function mdl_dbconfig()
{
if (!fn_token("chk")) {
//令牌
return array("alert" => "x030102");
exit;
}
$_str_dbHost = fn_getSafe(fn_post("db_host"), "txt", "localhost");
$_str_dbPort = fn_getSafe(fn_post("db_port"), "txt", "3306");
$_str_dbName = fn_getSafe(fn_post("db_name"), "txt", "baigo_cms");
$_str_dbUser = fn_getSafe(fn_post("db_user"), "txt", "baigo_cms");
$_str_dbPass = fn_getSafe(fn_post("db_pass"), "txt", "");
$_str_dbCharset = fn_getSafe(fn_post("db_charset"), "txt", "utf8");
$_str_dbTable = fn_getSafe(fn_post("db_table"), "txt", "cms_");
$_str_content = "<?php" . PHP_EOL;
$_str_content .= "define(\"BG_DB_HOST\", \"" . $_str_dbHost . "\");" . PHP_EOL;
$_str_content .= "define(\"BG_DB_PORT\", \"" . $_str_dbPort . "\");" . PHP_EOL;
$_str_content .= "define(\"BG_DB_NAME\", \"" . $_str_dbName . "\");" . PHP_EOL;
$_str_content .= "define(\"BG_DB_USER\", \"" . $_str_dbUser . "\");" . PHP_EOL;
$_str_content .= "define(\"BG_DB_PASS\", \"" . $_str_dbPass . "\");" . PHP_EOL;
$_str_content .= "define(\"BG_DB_CHARSET\", \"" . $_str_dbCharset . "\");" . PHP_EOL;
$_str_content .= "define(\"BG_DB_TABLE\", \"" . $_str_dbTable . "\");" . PHP_EOL;
$_num_size = file_put_contents(BG_PATH_CONFIG . "config_db.inc.php", $_str_content);
if ($_num_size > 0) {
$_str_alert = "y060101";
} else {
$_str_alert = "x060101";
}
return array("alert" => $_str_alert);
}
function ajax_clear()
{
if ($this->adminLogged["alert"] != "y020102") {
//未登录,抛出错误信息
$this->show_err($this->adminLogged["alert"], "err");
}
if (!isset($this->adminLogged["admin_allow"]["media"]["del"])) {
$this->show_err("x070304", "err");
}
$_num_last = fn_getSafe(fn_post("last"), "int", 0);
$_num_perPage = 10;
$_num_mediaCount = $this->mdl_media->mdl_count("", "", "", "", 0, "normal");
$_arr_page = fn_page($_num_mediaCount, $_num_perPage, "post");
$_arr_mediaRows = $this->mdl_media->mdl_list($_num_perPage, 0, "", "", "", "", 0, "normal", false, 0, $_num_last);
if ($_arr_mediaRows) {
foreach ($_arr_mediaRows as $_key => $_value) {
$_arr_mediaRow = $this->mdl_media->mdl_chkMedia($_value["media_id"], $_value["media_ext"], $_value["media_time"]);
if ($_arr_mediaRow["alert"] == "x070406") {
$this->mdl_media->mdl_box("recycle", array($_value["media_id"]));
}
}
$_str_status = "loading";
$_str_msg = $this->obj_ajax->alert["x070407"];
} else {
$_str_status = "complete";
$_str_msg = $this->obj_ajax->alert["y070407"];
}
$_arr_re = array("msg" => $_str_msg, "count" => $_arr_page["total"], "last" => $_value["media_id"], "status" => $_str_status);
exit(json_encode($_arr_re));
}
function ajax_order()
{
if (!isset($this->adminLogged["groupRow"]["group_allow"]["opt"]["custom"])) {
$this->obj_ajax->halt_alert("x200303");
}
if (!fn_token("chk")) {
//令牌
$this->obj_ajax->halt_alert("x030102");
}
$_num_customId = fn_getSafe(fn_post("custom_id"), "int", 0);
//ID
if ($_num_customId == 0) {
$this->obj_ajax->halt_alert("x200209");
}
$_arr_customRow = $this->mdl_custom->mdl_read($_num_customId);
if ($_arr_customRow["alert"] != "y200102") {
$this->obj_ajax->halt_alert($_arr_customRow["alert"]);
}
$_num_parentId = fn_getSafe(fn_post("custom_parent_id"), "int", 0);
$_str_orderType = fn_getSafe(fn_post("order_type"), "txt", "order_first");
$_num_targetId = fn_getSafe(fn_post("order_target"), "int", 0);
$_arr_customRow = $this->mdl_custom->mdl_order($_str_orderType, $_num_customId, $_num_targetId, $_num_parentId);
$this->misc_process();
$this->obj_ajax->halt_alert($_arr_customRow["alert"]);
}
/**
* api_decode function.
*
* @access public
* @return void
*/
function api_decode()
{
$this->app_check("post");
$_arr_code = validateStr(fn_post("code"), 1, 0);
switch ($_arr_code["status"]) {
case "too_short":
$_arr_return = array("alert" => "x080202");
$this->obj_api->halt_re($_arr_return);
break;
case "ok":
$_str_code = $_arr_code["str"];
break;
}
$_arr_key = validateStr(fn_post("key"), 1, 0);
switch ($_arr_key["status"]) {
case "too_short":
$_arr_return = array("alert" => "x080203");
$this->obj_api->halt_re($_arr_return);
break;
case "ok":
$_str_key = $_arr_key["str"];
break;
}
$_str_result = fn_baigoDecode($_str_code, $_str_key);
exit($_str_result);
}
/**
* ajax_order function.
*
* @access public
* @return void
*/
function ajax_order()
{
if (!isset($this->adminLogged["groupRow"]["group_allow"]["cate"]["edit"])) {
$this->obj_ajax->halt_alert("x110303");
}
if (!fn_token("chk")) {
//令牌
$this->obj_ajax->halt_alert("x030102");
}
$_num_cateId = fn_getSafe(fn_post("cate_id"), "int", 0);
//ID
if ($_num_cateId == 0) {
$this->obj_ajax->halt_alert("x110217");
}
$_arr_cateRow = $this->mdl_cate->mdl_read($_num_cateId);
if ($_arr_cateRow["alert"] != "y110102") {
$this->obj_ajax->halt_alert($_arr_cateRow["alert"]);
}
$_num_parentId = fn_getSafe(fn_post("cate_parent_id"), "int", 0);
$_str_orderType = fn_getSafe(fn_post("order_type"), "txt", "order_first");
$_num_targetId = fn_getSafe(fn_post("order_target"), "int", 0);
$_arr_cateRow = $this->mdl_cate->mdl_order($_str_orderType, $_num_cateId, $_num_targetId, $_num_parentId);
$this->mdl_cate->mdl_cache(array($_num_cateId));
$this->obj_ajax->halt_alert($_arr_cateRow["alert"]);
}
/**
* ajax_submit function.
*
* @access public
* @return void
*/
function ajax_submit()
{
$_arr_adminSubmit = $this->mdl_admin->input_submit();
if ($_arr_adminSubmit["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]);
}
$_str_adminPassDo = "";
$_str_adminRand = "";
if ($_arr_adminSubmit["admin_id"] > 0) {
if (!isset($this->adminLogged["admin_allow"]["admin"]["edit"]) && !$this->is_super) {
$this->obj_ajax->halt_alert("x020303");
}
if ($_arr_adminSubmit["admin_id"] == $this->adminLogged["admin_id"] && !$this->is_super) {
$this->obj_ajax->halt_alert("x020306");
}
$_str_adminPass = fn_post("admin_pass");
if (!fn_isEmpty($_str_adminPass)) {
$_str_adminRand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
}
} else {
if (!isset($this->adminLogged["admin_allow"]["admin"]["add"]) && !$this->is_super) {
$this->obj_ajax->halt_alert("x020302");
}
$_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPass["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x020205");
break;
case "ok":
$_str_adminPass = $_arr_adminPass["str"];
break;
}
$_str_adminRand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
}
$_arr_adminRow = $this->mdl_admin->mdl_submit($_str_adminPassDo, $_str_adminRand);
if ($_arr_adminRow["alert"] == "y020101" || $_arr_adminRow["alert"] == "y020103") {
$_arr_targets[] = array("admin_id" => $_arr_adminRow["admin_id"]);
$_str_targets = json_encode($_arr_targets);
if ($_arr_adminRow["alert"] == "y020101") {
$_type = "add";
} else {
$_type = "edit";
}
$_str_adminRow = json_encode($_arr_adminRow);
$_arr_logData = array("log_targets" => $_str_targets, "log_target_type" => "admin", "log_title" => $this->log["admin"][$_type], "log_result" => $_str_adminRow, "log_type" => "admin");
$this->mdl_log->mdl_submit($_arr_logData, $this->adminLogged["admin_id"]);
}
$this->obj_ajax->halt_alert($_arr_adminRow["alert"]);
}
function ajax_toSpec()
{
if (!isset($this->adminLogged["groupRow"]["group_allow"]["article"]["spec"])) {
$this->obj_ajax->halt_alert("x180302");
}
$_arr_articleIds = $this->mdl_article->input_ids();
if ($_arr_articleIds["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_articleIds["alert"]);
}
$_str_act = fn_getSafe($GLOBALS["act_post"], "txt", "");
$_nun_specId = fn_getSafe(fn_post("spec_id"), "int", 0);
$_arr_articleRow = $this->mdl_article->mdl_toSpec($_str_act, $_nun_specId);
$this->obj_ajax->halt_alert($_arr_articleRow["alert"]);
}
/** 读取 app 信息
* app_get function.
*
* @access public
* @param bool $chk_token (default: false)
* @return void
*/
function notify_input($str_method = "get", $chk_token = false)
{
switch ($str_method) {
case "post":
$_str_time = fn_post("time");
$_str_signature = fn_post("signature");
$_str_code = fn_post("code");
$this->jsonp_callback = fn_post("callback");
$_arr_notifyInput["act_post"] = fn_post("act_post");
break;
default:
$_str_time = fn_get("time");
$_str_signature = fn_get("signature");
$_str_code = fn_get("code");
$this->jsonp_callback = fn_get("callback");
$_arr_notifyInput["act_get"] = fn_get("act_get");
break;
}
$_arr_time = validateStr($_str_time, 1, 0);
switch ($_arr_time["status"]) {
case "too_short":
return array("alert" => "x220201");
break;
case "ok":
$_arr_notifyInput["time"] = $_arr_time["str"];
break;
}
$_arr_signature = validateStr($_str_signature, 1, 0);
switch ($_arr_signature["status"]) {
case "too_short":
return array("alert" => "x220203");
break;
case "ok":
$_arr_notifyInput["signature"] = $_arr_signature["str"];
break;
}
$_arr_code = validateStr($_str_code, 1, 0);
switch ($_arr_code["status"]) {
case "too_short":
return array("alert" => "x220204");
break;
case "ok":
$_arr_notifyInput["code"] = $_arr_code["str"];
break;
}
$_arr_notifyInput["alert"] = "ok";
return $_arr_notifyInput;
}
/**
* ajax_submit function.
*
* @access public
* @return void
*/
function ajax_submit()
{
$_arr_adminSubmit = $this->mdl_admin->input_submit();
if ($_arr_adminSubmit["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]);
}
if ($_arr_adminSubmit["admin_id"] > 0) {
if (!isset($this->adminLogged["admin_allow"]["admin"]["edit"])) {
$this->obj_ajax->halt_alert("x020303");
}
if ($_arr_adminSubmit["admin_id"] == $this->adminLogged["admin_id"]) {
$this->obj_ajax->halt_alert("x020306");
}
$_arr_ssoGet = $this->obj_sso->sso_get($_arr_adminSubmit["admin_id"]);
if ($_arr_ssoGet["alert"] != "y010102") {
$this->obj_ajax->halt_alert($_arr_ssoGet["alert"]);
}
$_str_adminPass = fn_post("admin_pass");
$_arr_ssoEdit = $this->obj_sso->sso_edit($_arr_adminSubmit["admin_name"], "", $_str_adminPass, $_arr_adminSubmit["admin_mail"], $_arr_adminSubmit["admin_nick"]);
$_num_adminId = $_arr_adminSubmit["admin_id"];
} else {
if (!isset($this->adminLogged["admin_allow"]["admin"]["add"])) {
$this->obj_ajax->halt_alert("x020302");
}
$_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPass["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x020210");
break;
case "ok":
$_str_adminPass = $_arr_adminPass["str"];
break;
}
$_arr_ssoReg = $this->obj_sso->sso_reg($_arr_adminSubmit["admin_name"], $_str_adminPass, $_arr_adminSubmit["admin_mail"], $_arr_adminSubmit["admin_nick"]);
if ($_arr_ssoReg["alert"] != "y010101") {
$this->obj_ajax->halt_alert($_arr_ssoReg["alert"]);
}
$_num_adminId = $_arr_ssoReg["user_id"];
}
$_arr_adminRow = $this->mdl_admin->mdl_submit($_num_adminId);
if ($_arr_ssoEdit["alert"] == "y010103" || $_arr_adminRow["alert"] == "y020103") {
$_str_alert = "y020103";
} else {
$_str_alert = $_arr_adminRow["alert"];
}
$this->obj_ajax->halt_alert($_str_alert);
}
function ajax_reset()
{
if (!isset($this->adminLogged["groupRow"]["group_allow"]["more"]["app"])) {
$this->obj_ajax->halt_alert("x190303");
}
$_num_appId = fn_getSafe(fn_post("app_id"), "int", 0);
if ($_num_appId == 0) {
return array("alert" => "x190203");
}
$_arr_appRow = $this->mdl_app->mdl_read($_num_appId);
if ($_arr_appRow["alert"] != "y190102") {
return $_arr_appRow;
exit;
}
$_arr_appRow = $this->mdl_app->mdl_reset($_num_appId);
$this->obj_ajax->halt_alert($_arr_appRow["alert"]);
}
/** 令牌生成、校对
* fn_token function.
*
* @access public
* @param string $token_action (default: "mk")
* @param string $token_method (default: "post")
* @return void
*/
function fn_token($token_action = "mk")
{
if (fn_isEmpty(fn_session("admin_hash"))) {
$_str_nameSession = "token_session";
$_str_nameCookie = "token_cookie";
} else {
$_str_tokenName = fn_session("admin_hash");
$_str_nameSession = "token_session_" . $_str_tokenName;
$_str_nameCookie = "token_cookie_" . $_str_tokenName;
}
switch ($token_action) {
case "chk":
$_str_nameSession = fn_getSafe(fn_post($_str_nameSession), "txt", "");
$_str_nameCookie = fn_cookie($_str_nameCookie);
if (BG_SWITCH_TOKEN == 1) {
if ($_str_nameSession != fn_session($_str_nameSession) || $_str_nameCookie != fn_session($_str_nameCookie)) {
$_str_return = false;
} else {
$_str_return = true;
}
} else {
$_str_return = true;
}
break;
default:
if (BG_SWITCH_TOKEN == 1) {
if (fn_isEmpty(fn_session($_str_nameSession))) {
$_str_tokenSession = fn_rand();
fn_session($_str_nameSession, "mk", $_str_tokenSession);
} else {
$_str_tokenSession = fn_session($_str_nameSession);
}
if (fn_isEmpty(fn_session($_str_nameCookie))) {
$_str_tokenCookie = fn_rand();
fn_session($_str_nameCookie, "mk", $_str_tokenCookie);
} else {
$_str_tokenCookie = fn_session($_str_nameCookie);
}
$_str_return = $_str_tokenSession;
fn_cookie($_str_nameCookie, "mk", $_str_tokenCookie);
}
break;
}
return array("token" => $_str_return, "name_session" => $_str_nameSession, "name_sookie" => $_str_nameCookie);
}
/** 读取 app 信息
* app_get function.
*
* @access public
* @param bool $chk_token (default: false)
* @return void
*/
function app_get($str_method = "get", $chk_token = false)
{
if ($str_method == "post") {
$num_appId = fn_post("app_id");
$str_appKey = fn_post("app_key");
} else {
$num_appId = fn_get("app_id");
$str_appKey = fn_get("app_key");
}
$_arr_appId = validateStr($num_appId, 1, 0, "str", "int");
switch ($_arr_appId["status"]) {
case "too_short":
return array("alert" => "x050203");
exit;
break;
case "format_err":
return array("alert" => "x050204");
exit;
break;
case "ok":
$_arr_appGet["app_id"] = $_arr_appId["str"];
break;
}
$_arr_appKey = validateStr($str_appKey, 1, 64, "str", "alphabetDigit");
switch ($_arr_appKey["status"]) {
case "too_short":
return array("alert" => "x050214");
exit;
break;
case "too_long":
return array("alert" => "x050215");
exit;
break;
case "format_err":
return array("alert" => "x050216");
exit;
break;
case "ok":
$_arr_appGet["app_key"] = $_arr_appKey["str"];
break;
}
$_arr_appGet["alert"] = "ok";
return $_arr_appGet;
}
/**
* api_decode function.
*
* @access public
* @return void
*/
function api_decode()
{
$this->app_check("post");
$_arr_code = validateStr(fn_post("code"), 1, 0);
switch ($_arr_code["status"]) {
case "too_short":
$_arr_return = array("alert" => "x050223");
$this->obj_api->halt_re($_arr_return);
break;
case "ok":
$_str_code = $_arr_code["str"];
break;
}
$_arr_sign = array("act_post" => $GLOBALS["act_post"], "code" => $_str_code);
if (!$this->obj_sign->sign_check(array_merge($this->appRequest, $_arr_sign), $this->appRequest["signature"])) {
$_arr_return = array("alert" => "x050403");
$this->obj_api->halt_re($_arr_return);
}
$_str_result = $this->obj_crypt->decrypt($_str_code, $this->appRow["app_key"]);
exit($_str_result);
}
/**
* ajax_visit function.
*
* @access public
* @return void
*/
function ajax_visit()
{
if (!isset($this->adminLogged["groupRow"]["group_allow"]["opt"]["visit"])) {
$this->obj_ajax->halt_alert("x060304");
}
$_arr_return = $this->mdl_opt->mdl_const("visit");
if ($_arr_return["alert"] != "y060101") {
$this->obj_ajax->halt_alert($_arr_return["alert"]);
}
$_arr_post = fn_post("opt");
if ($_arr_post["BG_VISIT_TYPE"] == "pstatic") {
$_arr_return = $this->mdl_opt->mdl_htaccess();
if ($_arr_return["alert"] != "y060101") {
$this->obj_ajax->halt_alert($_arr_return["alert"]);
}
} else {
if (file_exists(BG_PATH_ROOT . ".htaccess")) {
unlink(BG_PATH_ROOT . ".htaccess");
}
}
$this->obj_ajax->halt_alert("y060404");
}
/**
* api_verify function.
*
* @access public
* @return void
*/
function api_verify()
{
$this->app_check("post");
$_arr_params = fn_post("params");
$_arr_signature = validateStr(fn_post("signature"), 1, 0);
switch ($_arr_signature["status"]) {
case "too_short":
$_arr_return = array("alert" => "x050226");
$this->obj_api->halt_re($_arr_return);
break;
case "ok":
$_str_sign = $_arr_signature["str"];
break;
}
if ($this->obj_sign->sign_check($_arr_params, $_str_sign)) {
$_str_alert = "y050403";
} else {
$_str_alert = "x050403";
}
$_arr_return = array("alert" => $_str_alert);
$this->obj_api->halt_re($_arr_return);
}
/**
* api_encode function.
*
* @access public
* @return void
*/
function api_encode()
{
$this->app_check("post");
if (!isset($this->appAllow["code"]["encode"])) {
$_arr_return = array("alert" => "x050314");
$this->log_do($_arr_return, "encode");
$this->obj_api->halt_re($_arr_return);
}
$_arr_data = validateStr(fn_post("data"), 1, 0);
switch ($_arr_data["status"]) {
case "too_short":
$_arr_return = array("alert" => "x080201");
$this->obj_api->halt_re($_arr_return);
break;
case "ok":
$_str_data = html_entity_decode($_arr_data["str"]);
break;
}
$_str_key = fn_rand(6);
$_str_code = fn_baigoEncode($_str_data, $_str_key);
$_arr_return = array("code" => $_str_code, "key" => $_str_key, "alert" => "y050405");
$this->obj_api->halt_re($_arr_return);
}
function ajax_submit()
{
$_arr_userSubmit = $this->mdl_user->input_submit();
$_str_userPassDo = "";
$_str_userRand = "";
if ($_arr_userSubmit["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_userSubmit["alert"]);
}
if ($_arr_userSubmit["user_id"] > 0) {
if (!isset($this->adminLogged["admin_allow"]["user"]["edit"])) {
$this->obj_ajax->halt_alert("x010303");
}
$_str_userPass = fn_post("user_pass");
if ($_str_userPass) {
$_str_userRand = fn_rand(6);
$_str_userPassDo = fn_baigoEncrypt($_str_userPass, $_str_userRand);
}
} else {
if (!isset($this->adminLogged["admin_allow"]["user"]["add"])) {
$this->obj_ajax->halt_alert("x010302");
}
$_arr_userPass = validateStr(fn_post("user_pass"), 1, 0);
switch ($_arr_userPass["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x010212");
break;
case "ok":
$_str_userPass = $_arr_userPass["str"];
break;
}
$_str_userRand = fn_rand(6);
$_str_userPassDo = fn_baigoEncrypt($_str_userPass, $_str_userRand);
}
$_arr_userRow = $this->mdl_user->mdl_submit($_str_userPassDo, $_str_userRand);
$this->obj_ajax->halt_alert($_arr_userRow["alert"]);
}
function ajax_admin()
{
$this->check_db();
include_once BG_PATH_MODEL . "admin.class.php";
//载入管理帐号模型
$_mdl_admin = new MODEL_ADMIN();
$_arr_adminSubmit = $_mdl_admin->input_submit();
if ($_arr_adminSubmit["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]);
}
$_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPass["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x020205");
break;
case "ok":
$_str_adminPass = $_arr_adminPass["str"];
break;
}
$_arr_adminPassConfirm = validateStr(fn_post("admin_pass_confirm"), 1, 0);
switch ($_arr_adminPassConfirm["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x020211");
break;
case "ok":
$_str_adminPassConfirm = $_arr_adminPassConfirm["str"];
break;
}
if ($_str_adminPass != $_str_adminPassConfirm) {
$this->obj_ajax->halt_alert("x020206");
}
$_str_adminRand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
$_arr_adminRow = $_mdl_admin->mdl_submit($_str_adminPassDo, $_str_adminRand);
$this->obj_ajax->halt_alert("y030407");
}
/**
* fn_page function.
*
* @access public
* @param mixed $num_total
* @param mixed $num_per (default: BG_DEFAULT_PERPAGE)
* @return void
*/
function fn_page($num_total, $num_per = BG_DEFAULT_PERPAGE, $method = "get")
{
switch ($method) {
case "post":
$_num_pageThis = fn_getSafe(fn_post("page"), "int", 1);
break;
default:
$_num_pageThis = fn_getSafe(fn_get("page"), "int", 1);
break;
}
if ($_num_pageThis < 1) {
$_num_pageThis = 1;
} else {
$_num_pageThis = $_num_pageThis;
}
$_num_pageTotal = $num_total / $num_per;
if (intval($_num_pageTotal) < $_num_pageTotal) {
$_num_pageTotal = intval($_num_pageTotal) + 1;
} else {
if ($_num_pageTotal < 1) {
$_num_pageTotal = 1;
} else {
$_num_pageTotal = intval($_num_pageTotal);
}
}
if ($_num_pageThis > $_num_pageTotal) {
$_num_pageThis = $_num_pageTotal;
}
if ($_num_pageThis <= 1) {
$_num_except = 0;
} else {
$_num_except = ($_num_pageThis - 1) * $num_per;
}
$_p = intval(($_num_pageThis - 1) / 10);
//是否存在上十页、下十页参数
$_begin = $_p * 10 + 1;
//列表起始页
$_end = $_p * 10 + 10;
//列表结束页
if ($_end >= $_num_pageTotal) {
$_end = $_num_pageTotal;
}
return array("page" => $_num_pageThis, "p" => $_p, "begin" => $_begin, "end" => $_end, "total" => $_num_pageTotal, "except" => $_num_except);
}
/**
* ajax_notice function.
*
* @access public
* @return void
*/
function ajax_notice()
{
$_num_appId = fn_getSafe(fn_post("app_id_notice"), "int", 0);
if ($_num_appId == 0) {
$this->obj_ajax->halt_alert("x050203");
}
if (!isset($this->adminLogged["admin_allow"]["app"]["browse"])) {
$this->obj_ajax->halt_alert("x050301");
}
$_arr_appRow = $this->mdl_app->mdl_read($_num_appId);
if ($_arr_appRow["alert"] != "y050102") {
$this->obj_ajax->halt_alert($_arr_appRow["alert"]);
}
$_tm_time = time();
$_str_rand = fn_rand();
$_str_sign = fn_baigoSignMk($_tm_time, $_str_rand);
$_str_echo = fn_rand();
$_arr_data = array("act_get" => "test", "time" => $_tm_time, "random" => $_str_rand, "signature" => $_str_sign, "echostr" => $_str_echo, "app_id" => $_arr_appRow["app_id"], "app_key" => $_arr_appRow["app_key"]);
if (stristr($_arr_appRow["app_notice"], "?")) {
$_str_conn = "&";
} else {
$_str_conn = "?";
}
$_arr_notice = fn_http($_arr_appRow["app_notice"] . $_str_conn . "mod=notice", $_arr_data, "get");
//print_r($_arr_notice);
//exit;
if ($_arr_notice["ret"] == $_str_echo) {
$_str_alert = "y050401";
} else {
$_str_alert = "x050401";
$_arr_targets[] = array("app_id" => $_num_appId);
$_str_targets = json_encode($_arr_targets);
$_str_notice = htmlentities($_arr_notice["ret"], ENT_QUOTES, "UTF-8");
//exit($_str_notice);
$this->mdl_log->mdl_submit($_str_targets, "app", $this->log["app"]["noticeTest"], $_str_notice, "admin", $this->adminLogged["admin_id"]);
//exit("test");
}
$this->obj_ajax->halt_alert($_str_alert);
}
/** 选择 verify
* input_ids function.
*
* @access public
* @return void
*/
function input_ids()
{
if (!fn_token("chk")) {
//令牌
return array("alert" => "x030214");
}
$_arr_verifyIds = fn_post("verify_id");
if ($_arr_verifyIds) {
foreach ($_arr_verifyIds as $_key => $_value) {
$_arr_verifyIds[$_key] = fn_getSafe($_value, "int", 0);
}
$_str_alert = "ok";
} else {
$_str_alert = "none";
}
$this->verifyIds = array("alert" => $_str_alert, "verify_ids" => $_arr_verifyIds);
return $this->verifyIds;
}
<?php
/*-----------------------------------------------------------------
!!!!警告!!!!
以下为系统文件,请勿修改
-----------------------------------------------------------------*/
//不能非法包含或直接执行
if (!defined("IN_BAIGO")) {
exit("Access Denied");
}
if (defined("BG_SYS_DEBUG") && BG_SYS_DEBUG == true) {
error_reporting(E_ALL);
} else {
error_reporting(E_ALL & ~E_NOTICE);
}
include_once BG_PATH_FUNC . "common.func.php";
//载入通用函数
include_once BG_PATH_FUNC . "validate.func.php";
//载入表单验证函数
$GLOBALS["act_post"] = fn_getSafe(fn_post("act_post"), "txt", "");
//表单动作
$GLOBALS["act_get"] = fn_getSafe(fn_get("act_get"), "txt", "");
//查询串动作
$GLOBALS["view"] = fn_getSafe(fn_request("view"), "txt", "");
//界面 (是否 iframe)
function input_const($str_type)
{
$this->arr_const = fn_post("opt");
return $this->arr_const[$str_type];
}
/** 选择
* input_ids function.
*
* @access public
* @return void
*/
function input_ids()
{
if (!fn_token("chk")) {
//令牌
return array("alert" => "x030206");
}
$_arr_logIds = fn_post("log_ids");
if ($_arr_logIds) {
foreach ($_arr_logIds as $_key => $_value) {
$_arr_logIds[$_key] = fn_getSafe($_value, "int", 0);
}
$_str_alert = "ok";
} else {
$_str_alert = "x030202";
}
$this->logIds = array("alert" => $_str_alert, "log_ids" => array_unique($_arr_logIds));
return $this->logIds;
}
/**
* fn_adminLogin function.
*
* @access public
* @return void
*/
private function input_login()
{
$_arr_adminLogin["forward"] = fn_getSafe(fn_post("forward"), "txt", "");
if (!$_arr_adminLogin["forward"]) {
$_arr_adminLogin["forward"] = base64_encode(BG_URL_ADMIN . "ctl.php");
}
if (!fn_seccode()) {
//验证码
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x030101");
exit;
}
if (!fn_token("chk")) {
//令牌
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x030102");
exit;
}
$_arr_adminName = validateStr(fn_post("admin_name"), 1, 30, "str", "strDigit");
switch ($_arr_adminName["status"]) {
case "too_short":
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020201");
exit;
break;
case "too_long":
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020202");
exit;
break;
case "format_err":
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020203");
exit;
break;
case "ok":
$_arr_adminLogin["admin_name"] = $_arr_adminName["str"];
break;
}
$_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPass["status"]) {
case "too_short":
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020208");
exit;
break;
case "ok":
$_arr_adminLogin["admin_pass"] = $_arr_adminPass["str"];
break;
}
$_arr_adminLogin["alert"] = "ok";
$_arr_adminLogin["view"] = fn_getSafe(fn_post("view"), "txt", "");
return $_arr_adminLogin;
}
/**
* input_pass function.
*
* @access private
* @return void
*/
private function input_pass()
{
if (!fn_token("chk")) {
//令牌
return array("alert" => "x030102");
exit;
}
$_arr_adminPassOld = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPassOld["status"]) {
case "too_short":
return array("alert" => "x020210");
exit;
break;
case "ok":
$_arr_adminPass["admin_pass"] = $_arr_adminPassOld["str"];
break;
}
$_arr_adminPassNew = validateStr(fn_post("admin_pass_new"), 1, 0);
switch ($_arr_adminPassNew["status"]) {
case "too_short":
return array("alert" => "x020217");
exit;
break;
case "ok":
$_arr_adminPass["admin_pass_new"] = $_arr_adminPassNew["str"];
break;
}
$_arr_adminPassConfirm = validateStr(fn_post("admin_pass_confirm"), 1, 0);
switch ($_arr_adminPassConfirm["status"]) {
case "too_short":
return array("alert" => "x020215");
exit;
break;
case "ok":
$_arr_adminPass["admin_pass_confirm"] = $_arr_adminPassConfirm["str"];
break;
}
if ($_arr_adminPass["admin_pass_new"] != $_arr_adminPass["admin_pass_confirm"]) {
return array("alert" => "x020211");
exit;
}
$_arr_adminPass["alert"] = "ok";
return $_arr_adminPass;
}
function ajax_clear()
{
if ($this->adminLogged["alert"] != "y020102") {
//未登录,抛出错误信息
$this->show_err($this->adminLogged["alert"], "err");
}
if (!isset($this->adminLogged["groupRow"]["group_allow"]["attach"]["del"])) {
$this->show_err("x070304", "err");
}
/*if (!fn_token("chk")) { //令牌
$this->show_err("x030102", "err");
}*/
//print_r($_POST);
$_num_last = fn_getSafe(fn_post("last"), "int", 0);
$_num_perPage = 10;
$_num_attachCount = $this->mdl_attach->mdl_count("", "", "", "", 0, "normal");
$_arr_page = fn_page($_num_attachCount, $_num_perPage, "post");
$_arr_attachRows = $this->mdl_attach->mdl_list($_num_perPage, 0, "", "", "", "", 0, "normal", false, 0, $_num_last);
if ($_arr_attachRows) {
foreach ($_arr_attachRows as $_key => $_value) {
$_arr_attachRow = $this->mdl_attach->mdl_chkAttach($_value["attach_id"], $_value["attach_ext"], $_value["attach_time"]);
//print_r($_arr_attachRow);
if ($_arr_attachRow["alert"] == "x070406") {
$this->mdl_attach->mdl_box("recycle", array($_value["attach_id"]));
}
}
$_str_status = "loading";
$_str_msg = $this->obj_ajax->alert["x070407"];
/*} else if ($_arr_page["page"] == $_arr_page["total"]) {
foreach ($_arr_attachRows as $_key=>$_value) {
$_arr_attachRow = $this->mdl_attach->mdl_chkAttach($_value["attach_id"], $_value["attach_ext"]);
if ($_arr_attachRow["alert"] == "x070406") {
$_arr_attachRow = $this->mdl_attach->mdl_box("recycle", array($_value["attach_id"]));
}
}
$_str_status = "complete";
$_str_msg = $this->obj_ajax->alert["y070407"];*/
} else {
$_str_status = "complete";
$_str_msg = $this->obj_ajax->alert["y070407"];
}
$_arr_re = array("msg" => $_str_msg, "count" => $_arr_page["total"], "last" => $_value["attach_id"], "status" => $_str_status);
exit(json_encode($_arr_re));
}
/** 读取 app 信息
* app_request function.
*
* @access public
* @return void
*/
function app_request($str_method = "get", $with_sign = false)
{
if ($str_method == "post") {
$_num_appId = fn_post("app_id");
$_str_appKey = fn_post("app_key");
$_tm_time = fn_post("time");
if ($with_sign) {
$_str_sign = fn_post("signature");
}
} else {
$_num_appId = fn_get("app_id");
$_str_appKey = fn_get("app_key");
$_tm_time = fn_get("time");
if ($with_sign) {
$_str_sign = fn_get("signature");
}
}
$_arr_appId = validateStr($_num_appId, 1, 0, "str", "int");
switch ($_arr_appId["status"]) {
case "too_short":
return array("alert" => "x050203");
break;
case "format_err":
return array("alert" => "x050204");
break;
case "ok":
$_arr_appRequest["app_id"] = $_arr_appId["str"];
break;
}
$_arr_appKey = validateStr($_str_appKey, 1, 64, "str", "alphabetDigit");
switch ($_arr_appKey["status"]) {
case "too_short":
return array("alert" => "x050214");
break;
case "too_long":
return array("alert" => "x050215");
break;
case "format_err":
return array("alert" => "x050216");
break;
case "ok":
$_arr_appRequest["app_key"] = $_arr_appKey["str"];
break;
}
$_arr_time = validateStr($_tm_time, 1, 0, "str", "int");
switch ($_arr_time["status"]) {
case "too_short":
return array("alert" => "x050224");
break;
case "format_err":
return array("alert" => "x050225");
break;
case "ok":
$_arr_appRequest["time"] = $_arr_time["str"];
break;
}
$_tm_diff = $_arr_appRequest["time"] - time();
if ($_tm_diff > 1800 || $_tm_diff < -1800) {
return array("alert" => "x050227");
}
if ($with_sign) {
$_arr_sign = validateStr($_str_sign, 1, 0);
switch ($_arr_appId["status"]) {
case "too_short":
return array("alert" => "x050226");
break;
case "ok":
$_arr_appRequest["signature"] = $_arr_sign["str"];
break;
}
}
$_arr_appRequest["alert"] = "ok";
return $_arr_appRequest;
}
private function input_auth()
{
$_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPass["status"]) {
case "too_short":
return array("alert" => "x020210");
exit;
break;
case "ok":
$this->adminAuth["admin_pass"] = $_arr_adminPass["str"];
break;
}
$this->adminAuth["alert"] = "ok";
return $this->adminAuth;
}
function input_ids_api()
{
$_str_pmIds = fn_getSafe(fn_post("pm_ids"), "txt", "");
if (!$_str_pmIds) {
return array("alert" => "x110211");
}
$_arr_pmIds = array();
if ($_str_pmIds) {
if (stristr($_str_pmIds, "|")) {
$_arr_pmIds = explode("|", $_str_pmIds);
} else {
$_arr_pmIds = array($_str_pmIds);
}
}
if ($_arr_pmIds) {
foreach ($_arr_pmIds as $_key => $_value) {
$_arr_pmIds[$_key] = fn_getSafe($_value, "int", 0);
}
$_str_alert = "ok";
} else {
$_str_alert = "x110211";
}
$this->pmIds = array("alert" => "ok", "str_pmIds" => $_str_pmIds, "pm_ids" => array_unique($_arr_pmIds));
return $this->pmIds;
}
