function mdl_dbconfig() { if (!fn_token("chk")) { //令牌 return array("alert" => "x030102"); exit; } $_str_dbHost = fn_getSafe(fn_post("db_host"), "txt", "localhost"); $_str_dbPort = fn_getSafe(fn_post("db_port"), "txt", "3306"); $_str_dbName = fn_getSafe(fn_post("db_name"), "txt", "baigo_cms"); $_str_dbUser = fn_getSafe(fn_post("db_user"), "txt", "baigo_cms"); $_str_dbPass = fn_getSafe(fn_post("db_pass"), "txt", ""); $_str_dbCharset = fn_getSafe(fn_post("db_charset"), "txt", "utf8"); $_str_dbTable = fn_getSafe(fn_post("db_table"), "txt", "cms_"); $_str_content = "<?php" . PHP_EOL; $_str_content .= "define(\"BG_DB_HOST\", \"" . $_str_dbHost . "\");" . PHP_EOL; $_str_content .= "define(\"BG_DB_PORT\", \"" . $_str_dbPort . "\");" . PHP_EOL; $_str_content .= "define(\"BG_DB_NAME\", \"" . $_str_dbName . "\");" . PHP_EOL; $_str_content .= "define(\"BG_DB_USER\", \"" . $_str_dbUser . "\");" . PHP_EOL; $_str_content .= "define(\"BG_DB_PASS\", \"" . $_str_dbPass . "\");" . PHP_EOL; $_str_content .= "define(\"BG_DB_CHARSET\", \"" . $_str_dbCharset . "\");" . PHP_EOL; $_str_content .= "define(\"BG_DB_TABLE\", \"" . $_str_dbTable . "\");" . PHP_EOL; $_num_size = file_put_contents(BG_PATH_CONFIG . "config_db.inc.php", $_str_content); if ($_num_size > 0) { $_str_alert = "y060101"; } else { $_str_alert = "x060101"; } return array("alert" => $_str_alert); }
function ajax_clear() { if ($this->adminLogged["alert"] != "y020102") { //未登录,抛出错误信息 $this->show_err($this->adminLogged["alert"], "err"); } if (!isset($this->adminLogged["admin_allow"]["media"]["del"])) { $this->show_err("x070304", "err"); } $_num_last = fn_getSafe(fn_post("last"), "int", 0); $_num_perPage = 10; $_num_mediaCount = $this->mdl_media->mdl_count("", "", "", "", 0, "normal"); $_arr_page = fn_page($_num_mediaCount, $_num_perPage, "post"); $_arr_mediaRows = $this->mdl_media->mdl_list($_num_perPage, 0, "", "", "", "", 0, "normal", false, 0, $_num_last); if ($_arr_mediaRows) { foreach ($_arr_mediaRows as $_key => $_value) { $_arr_mediaRow = $this->mdl_media->mdl_chkMedia($_value["media_id"], $_value["media_ext"], $_value["media_time"]); if ($_arr_mediaRow["alert"] == "x070406") { $this->mdl_media->mdl_box("recycle", array($_value["media_id"])); } } $_str_status = "loading"; $_str_msg = $this->obj_ajax->alert["x070407"]; } else { $_str_status = "complete"; $_str_msg = $this->obj_ajax->alert["y070407"]; } $_arr_re = array("msg" => $_str_msg, "count" => $_arr_page["total"], "last" => $_value["media_id"], "status" => $_str_status); exit(json_encode($_arr_re)); }
function ajax_order() { if (!isset($this->adminLogged["groupRow"]["group_allow"]["opt"]["custom"])) { $this->obj_ajax->halt_alert("x200303"); } if (!fn_token("chk")) { //令牌 $this->obj_ajax->halt_alert("x030102"); } $_num_customId = fn_getSafe(fn_post("custom_id"), "int", 0); //ID if ($_num_customId == 0) { $this->obj_ajax->halt_alert("x200209"); } $_arr_customRow = $this->mdl_custom->mdl_read($_num_customId); if ($_arr_customRow["alert"] != "y200102") { $this->obj_ajax->halt_alert($_arr_customRow["alert"]); } $_num_parentId = fn_getSafe(fn_post("custom_parent_id"), "int", 0); $_str_orderType = fn_getSafe(fn_post("order_type"), "txt", "order_first"); $_num_targetId = fn_getSafe(fn_post("order_target"), "int", 0); $_arr_customRow = $this->mdl_custom->mdl_order($_str_orderType, $_num_customId, $_num_targetId, $_num_parentId); $this->misc_process(); $this->obj_ajax->halt_alert($_arr_customRow["alert"]); }
/** * api_decode function. * * @access public * @return void */ function api_decode() { $this->app_check("post"); $_arr_code = validateStr(fn_post("code"), 1, 0); switch ($_arr_code["status"]) { case "too_short": $_arr_return = array("alert" => "x080202"); $this->obj_api->halt_re($_arr_return); break; case "ok": $_str_code = $_arr_code["str"]; break; } $_arr_key = validateStr(fn_post("key"), 1, 0); switch ($_arr_key["status"]) { case "too_short": $_arr_return = array("alert" => "x080203"); $this->obj_api->halt_re($_arr_return); break; case "ok": $_str_key = $_arr_key["str"]; break; } $_str_result = fn_baigoDecode($_str_code, $_str_key); exit($_str_result); }
/** * ajax_order function. * * @access public * @return void */ function ajax_order() { if (!isset($this->adminLogged["groupRow"]["group_allow"]["cate"]["edit"])) { $this->obj_ajax->halt_alert("x110303"); } if (!fn_token("chk")) { //令牌 $this->obj_ajax->halt_alert("x030102"); } $_num_cateId = fn_getSafe(fn_post("cate_id"), "int", 0); //ID if ($_num_cateId == 0) { $this->obj_ajax->halt_alert("x110217"); } $_arr_cateRow = $this->mdl_cate->mdl_read($_num_cateId); if ($_arr_cateRow["alert"] != "y110102") { $this->obj_ajax->halt_alert($_arr_cateRow["alert"]); } $_num_parentId = fn_getSafe(fn_post("cate_parent_id"), "int", 0); $_str_orderType = fn_getSafe(fn_post("order_type"), "txt", "order_first"); $_num_targetId = fn_getSafe(fn_post("order_target"), "int", 0); $_arr_cateRow = $this->mdl_cate->mdl_order($_str_orderType, $_num_cateId, $_num_targetId, $_num_parentId); $this->mdl_cate->mdl_cache(array($_num_cateId)); $this->obj_ajax->halt_alert($_arr_cateRow["alert"]); }
/** * ajax_submit function. * * @access public * @return void */ function ajax_submit() { $_arr_adminSubmit = $this->mdl_admin->input_submit(); if ($_arr_adminSubmit["alert"] != "ok") { $this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]); } $_str_adminPassDo = ""; $_str_adminRand = ""; if ($_arr_adminSubmit["admin_id"] > 0) { if (!isset($this->adminLogged["admin_allow"]["admin"]["edit"]) && !$this->is_super) { $this->obj_ajax->halt_alert("x020303"); } if ($_arr_adminSubmit["admin_id"] == $this->adminLogged["admin_id"] && !$this->is_super) { $this->obj_ajax->halt_alert("x020306"); } $_str_adminPass = fn_post("admin_pass"); if (!fn_isEmpty($_str_adminPass)) { $_str_adminRand = fn_rand(6); $_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand); } } else { if (!isset($this->adminLogged["admin_allow"]["admin"]["add"]) && !$this->is_super) { $this->obj_ajax->halt_alert("x020302"); } $_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0); switch ($_arr_adminPass["status"]) { case "too_short": $this->obj_ajax->halt_alert("x020205"); break; case "ok": $_str_adminPass = $_arr_adminPass["str"]; break; } $_str_adminRand = fn_rand(6); $_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand); } $_arr_adminRow = $this->mdl_admin->mdl_submit($_str_adminPassDo, $_str_adminRand); if ($_arr_adminRow["alert"] == "y020101" || $_arr_adminRow["alert"] == "y020103") { $_arr_targets[] = array("admin_id" => $_arr_adminRow["admin_id"]); $_str_targets = json_encode($_arr_targets); if ($_arr_adminRow["alert"] == "y020101") { $_type = "add"; } else { $_type = "edit"; } $_str_adminRow = json_encode($_arr_adminRow); $_arr_logData = array("log_targets" => $_str_targets, "log_target_type" => "admin", "log_title" => $this->log["admin"][$_type], "log_result" => $_str_adminRow, "log_type" => "admin"); $this->mdl_log->mdl_submit($_arr_logData, $this->adminLogged["admin_id"]); } $this->obj_ajax->halt_alert($_arr_adminRow["alert"]); }
function ajax_toSpec() { if (!isset($this->adminLogged["groupRow"]["group_allow"]["article"]["spec"])) { $this->obj_ajax->halt_alert("x180302"); } $_arr_articleIds = $this->mdl_article->input_ids(); if ($_arr_articleIds["alert"] != "ok") { $this->obj_ajax->halt_alert($_arr_articleIds["alert"]); } $_str_act = fn_getSafe($GLOBALS["act_post"], "txt", ""); $_nun_specId = fn_getSafe(fn_post("spec_id"), "int", 0); $_arr_articleRow = $this->mdl_article->mdl_toSpec($_str_act, $_nun_specId); $this->obj_ajax->halt_alert($_arr_articleRow["alert"]); }
/** 读取 app 信息 * app_get function. * * @access public * @param bool $chk_token (default: false) * @return void */ function notify_input($str_method = "get", $chk_token = false) { switch ($str_method) { case "post": $_str_time = fn_post("time"); $_str_signature = fn_post("signature"); $_str_code = fn_post("code"); $this->jsonp_callback = fn_post("callback"); $_arr_notifyInput["act_post"] = fn_post("act_post"); break; default: $_str_time = fn_get("time"); $_str_signature = fn_get("signature"); $_str_code = fn_get("code"); $this->jsonp_callback = fn_get("callback"); $_arr_notifyInput["act_get"] = fn_get("act_get"); break; } $_arr_time = validateStr($_str_time, 1, 0); switch ($_arr_time["status"]) { case "too_short": return array("alert" => "x220201"); break; case "ok": $_arr_notifyInput["time"] = $_arr_time["str"]; break; } $_arr_signature = validateStr($_str_signature, 1, 0); switch ($_arr_signature["status"]) { case "too_short": return array("alert" => "x220203"); break; case "ok": $_arr_notifyInput["signature"] = $_arr_signature["str"]; break; } $_arr_code = validateStr($_str_code, 1, 0); switch ($_arr_code["status"]) { case "too_short": return array("alert" => "x220204"); break; case "ok": $_arr_notifyInput["code"] = $_arr_code["str"]; break; } $_arr_notifyInput["alert"] = "ok"; return $_arr_notifyInput; }
/** * ajax_submit function. * * @access public * @return void */ function ajax_submit() { $_arr_adminSubmit = $this->mdl_admin->input_submit(); if ($_arr_adminSubmit["alert"] != "ok") { $this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]); } if ($_arr_adminSubmit["admin_id"] > 0) { if (!isset($this->adminLogged["admin_allow"]["admin"]["edit"])) { $this->obj_ajax->halt_alert("x020303"); } if ($_arr_adminSubmit["admin_id"] == $this->adminLogged["admin_id"]) { $this->obj_ajax->halt_alert("x020306"); } $_arr_ssoGet = $this->obj_sso->sso_get($_arr_adminSubmit["admin_id"]); if ($_arr_ssoGet["alert"] != "y010102") { $this->obj_ajax->halt_alert($_arr_ssoGet["alert"]); } $_str_adminPass = fn_post("admin_pass"); $_arr_ssoEdit = $this->obj_sso->sso_edit($_arr_adminSubmit["admin_name"], "", $_str_adminPass, $_arr_adminSubmit["admin_mail"], $_arr_adminSubmit["admin_nick"]); $_num_adminId = $_arr_adminSubmit["admin_id"]; } else { if (!isset($this->adminLogged["admin_allow"]["admin"]["add"])) { $this->obj_ajax->halt_alert("x020302"); } $_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0); switch ($_arr_adminPass["status"]) { case "too_short": $this->obj_ajax->halt_alert("x020210"); break; case "ok": $_str_adminPass = $_arr_adminPass["str"]; break; } $_arr_ssoReg = $this->obj_sso->sso_reg($_arr_adminSubmit["admin_name"], $_str_adminPass, $_arr_adminSubmit["admin_mail"], $_arr_adminSubmit["admin_nick"]); if ($_arr_ssoReg["alert"] != "y010101") { $this->obj_ajax->halt_alert($_arr_ssoReg["alert"]); } $_num_adminId = $_arr_ssoReg["user_id"]; } $_arr_adminRow = $this->mdl_admin->mdl_submit($_num_adminId); if ($_arr_ssoEdit["alert"] == "y010103" || $_arr_adminRow["alert"] == "y020103") { $_str_alert = "y020103"; } else { $_str_alert = $_arr_adminRow["alert"]; } $this->obj_ajax->halt_alert($_str_alert); }
function ajax_reset() { if (!isset($this->adminLogged["groupRow"]["group_allow"]["more"]["app"])) { $this->obj_ajax->halt_alert("x190303"); } $_num_appId = fn_getSafe(fn_post("app_id"), "int", 0); if ($_num_appId == 0) { return array("alert" => "x190203"); } $_arr_appRow = $this->mdl_app->mdl_read($_num_appId); if ($_arr_appRow["alert"] != "y190102") { return $_arr_appRow; exit; } $_arr_appRow = $this->mdl_app->mdl_reset($_num_appId); $this->obj_ajax->halt_alert($_arr_appRow["alert"]); }
/** 令牌生成、校对 * fn_token function. * * @access public * @param string $token_action (default: "mk") * @param string $token_method (default: "post") * @return void */ function fn_token($token_action = "mk") { if (fn_isEmpty(fn_session("admin_hash"))) { $_str_nameSession = "token_session"; $_str_nameCookie = "token_cookie"; } else { $_str_tokenName = fn_session("admin_hash"); $_str_nameSession = "token_session_" . $_str_tokenName; $_str_nameCookie = "token_cookie_" . $_str_tokenName; } switch ($token_action) { case "chk": $_str_nameSession = fn_getSafe(fn_post($_str_nameSession), "txt", ""); $_str_nameCookie = fn_cookie($_str_nameCookie); if (BG_SWITCH_TOKEN == 1) { if ($_str_nameSession != fn_session($_str_nameSession) || $_str_nameCookie != fn_session($_str_nameCookie)) { $_str_return = false; } else { $_str_return = true; } } else { $_str_return = true; } break; default: if (BG_SWITCH_TOKEN == 1) { if (fn_isEmpty(fn_session($_str_nameSession))) { $_str_tokenSession = fn_rand(); fn_session($_str_nameSession, "mk", $_str_tokenSession); } else { $_str_tokenSession = fn_session($_str_nameSession); } if (fn_isEmpty(fn_session($_str_nameCookie))) { $_str_tokenCookie = fn_rand(); fn_session($_str_nameCookie, "mk", $_str_tokenCookie); } else { $_str_tokenCookie = fn_session($_str_nameCookie); } $_str_return = $_str_tokenSession; fn_cookie($_str_nameCookie, "mk", $_str_tokenCookie); } break; } return array("token" => $_str_return, "name_session" => $_str_nameSession, "name_sookie" => $_str_nameCookie); }
/** 读取 app 信息 * app_get function. * * @access public * @param bool $chk_token (default: false) * @return void */ function app_get($str_method = "get", $chk_token = false) { if ($str_method == "post") { $num_appId = fn_post("app_id"); $str_appKey = fn_post("app_key"); } else { $num_appId = fn_get("app_id"); $str_appKey = fn_get("app_key"); } $_arr_appId = validateStr($num_appId, 1, 0, "str", "int"); switch ($_arr_appId["status"]) { case "too_short": return array("alert" => "x050203"); exit; break; case "format_err": return array("alert" => "x050204"); exit; break; case "ok": $_arr_appGet["app_id"] = $_arr_appId["str"]; break; } $_arr_appKey = validateStr($str_appKey, 1, 64, "str", "alphabetDigit"); switch ($_arr_appKey["status"]) { case "too_short": return array("alert" => "x050214"); exit; break; case "too_long": return array("alert" => "x050215"); exit; break; case "format_err": return array("alert" => "x050216"); exit; break; case "ok": $_arr_appGet["app_key"] = $_arr_appKey["str"]; break; } $_arr_appGet["alert"] = "ok"; return $_arr_appGet; }
/** * api_decode function. * * @access public * @return void */ function api_decode() { $this->app_check("post"); $_arr_code = validateStr(fn_post("code"), 1, 0); switch ($_arr_code["status"]) { case "too_short": $_arr_return = array("alert" => "x050223"); $this->obj_api->halt_re($_arr_return); break; case "ok": $_str_code = $_arr_code["str"]; break; } $_arr_sign = array("act_post" => $GLOBALS["act_post"], "code" => $_str_code); if (!$this->obj_sign->sign_check(array_merge($this->appRequest, $_arr_sign), $this->appRequest["signature"])) { $_arr_return = array("alert" => "x050403"); $this->obj_api->halt_re($_arr_return); } $_str_result = $this->obj_crypt->decrypt($_str_code, $this->appRow["app_key"]); exit($_str_result); }
/** * ajax_visit function. * * @access public * @return void */ function ajax_visit() { if (!isset($this->adminLogged["groupRow"]["group_allow"]["opt"]["visit"])) { $this->obj_ajax->halt_alert("x060304"); } $_arr_return = $this->mdl_opt->mdl_const("visit"); if ($_arr_return["alert"] != "y060101") { $this->obj_ajax->halt_alert($_arr_return["alert"]); } $_arr_post = fn_post("opt"); if ($_arr_post["BG_VISIT_TYPE"] == "pstatic") { $_arr_return = $this->mdl_opt->mdl_htaccess(); if ($_arr_return["alert"] != "y060101") { $this->obj_ajax->halt_alert($_arr_return["alert"]); } } else { if (file_exists(BG_PATH_ROOT . ".htaccess")) { unlink(BG_PATH_ROOT . ".htaccess"); } } $this->obj_ajax->halt_alert("y060404"); }
/** * api_verify function. * * @access public * @return void */ function api_verify() { $this->app_check("post"); $_arr_params = fn_post("params"); $_arr_signature = validateStr(fn_post("signature"), 1, 0); switch ($_arr_signature["status"]) { case "too_short": $_arr_return = array("alert" => "x050226"); $this->obj_api->halt_re($_arr_return); break; case "ok": $_str_sign = $_arr_signature["str"]; break; } if ($this->obj_sign->sign_check($_arr_params, $_str_sign)) { $_str_alert = "y050403"; } else { $_str_alert = "x050403"; } $_arr_return = array("alert" => $_str_alert); $this->obj_api->halt_re($_arr_return); }
/** * api_encode function. * * @access public * @return void */ function api_encode() { $this->app_check("post"); if (!isset($this->appAllow["code"]["encode"])) { $_arr_return = array("alert" => "x050314"); $this->log_do($_arr_return, "encode"); $this->obj_api->halt_re($_arr_return); } $_arr_data = validateStr(fn_post("data"), 1, 0); switch ($_arr_data["status"]) { case "too_short": $_arr_return = array("alert" => "x080201"); $this->obj_api->halt_re($_arr_return); break; case "ok": $_str_data = html_entity_decode($_arr_data["str"]); break; } $_str_key = fn_rand(6); $_str_code = fn_baigoEncode($_str_data, $_str_key); $_arr_return = array("code" => $_str_code, "key" => $_str_key, "alert" => "y050405"); $this->obj_api->halt_re($_arr_return); }
function ajax_submit() { $_arr_userSubmit = $this->mdl_user->input_submit(); $_str_userPassDo = ""; $_str_userRand = ""; if ($_arr_userSubmit["alert"] != "ok") { $this->obj_ajax->halt_alert($_arr_userSubmit["alert"]); } if ($_arr_userSubmit["user_id"] > 0) { if (!isset($this->adminLogged["admin_allow"]["user"]["edit"])) { $this->obj_ajax->halt_alert("x010303"); } $_str_userPass = fn_post("user_pass"); if ($_str_userPass) { $_str_userRand = fn_rand(6); $_str_userPassDo = fn_baigoEncrypt($_str_userPass, $_str_userRand); } } else { if (!isset($this->adminLogged["admin_allow"]["user"]["add"])) { $this->obj_ajax->halt_alert("x010302"); } $_arr_userPass = validateStr(fn_post("user_pass"), 1, 0); switch ($_arr_userPass["status"]) { case "too_short": $this->obj_ajax->halt_alert("x010212"); break; case "ok": $_str_userPass = $_arr_userPass["str"]; break; } $_str_userRand = fn_rand(6); $_str_userPassDo = fn_baigoEncrypt($_str_userPass, $_str_userRand); } $_arr_userRow = $this->mdl_user->mdl_submit($_str_userPassDo, $_str_userRand); $this->obj_ajax->halt_alert($_arr_userRow["alert"]); }
function ajax_admin() { $this->check_db(); include_once BG_PATH_MODEL . "admin.class.php"; //载入管理帐号模型 $_mdl_admin = new MODEL_ADMIN(); $_arr_adminSubmit = $_mdl_admin->input_submit(); if ($_arr_adminSubmit["alert"] != "ok") { $this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]); } $_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0); switch ($_arr_adminPass["status"]) { case "too_short": $this->obj_ajax->halt_alert("x020205"); break; case "ok": $_str_adminPass = $_arr_adminPass["str"]; break; } $_arr_adminPassConfirm = validateStr(fn_post("admin_pass_confirm"), 1, 0); switch ($_arr_adminPassConfirm["status"]) { case "too_short": $this->obj_ajax->halt_alert("x020211"); break; case "ok": $_str_adminPassConfirm = $_arr_adminPassConfirm["str"]; break; } if ($_str_adminPass != $_str_adminPassConfirm) { $this->obj_ajax->halt_alert("x020206"); } $_str_adminRand = fn_rand(6); $_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand); $_arr_adminRow = $_mdl_admin->mdl_submit($_str_adminPassDo, $_str_adminRand); $this->obj_ajax->halt_alert("y030407"); }
/** * fn_page function. * * @access public * @param mixed $num_total * @param mixed $num_per (default: BG_DEFAULT_PERPAGE) * @return void */ function fn_page($num_total, $num_per = BG_DEFAULT_PERPAGE, $method = "get") { switch ($method) { case "post": $_num_pageThis = fn_getSafe(fn_post("page"), "int", 1); break; default: $_num_pageThis = fn_getSafe(fn_get("page"), "int", 1); break; } if ($_num_pageThis < 1) { $_num_pageThis = 1; } else { $_num_pageThis = $_num_pageThis; } $_num_pageTotal = $num_total / $num_per; if (intval($_num_pageTotal) < $_num_pageTotal) { $_num_pageTotal = intval($_num_pageTotal) + 1; } else { if ($_num_pageTotal < 1) { $_num_pageTotal = 1; } else { $_num_pageTotal = intval($_num_pageTotal); } } if ($_num_pageThis > $_num_pageTotal) { $_num_pageThis = $_num_pageTotal; } if ($_num_pageThis <= 1) { $_num_except = 0; } else { $_num_except = ($_num_pageThis - 1) * $num_per; } $_p = intval(($_num_pageThis - 1) / 10); //是否存在上十页、下十页参数 $_begin = $_p * 10 + 1; //列表起始页 $_end = $_p * 10 + 10; //列表结束页 if ($_end >= $_num_pageTotal) { $_end = $_num_pageTotal; } return array("page" => $_num_pageThis, "p" => $_p, "begin" => $_begin, "end" => $_end, "total" => $_num_pageTotal, "except" => $_num_except); }
/** * ajax_notice function. * * @access public * @return void */ function ajax_notice() { $_num_appId = fn_getSafe(fn_post("app_id_notice"), "int", 0); if ($_num_appId == 0) { $this->obj_ajax->halt_alert("x050203"); } if (!isset($this->adminLogged["admin_allow"]["app"]["browse"])) { $this->obj_ajax->halt_alert("x050301"); } $_arr_appRow = $this->mdl_app->mdl_read($_num_appId); if ($_arr_appRow["alert"] != "y050102") { $this->obj_ajax->halt_alert($_arr_appRow["alert"]); } $_tm_time = time(); $_str_rand = fn_rand(); $_str_sign = fn_baigoSignMk($_tm_time, $_str_rand); $_str_echo = fn_rand(); $_arr_data = array("act_get" => "test", "time" => $_tm_time, "random" => $_str_rand, "signature" => $_str_sign, "echostr" => $_str_echo, "app_id" => $_arr_appRow["app_id"], "app_key" => $_arr_appRow["app_key"]); if (stristr($_arr_appRow["app_notice"], "?")) { $_str_conn = "&"; } else { $_str_conn = "?"; } $_arr_notice = fn_http($_arr_appRow["app_notice"] . $_str_conn . "mod=notice", $_arr_data, "get"); //print_r($_arr_notice); //exit; if ($_arr_notice["ret"] == $_str_echo) { $_str_alert = "y050401"; } else { $_str_alert = "x050401"; $_arr_targets[] = array("app_id" => $_num_appId); $_str_targets = json_encode($_arr_targets); $_str_notice = htmlentities($_arr_notice["ret"], ENT_QUOTES, "UTF-8"); //exit($_str_notice); $this->mdl_log->mdl_submit($_str_targets, "app", $this->log["app"]["noticeTest"], $_str_notice, "admin", $this->adminLogged["admin_id"]); //exit("test"); } $this->obj_ajax->halt_alert($_str_alert); }
/** 选择 verify * input_ids function. * * @access public * @return void */ function input_ids() { if (!fn_token("chk")) { //令牌 return array("alert" => "x030214"); } $_arr_verifyIds = fn_post("verify_id"); if ($_arr_verifyIds) { foreach ($_arr_verifyIds as $_key => $_value) { $_arr_verifyIds[$_key] = fn_getSafe($_value, "int", 0); } $_str_alert = "ok"; } else { $_str_alert = "none"; } $this->verifyIds = array("alert" => $_str_alert, "verify_ids" => $_arr_verifyIds); return $this->verifyIds; }
<?php /*----------------------------------------------------------------- !!!!警告!!!! 以下为系统文件,请勿修改 -----------------------------------------------------------------*/ //不能非法包含或直接执行 if (!defined("IN_BAIGO")) { exit("Access Denied"); } if (defined("BG_SYS_DEBUG") && BG_SYS_DEBUG == true) { error_reporting(E_ALL); } else { error_reporting(E_ALL & ~E_NOTICE); } include_once BG_PATH_FUNC . "common.func.php"; //载入通用函数 include_once BG_PATH_FUNC . "validate.func.php"; //载入表单验证函数 $GLOBALS["act_post"] = fn_getSafe(fn_post("act_post"), "txt", ""); //表单动作 $GLOBALS["act_get"] = fn_getSafe(fn_get("act_get"), "txt", ""); //查询串动作 $GLOBALS["view"] = fn_getSafe(fn_request("view"), "txt", ""); //界面 (是否 iframe)
function input_const($str_type) { $this->arr_const = fn_post("opt"); return $this->arr_const[$str_type]; }
/** 选择 * input_ids function. * * @access public * @return void */ function input_ids() { if (!fn_token("chk")) { //令牌 return array("alert" => "x030206"); } $_arr_logIds = fn_post("log_ids"); if ($_arr_logIds) { foreach ($_arr_logIds as $_key => $_value) { $_arr_logIds[$_key] = fn_getSafe($_value, "int", 0); } $_str_alert = "ok"; } else { $_str_alert = "x030202"; } $this->logIds = array("alert" => $_str_alert, "log_ids" => array_unique($_arr_logIds)); return $this->logIds; }
/** * fn_adminLogin function. * * @access public * @return void */ private function input_login() { $_arr_adminLogin["forward"] = fn_getSafe(fn_post("forward"), "txt", ""); if (!$_arr_adminLogin["forward"]) { $_arr_adminLogin["forward"] = base64_encode(BG_URL_ADMIN . "ctl.php"); } if (!fn_seccode()) { //验证码 return array("forward" => $_arr_adminLogin["forward"], "alert" => "x030101"); exit; } if (!fn_token("chk")) { //令牌 return array("forward" => $_arr_adminLogin["forward"], "alert" => "x030102"); exit; } $_arr_adminName = validateStr(fn_post("admin_name"), 1, 30, "str", "strDigit"); switch ($_arr_adminName["status"]) { case "too_short": return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020201"); exit; break; case "too_long": return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020202"); exit; break; case "format_err": return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020203"); exit; break; case "ok": $_arr_adminLogin["admin_name"] = $_arr_adminName["str"]; break; } $_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0); switch ($_arr_adminPass["status"]) { case "too_short": return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020208"); exit; break; case "ok": $_arr_adminLogin["admin_pass"] = $_arr_adminPass["str"]; break; } $_arr_adminLogin["alert"] = "ok"; $_arr_adminLogin["view"] = fn_getSafe(fn_post("view"), "txt", ""); return $_arr_adminLogin; }
/** * input_pass function. * * @access private * @return void */ private function input_pass() { if (!fn_token("chk")) { //令牌 return array("alert" => "x030102"); exit; } $_arr_adminPassOld = validateStr(fn_post("admin_pass"), 1, 0); switch ($_arr_adminPassOld["status"]) { case "too_short": return array("alert" => "x020210"); exit; break; case "ok": $_arr_adminPass["admin_pass"] = $_arr_adminPassOld["str"]; break; } $_arr_adminPassNew = validateStr(fn_post("admin_pass_new"), 1, 0); switch ($_arr_adminPassNew["status"]) { case "too_short": return array("alert" => "x020217"); exit; break; case "ok": $_arr_adminPass["admin_pass_new"] = $_arr_adminPassNew["str"]; break; } $_arr_adminPassConfirm = validateStr(fn_post("admin_pass_confirm"), 1, 0); switch ($_arr_adminPassConfirm["status"]) { case "too_short": return array("alert" => "x020215"); exit; break; case "ok": $_arr_adminPass["admin_pass_confirm"] = $_arr_adminPassConfirm["str"]; break; } if ($_arr_adminPass["admin_pass_new"] != $_arr_adminPass["admin_pass_confirm"]) { return array("alert" => "x020211"); exit; } $_arr_adminPass["alert"] = "ok"; return $_arr_adminPass; }
function ajax_clear() { if ($this->adminLogged["alert"] != "y020102") { //未登录,抛出错误信息 $this->show_err($this->adminLogged["alert"], "err"); } if (!isset($this->adminLogged["groupRow"]["group_allow"]["attach"]["del"])) { $this->show_err("x070304", "err"); } /*if (!fn_token("chk")) { //令牌 $this->show_err("x030102", "err"); }*/ //print_r($_POST); $_num_last = fn_getSafe(fn_post("last"), "int", 0); $_num_perPage = 10; $_num_attachCount = $this->mdl_attach->mdl_count("", "", "", "", 0, "normal"); $_arr_page = fn_page($_num_attachCount, $_num_perPage, "post"); $_arr_attachRows = $this->mdl_attach->mdl_list($_num_perPage, 0, "", "", "", "", 0, "normal", false, 0, $_num_last); if ($_arr_attachRows) { foreach ($_arr_attachRows as $_key => $_value) { $_arr_attachRow = $this->mdl_attach->mdl_chkAttach($_value["attach_id"], $_value["attach_ext"], $_value["attach_time"]); //print_r($_arr_attachRow); if ($_arr_attachRow["alert"] == "x070406") { $this->mdl_attach->mdl_box("recycle", array($_value["attach_id"])); } } $_str_status = "loading"; $_str_msg = $this->obj_ajax->alert["x070407"]; /*} else if ($_arr_page["page"] == $_arr_page["total"]) { foreach ($_arr_attachRows as $_key=>$_value) { $_arr_attachRow = $this->mdl_attach->mdl_chkAttach($_value["attach_id"], $_value["attach_ext"]); if ($_arr_attachRow["alert"] == "x070406") { $_arr_attachRow = $this->mdl_attach->mdl_box("recycle", array($_value["attach_id"])); } } $_str_status = "complete"; $_str_msg = $this->obj_ajax->alert["y070407"];*/ } else { $_str_status = "complete"; $_str_msg = $this->obj_ajax->alert["y070407"]; } $_arr_re = array("msg" => $_str_msg, "count" => $_arr_page["total"], "last" => $_value["attach_id"], "status" => $_str_status); exit(json_encode($_arr_re)); }
/** 读取 app 信息 * app_request function. * * @access public * @return void */ function app_request($str_method = "get", $with_sign = false) { if ($str_method == "post") { $_num_appId = fn_post("app_id"); $_str_appKey = fn_post("app_key"); $_tm_time = fn_post("time"); if ($with_sign) { $_str_sign = fn_post("signature"); } } else { $_num_appId = fn_get("app_id"); $_str_appKey = fn_get("app_key"); $_tm_time = fn_get("time"); if ($with_sign) { $_str_sign = fn_get("signature"); } } $_arr_appId = validateStr($_num_appId, 1, 0, "str", "int"); switch ($_arr_appId["status"]) { case "too_short": return array("alert" => "x050203"); break; case "format_err": return array("alert" => "x050204"); break; case "ok": $_arr_appRequest["app_id"] = $_arr_appId["str"]; break; } $_arr_appKey = validateStr($_str_appKey, 1, 64, "str", "alphabetDigit"); switch ($_arr_appKey["status"]) { case "too_short": return array("alert" => "x050214"); break; case "too_long": return array("alert" => "x050215"); break; case "format_err": return array("alert" => "x050216"); break; case "ok": $_arr_appRequest["app_key"] = $_arr_appKey["str"]; break; } $_arr_time = validateStr($_tm_time, 1, 0, "str", "int"); switch ($_arr_time["status"]) { case "too_short": return array("alert" => "x050224"); break; case "format_err": return array("alert" => "x050225"); break; case "ok": $_arr_appRequest["time"] = $_arr_time["str"]; break; } $_tm_diff = $_arr_appRequest["time"] - time(); if ($_tm_diff > 1800 || $_tm_diff < -1800) { return array("alert" => "x050227"); } if ($with_sign) { $_arr_sign = validateStr($_str_sign, 1, 0); switch ($_arr_appId["status"]) { case "too_short": return array("alert" => "x050226"); break; case "ok": $_arr_appRequest["signature"] = $_arr_sign["str"]; break; } } $_arr_appRequest["alert"] = "ok"; return $_arr_appRequest; }
private function input_auth() { $_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0); switch ($_arr_adminPass["status"]) { case "too_short": return array("alert" => "x020210"); exit; break; case "ok": $this->adminAuth["admin_pass"] = $_arr_adminPass["str"]; break; } $this->adminAuth["alert"] = "ok"; return $this->adminAuth; }
function input_ids_api() { $_str_pmIds = fn_getSafe(fn_post("pm_ids"), "txt", ""); if (!$_str_pmIds) { return array("alert" => "x110211"); } $_arr_pmIds = array(); if ($_str_pmIds) { if (stristr($_str_pmIds, "|")) { $_arr_pmIds = explode("|", $_str_pmIds); } else { $_arr_pmIds = array($_str_pmIds); } } if ($_arr_pmIds) { foreach ($_arr_pmIds as $_key => $_value) { $_arr_pmIds[$_key] = fn_getSafe($_value, "int", 0); } $_str_alert = "ok"; } else { $_str_alert = "x110211"; } $this->pmIds = array("alert" => "ok", "str_pmIds" => $_str_pmIds, "pm_ids" => array_unique($_arr_pmIds)); return $this->pmIds; }