function delfiledir($delfiles)
{
$delfiles = stripslashes($delfiles);
$delfiles = str_replace("../", "", $delfiles);
$delfiles = str_replace("./", "", $delfiles);
$delfiles = "../" . $delfiles;
$p_delfiles = path_tidy($delfiles);
if ($p_delfiles != $delfiles) {
die;
}
if (is_file($delfiles)) {
@unlink($delfiles);
} else {
$dh = @opendir($delfiles);
while ($file = @readdir($dh)) {
if ($file != "." && $file != "..") {
$fullpath = $delfiles . "/" . $file;
if (@is_dir($fullpath)) {
delfiledir($fullpath);
} else {
@unlink($fullpath);
}
}
}
@closedir($dh);
if (@rmdir($delfiles)) {
return true;
} else {
return false;
}
}
}
function save_action()
{
extract($_POST);
$value = "`name`='" . $name . "',";
if ($url && $is_type == 1) {
$url = stripslashes($url);
$url = str_replace("../", "", $url);
$url = str_replace("./", "", $url);
$p_delfiles = path_tidy($url);
if ($p_delfiles != $url) {
$this->ACT_layer_msg("无效的文件名!", 8, $_SERVER['HTTP_REFERER']);
}
$urlArr = explode('/', $url);
foreach ($urlArr as $v) {
if (!preg_match("/^[" . chr(0xa1) . "-" . chr(0xff) . " |a-z|0-9|A-Z|\\@\\.\\_\\]\\[\\!]+\$/", $v) && $v != '') {
$this->ACT_layer_msg("无效的文件名!", 8, $_SERVER['HTTP_REFERER']);
}
}
$urlarr = explode(".", $url);
if (end($urlarr) != "html") {
$this->ACT_layer_msg("请正确填写静态网页名称!", 8, $_SERVER['HTTP_REFERER']);
}
if (substr($url, 0, 1) == "/") {
$url = substr($url, 1);
}
}
$value .= "`nid`='{$nid}',";
$value .= "`url`='{$url}',";
$value .= "`title`='{$title}',";
$value .= "`keyword`='{$keyword}',";
$value .= "`descs`='{$description}',";
$value .= "`top_tpl`='{$top_tpl}',";
$value .= "`top_tpl_dir`='{$top_tpl_dir}',";
$value .= "`footer_tpl`='{$footer_tpl}',";
$value .= "`footer_tpl_dir`='{$footer_tpl_dir}',";
$value .= "`ctime`='" . mktime() . "',";
$value .= "`sort`='{$sort}',";
$value .= "`is_nav`='{$is_nav}',";
$value .= "`is_type`='{$is_type}',";
$content = str_replace(array("&", "background-color:#ffffff", "background-color:#fff", "white-space:nowrap;"), array("&", '', '', ''), html_entity_decode($_POST["content"], ENT_QUOTES, "GB2312"));
$value .= "`content`='" . $content . "'";
if (!$id) {
$descid = $this->obj->DB_insert_once("description", $value);
$ids = $descid;
$alert = "添加";
} else {
$row = $this->obj->DB_select_once("description", "`id`='{$id}'");
if ($row['is_menu'] == "1") {
$url = str_replace("amp;", "", $url);
$values = "`url`='" . $url . "',";
$values .= "`furl`='" . $url . "',";
$values .= "`name`='" . $name . "'";
$this->obj->DB_update_all("navigation", $values, "`desc`='" . $id . "'");
$this->menu_cache_action();
}
$descid = $this->obj->DB_update_all("description", $value, "`id`='{$id}'");
$ids = $id;
$alert = "更新";
}
if ($descid) {
$this->cache_action();
if ($is_type == 1) {
$this->descriptionshow($ids, $url);
}
$this->ACT_layer_msg("独立页面(ID:" . $ids . ")" . $alert . "成功!", 9, "index.php?m=description", 2, 1);
} else {
$this->ACT_layer_msg($alert . "失败!", 8, $_SERVER['HTTP_REFERER']);
}
}
