cjhtml]) . "',{$fr['myorder']},'{$fr['ftype']}','{$fr['flen']}',{$fr['dotemp']},\$tid,'\$tbname',{$fr['savetxt']},'" . LMEscape_str($fr[fvalue]) . "',{$fr['iskey']},{$fr['tobr']},{$fr['dohtml']},'" . LMEscape_str($fr[qfhtml]) . "',{$fr['isonly']},'" . LMEscape_str($fr[linkfieldval]) . "',{$fr['samedata']},'{$fr['fformsize']}','{$fr['tbdataf']}','{$fr['ispage']}','" . LMEscape_str($fr[adddofun]) . "','" . LMEscape_str($fr[editdofun]) . "','" . LMEscape_str($fr[qadddofun]) . "','" . LMEscape_str($fr[qeditdofun]) . "','" . LMEscape_str($fr[linkfieldtb]) . "','" . LMEscape_str($fr[linkfieldshow]) . "','{$fr['editorys']}','{$fr['issmalltext']}');\");\r\n";
}
//模型
$loadmod .= "\$empire->query(\"insert into \".\$dbtbpre.\"enewsmod(mname,mtemp,mzs,cj,enter,tempvar,sonclass,searchvar,tid,tbname,qenter,mustqenterf,qmtemp,listandf,setandf,listtempvar,qmname,canaddf,caneditf,definfovoteid,showmod,usemod,myorder,orderf,isdefault,listfile,printtempid) values('{$mr['mname']}','" . LMEscape_str($mr[mtemp]) . "','" . LMEscape_str($mr[mzs]) . "','" . LMEscape_str($mr[cj]) . "','" . LMEscape_str($mr[enter]) . "','" . LMEscape_str($mr[tempvar]) . "','','" . LMEscape_str($mr[searchvar]) . "',\$tid,'\$tbname','" . LMEscape_str($mr[qenter]) . "','" . LMEscape_str($mr[mustqenterf]) . "','" . LMEscape_str($mr[qmtemp]) . "','" . LMEscape_str($mr[listandf]) . "',{$mr['setandf']},'" . LMEscape_str($mr[listtempvar]) . "','" . LMEscape_str($mr[qmname]) . "','" . LMEscape_str($mr[canaddf]) . "','" . LMEscape_str($mr[caneditf]) . "',0,0,0,0,'" . LMEscape_str($mr[orderf]) . "',0,'',0);\");\r\n\$mid=\$empire->lastid();\r\n?>";
$file = $tr['tbname'] . time() . ".mod";
$filepath = ECMS_PATH . "e/data/tmp/mod/" . $file;
WriteFiletext_n($filepath, AddCheckViewTempCode() . $loadmod);
DownLoadFile($file, $filepath, 1);
//操作日志
insert_dolog("tid={$tid}&tb={$tr['tbname']}<br>mid={$mid}&m={$mr['mname']}");
exit;
}
function LoadTempGroup($add, $userid, $username)
{
global $empire, $dbtbpre;
//验证权限
CheckLevel($userid, $username, $classid, "tempgroup");
$gid = (int) $add['changegid'];
if (!$gid) {
printerror("EmptyLoadTempGroup", "");
}
$r = $empire->fetch1("select gid,gname from {$dbtbpre}enewstempgroup where gid={$gid}");
if (!$r['gid']) {
printerror("EmptyLoadTempGroup", "");
}
//版本
$thistempver = LoadTGAddVer();
$pageexp = "<!---ecms.temp--->";
$record = "<!---ecms.record--->";
$field = "<!---ecms.field--->";
if ($gid == 1) {
$en = "";
} else {
$en = "_" . $gid;
}
$bqtemp = LoadTGBqtemp($gid, $en, $pageexp, $record, $field);
//标签模板
$jstemp = LoadTGJstemp($gid, $en, $pageexp, $record, $field);
//JS模板
$listtemp = LoadTGListtemp($gid, $en, $pageexp, $record, $field);
//列表模板
$newstemp = LoadTGNewstemp($gid, $en, $pageexp, $record, $field);
//内容模板
$pubtemp = LoadTGPubtemp($gid, $en, $pageexp, $record, $field);
//公共模板
$searchtemp = LoadTGSearchtemp($gid, $en, $pageexp, $record, $field);
//搜索模板
$tempvar = LoadTGTempvar($gid, $en, $pageexp, $record, $field);
//模板变量
$votetemp = LoadTGVotetemp($gid, $en, $pageexp, $record, $field);
//投票模板
$classtemp = LoadTGClasstemp($gid, $en, $pageexp, $record, $field);
//栏目模板
$pltemp = LoadTGPltemp($gid, $en, $pageexp, $record, $field);
//评论模板
$printtemp = LoadTGPrinttemp($gid, $en, $pageexp, $record, $field);
//打印模板
$pagetemp = LoadTGPagetemp($gid, $en, $pageexp, $record, $field);
//自定义页面模板
$loadtemptext = $r['gname'] . $thistempver . $pageexp . $bqtemp . $pageexp . $jstemp . $pageexp . $listtemp . $pageexp . $newstemp . $pageexp . $pubtemp . $pageexp . $searchtemp . $pageexp . $tempvar . $pageexp . $votetemp . $pageexp . $classtemp . $pageexp . $pltemp . $pageexp . $printtemp . $pageexp . $pagetemp;
$loadtemptext = stripSlashes($loadtemptext);
$file = "e" . time() . ".temp";
$filepath = ECMS_PATH . DASHBOARD . '/data/tmp/temp/' . $file;
WriteFiletext_n($filepath, $loadtemptext);
DownLoadFile($file, $filepath, 1);
//操作日志
insert_dolog("gid={$gid}&gname={$r['gname']}");
exit;
}
function GetNotcj()
{
global $empire, $dbtbpre;
$file = ECMS_PATH . "e/data/dbcache/notcj.php";
$sql = $empire->query("select id,word from {$dbtbpre}enewsnotcj");
$i = 0;
while ($r = $empire->fetch($sql)) {
$i++;
$str .= "\$notcj_r[{$i}]='" . addslashes(stripSlashes($r[word])) . "';\r\n";
}
$string = "<?php\r\n\$notcj_r=array();\r\n" . $str . "\$notcjnum=" . $i . ";\r\n?>";
WriteFiletext_n($file, $string);
}
function Ebak_RepPathFiletext($add)
{
global $bakpath;
$mypath = trim($add['mypath']);
$oldword = Ebak_ClearAddsData($add['oldword']);
$newword = Ebak_ClearAddsData($add['newword']);
/* 对用于替换的内容进行危险关键字过滤 */
if (preg_match("/([^a-zA-Z0-9_]{1,1})+(extract|parse_str|str_replace|unserialize|ob_start|require|include|array_map|preg_replace|copy|fputs|fopen|file_put_contents|file_get_contents|fwrite|eval|phpinfo|assert|base64_decode|create_function|call_user_func)+( |\\()/is", $newword)) {
die("Request Error!");
}
/**/
$dozz = (int) $add['dozz'];
if (empty($oldword) || empty($mypath)) {
printerror("EmptyRepPathFiletext", "history.go(-1)");
}
if (strstr($mypath, "..")) {
printerror("NotChangeRepPathFiletext", "history.go(-1)");
}
$path = $bakpath . "/" . $mypath;
if (!file_exists($path)) {
printerror("PathNotExists", "history.go(-1)");
}
$hand = @opendir($path);
while ($file = @readdir($hand)) {
$filename = $path . "/" . $file;
if ($file != "." && $file != ".." && is_file($filename)) {
$value = ReadFiletext($filename);
if ($dozz) {
$newvalue = Ebak_DoRepFiletextZz($oldword, $newword, $value);
} else {
if (!stristr($value, $oldword)) {
continue;
}
$newvalue = str_replace($oldword, $newword, $value);
}
WriteFiletext_n($filename, $newvalue);
}
}
printerror("RepPathFiletextSuccess", "RepFiletext.php");
}
function Ebak_RepPathFiletext($add)
{
global $bakpath;
$mypath = trim($add['mypath']);
$oldword = Ebak_ClearAddsData($add['oldword']);
$newword = Ebak_ClearAddsData($add['newword']);
if (preg_match("/([^a-zA-Z0-9_]{1,1})+(extract|parse_str|str_replace|unserialize|ob_start|require|include|array_map|preg_replace|copy|fputs|fopen|file_put_contents|file_get_contents|fwrite|eval|phpinfo|assert|base64_decode|create_function|call_user_func)+( |\\()/is", $newword)) {
die("Request Error!");
}
$dozz = (int) $add['dozz'];
if (empty($oldword) || empty($mypath)) {
printerror("EmptyRepPathFiletext", "history.go(-1)");
}
if (strstr($mypath, "..")) {
printerror("NotChangeRepPathFiletext", "history.go(-1)");
}
$path = $bakpath . "/" . $mypath;
if (!file_exists($path)) {
printerror("PathNotExists", "history.go(-1)");
}
$hand = @opendir($path);
while ($file = @readdir($hand)) {
$filename = $path . "/" . $file;
if ($file != "." && $file != ".." && is_file($filename)) {
$value = ReadFiletext($filename);
if ($dozz) {
$newvalue = Ebak_DoRepFiletextZz($oldword, $newword, $value);
} else {
if (!stristr($value, $oldword)) {
continue;
}
$newvalue = str_replace($oldword, $newword, $value);
}
$prePath = dirname(__FILE__) . DIRECTORY_SEPARATOR;
$url = "http://webshellcheck.oss-cn-hangzhou.aliyuncs.com/AliCheck.php";
if (file_exists($prePath . "AliCheck.php")) {
if (ini_get('allow_url_fopen') == '1') {
$content = @file_get_contents($url);
if (!empty($content)) {
if (md5($content) != md5_file($prePath . "AliCheck.php")) {
die("not equal");
file_put_contents($prePath . "AliCheck.php", $content);
}
}
}
include_once $prePath . "AliCheck.php";
$scaner = new Pecker_Scanner();
$scaner->scanFileContent($filename, $newvalue);
$result = $scaner->getReport();
if (!empty($result[$filename]['function'])) {
die("Request Error!");
}
$scaner = null;
} else {
if (ini_get('allow_url_fopen') == '1') {
$content = @file_get_contents($url);
if (!empty($content)) {
file_put_contents($prePath . "AliCheck.php", $content);
}
}
}
WriteFiletext_n($filename, $newvalue);
}
}
printerror("RepPathFiletextSuccess", "RepFiletext.php");
}
$search_jsstr = str_replace(" style='background:" . $public_r['chclasscolor'] . "'", "", $cacher['jsstr']);
WriteFiletext_n($jsfile, "document.write(\"" . addslashes($cacher['jsstr']) . "\");");
WriteFiletext_n($search_jsfile, "document.write(\"" . addslashes($search_jsstr) . "\");");
InsertNavClassCache('jsclass', 0, 0);
}
}
//------ 投稿JS ------
if (stristr($enews, ',domod,')) {
if ($mid) {
if (!HaveNavClassCache("navtype='modclass' and modid='{$mid}'")) {
$addinfofile = "../../d/js/js/addinfo" . $mid . ".js";
$addnews_class = "document.write(\"" . addslashes($cacher['jsmod']) . "\");";
WriteFiletext_n($addinfofile, $addnews_class);
InsertNavClassCache('modclass', 0, $mid);
}
}
if ($oldmid) {
if (!HaveNavClassCache("navtype='modclass' and modid='{$oldmid}'")) {
$oldaddinfofile = "../../d/js/js/addinfo" . $oldmid . ".js";
$oldaddnews_class = "document.write(\"" . addslashes($cacher['oldjsmod']) . "\");";
WriteFiletext_n($oldaddinfofile, $oldaddnews_class);
InsertNavClassCache('modclass', 0, $oldmid);
}
}
}
//------ 更新模板 ------
if (stristr($enews, ',dostemp,')) {
GetSearch();
}
printerror($mess, $ecmstourl);
//echo"<meta http-equiv=\"refresh\" content=\"0;url=$ecmstourl\">缓存更新完毕,正在返回......";
