function update_setting($setting)
{
foreach ($setting as $key => $value) {
if ($key == 'site_url' && $value != WIKI_URI) {
//site_url 存入 config.php 文件
$cfg = file::readfromfile(HDWIKI_ROOT . '/config.php');
$new_cfg = preg_replace("/WIKI_URL(['\"])\\s*,\\s*(['\"])(.*)\\1/", 'WIKI_URL${1}, ${2}' . $value . '${2}', $cfg);
file::writetofile(HDWIKI_ROOT . '/config.php', $new_cfg, 0);
} else {
if ($this->base->setting[$key] != $value) {
$this->db->query("REPLACE INTO " . DB_TABLEPRE . "setting (variable,value) VALUES ('{$key}','{$value}')");
}
}
}
return $this->db->insert_id();
}
function block($area)
{
$area = trim($area);
$datastr = '';
foreach ((array) $GLOBALS['blocklist'][$area] as $block) {
$datastr .= '{eval $data= $GLOBALS[\'blockdata\'][' . $block['id'] . '];$bid="' . $block['id'] . '"}';
$tplfile = HDWIKI_ROOT . '/block/' . $block['theme'] . '/' . $block['block'] . '/' . $block['tpl'];
if (!file_exists($tplfile)) {
$tplfile = HDWIKI_ROOT . '/block/default/' . $block['block'] . '/' . $block['tpl'];
}
$datastr .= file::readfromfile($tplfile);
}
return $datastr;
}
function editionconvert($type, $number)
{
if ($type == 'txt') {
$changenum = 100;
$maxeid = $this->db->result_first("SELECT MAX(eid) FROM " . DB_TABLEPRE . "edition WHERE 1");
if ($maxeid < $number - $changenum) {
return true;
}
$query = $this->db->query("SELECT eid,content FROM " . DB_TABLEPRE . "edition WHERE eid >({$number}-{$changenum}) AND eid <= {$number}");
while ($edition = $this->db->fetch_array($query)) {
if ($edition['content']) {
$path = 'data/edition/' . ceil($edition['eid'] / $changenum) * $changenum;
file::forcemkdir($path);
file::writetofile($path . "/" . $edition['eid'] . ".txt", $edition['content']);
}
}
$this->db->query("UPDATE " . DB_TABLEPRE . "edition SET content='' WHERE eid >({$number}-{$changenum}) AND eid <= {$number}");
} else {
$dirlist = array();
if ($handle = opendir('data/edition')) {
while (false !== ($dir = readdir($handle))) {
$dirlist[] = $dir;
}
closedir($handle);
}
$maxeid = @max($dirlist);
if ($number > $maxeid) {
return true;
}
$path = "data/edition/{$number}";
$files = file::get_file_by_ext($path, array('txt'));
foreach ((array) $files as $file) {
$eid = substr($file, 0, -4);
$filename = $path . "/" . $file;
$content = string::haddslashes(file::readfromfile($filename), 1);
if ($content) {
$this->db->query("UPDATE " . DB_TABLEPRE . "edition SET content='{$content}' WHERE eid={$eid}");
@unlink($filename);
}
}
}
return false;
}
function doimport()
{
set_time_limit(0);
if (substr(trim(ini_get('memory_limit')), 0, -1) < 32 && substr(trim(ini_get('memory_limit')), 0, -1) > 0) {
@ini_set('memory_limit', '32M');
}
$filename = str_replace('*', '.', $this->get[2]);
$filenum = $this->get[3] ? $this->get[3] : 1;
$filedir = "./data/db_backup/";
$filetype = $this->get[4] ? $this->get[4] : substr($filename, -3);
if ($filetype != 'zip' && $filetype != 'sql') {
$this->message($this->view->lang['dbBackupFormatError'], 'BACK');
} else {
if ($filenum == 1) {
if ($filetype == 'zip') {
require_once HDWIKI_ROOT . '/lib/zip.class.php';
$zip = new zip();
if (!$zip->chk_zip) {
$this->message($this->view->lang['chkziperror'], '');
}
$zip->Extract($filedir . $filename, $filedir);
$filename = substr($filename, 0, -4) . "_1.sql";
} else {
$num = strrpos($filename, "_");
$filename = substr($filename, 0, $num) . "_1.sql";
}
}
if (file_exists($filedir . $filename)) {
$sqldump = file::readfromfile($filedir . $filename);
preg_match('/#\\sVersion:\\shdwiki\\s([^\\n]+)\\n/i', $sqldump, $hdversion);
if ($hdversion[1] != HDWIKI_VERSION) {
$this->message($this->view->lang['dbSqlVersionError'], 'index.php?admin_db-backup');
}
$sqlquery = $_ENV['db']->splitsql($sqldump);
unset($sqldump);
foreach ($sqlquery as $sql) {
$sql = $_ENV['db']->syntablestruct(trim($sql), $this->db->version() > '4.1', DB_CHARSET);
if ($sql != '') {
$this->db->query($sql, 'SILENT');
if (($sqlerror = $this->db->error()) && $this->db->errno() != 1062) {
$this->db->halt('MySQL Query Error', $sql);
}
}
}
if ($filetype == 'zip') {
@unlink($filedir . $filename);
}
$filenum++;
$num = strrpos($filename, "_");
$filename = str_replace('.', '*', substr($filename, 0, $num) . "_" . $filenum . ".sql");
$url = "index.php?admin_db-import-{$filename}-{$filenum}-{$filetype}";
$this->message("<image src='style/default/loading.gif'><br />" . $this->view->lang['dbBackupNext1'] . ($filenum - 1) . $this->view->lang['dbBackupNext2'] . "<script type=\"text/JavaScript\">setTimeout(\"window.location.replace('{$url}');\", 2000);</script>", '');
} else {
$this->cache->removecache('import_files');
$this->message($this->view->lang['dbSqlImportSuccess'], 'index.php?admin_db-backup');
}
}
}
function check_md5()
{
$zip_file = UPGRADE_PATH . $this->package['release_code'] . '.zip';
return md5(file::readfromfile($zip_file)) === trim(strtolower($this->package['md5']));
}
function get($name, $expires = 0)
{
$file = $this->dir . $name . '.php';
if (!file_exists($file)) {
$data = util::hfopen($this->url_cache . rawurlencode($name) . '.php');
if ($data) {
file::forcemkdir($this->dir);
$flag = file::writetofile($this->dir . $name . '.php', $data);
} else {
return '';
}
}
if (file_exists($file)) {
$data = file::readfromfile($file);
$data = str_replace($this->phpexit, '', $data);
return unserialize(base64_decode($data));
} else {
return '';
}
}
<?php
require_once './api/OperatorFileText.php';
require_once './globalVar.php';
header('Content-Type:text/html; charset=utf-8');
//使用gb2312编码,使中文不会变成乱码
$backValue = $_POST['trans_data'];
$fileUtil = new file();
$ipFile = $app_path . "/ipFile.ptp";
$content = $fileUtil->readfromfile($ipFile);
//echo isset($_COOKIE[$cip]) ;
//echo "<br>";
//echo stripos($content, $rip);
//echo "<br>";
//echo $rip;
// 判断用户是否重复提交
if (isset($_COOKIE[$cip]) || stripos($content, $rip)) {
echo "1";
} else {
echo 0;
//echo strnatcmp($backValue, "1004");
//echo "<br/>";
for ($i = 0; $i < 5; $i++) {
for ($j = 0; $j < 3; $j++) {
if ($vote_arr[$i][$j] == $backValue) {
$vote_arr[$i][2] = $vote_arr[$i][2] + 1;
}
}
}
$newFile = $app_path . "/vote_rslt.ptp";
$oldFile = $app_path . "/vote_rslt_old.ptp";
$fileUtil->copyFile($newFile, $oldFile);
function fileip($alluploadips, $regular, $attachment_size)
{
$filetype = strtolower(substr($_FILES['file_path']['name'], strrpos($_FILES['file_path']['name'], ".") + 1));
$destfile = 'data/tmp/' . time() . '.' . $filetype;
$result = file::uploadfile($_FILES['file_path']['tmp_name'], $destfile, $attachment_size, 0);
if ($result) {
if (file_exists($destfile)) {
$data = file::readfromfile($destfile);
}
$alluploadips = $this->textip($alluploadips, $regular, $data);
@unlink($destfile);
}
return $alluploadips;
}
<?php
require_once './api/OperatorFileText.php';
// 全局变量
$app_path = getcwd();
global $vote_arr;
global $cip;
global $rip;
$fileUtil = new file();
$newFile = $app_path . "/vote_rslt.ptp";
$fileContent = $fileUtil->readfromfile($newFile);
$fileContent = unescape($fileContent);
if (empty($fileContent)) {
$vote_arr = array(array("1001", "null", 0), array("1002", "null", 0), array("1003", "null", 0), array("1004", "null", 0), array("1005", "null", 0), array("1006", "null", 0));
} else {
$vote_arr = json_decode($fileContent);
}
$rip = get_ip_place();
$cip = get_ip_place_md5();
$str = json_encode($vote_arr);
function unescape($str)
{
$ret = '';
$len = strlen($str);
for ($i = 0; $i < $len; $i++) {
if ($str[$i] == '%' && $str[$i + 1] == 'u') {
$val = hexdec(substr($str, $i + 2, 4));
if ($val < 0x7f) {
$ret .= chr($val);
} else {
if ($val < 0x800) {
function doaddlang()
{
switch ($this->post['addlangtype']) {
case 0:
$langname = 'front.php';
break;
case 1:
$langname = 'back.php';
break;
}
$langcon = trim($this->post['langcon']);
$langvar = trim($this->post['langname']);
if (!$langcon || !$langvar) {
$this->message('语言变量内容不能为空!', 'index.php?admin_language');
}
if (is_file(HDWIKI_ROOT . '/lang/zh/' . $langname)) {
$filelang = substr($langname, 0, -4);
$this->view->setlang($this->setting['lang_name'], $filelang);
if (array_key_exists($langvar, $this->view->lang)) {
$this->message('模版变量名已存在,请重新填写!', 'index.php?admin_language');
}
if (copy(HDWIKI_ROOT . '/lang/zh/' . $langname, HDWIKI_ROOT . '/lang/zh/bak_' . $langname)) {
$data = file::readfromfile(HDWIKI_ROOT . '/lang/zh/' . $langname);
$con = '$lang[\'' . $langvar . "']='" . str_replace("'", "\\'", str_replace("\\", "\\\\", stripslashes($langcon))) . "';\r\n?>";
$content = str_replace('?>', $con, $data);
file::writetofile(HDWIKI_ROOT . '/lang/zh/' . $langname, $content);
}
}
$langtype = $this->post['addlangtype'];
$this->message('语言文件添加成功!', 'index.php?admin_language-default-' . $langtype);
}
function filewords($alluploadwords, $attachment_size)
{
$filetype = strtolower(substr($_FILES['file_path']['name'], strrpos($_FILES['file_path']['name'], ".") + 1));
$destfile = 'data/tmp/' . time() . '.' . $filetype;
$result = file::uploadfile($_FILES['file_path']['tmp_name'], $destfile, $attachment_size, 0);
if ($result) {
if (file_exists($destfile)) {
if (WIKI_CHARSET == 'UTF-8') {
$data = string::hiconv(file::readfromfile($destfile), 'utf-8');
} else {
$data = string::hiconv(file::readfromfile($destfile), 'gbk');
}
}
$filewords = array_filter(explode(',', str_replace(',', ',', addslashes($data))), array($this, "trimwords"));
$alluploadwords = array_merge($alluploadwords, $filewords);
@unlink($destfile);
}
return $alluploadwords;
}
function get_edition($eid)
{
$editionlist = array();
if (is_numeric($eid)) {
$edition = $this->db->fetch_first("SELECT * FROM " . DB_TABLEPRE . "edition WHERE eid={$eid}");
if ($edition) {
$edition['comtime'] = $edition['time'];
$edition['time'] = $this->base->date($edition['time']);
$edition['rawtitle'] = $edition['title'];
$edition['title'] = htmlspecialchars($edition['title']);
if (!$edition['content']) {
$edition['content'] = file::readfromfile($this->get_edition_fileinfo($edition['eid'], 'file'));
}
}
return $edition;
} else {
$eid = implode(",", $eid);
$query = $this->db->query(" SELECT * FROM " . DB_TABLEPRE . "edition WHERE eid IN ({$eid})");
while ($edition = $this->db->fetch_array($query)) {
$edition['time'] = $this->base->date($edition['time']);
$edition['rawtitle'] = $edition['title'];
$edition['title'] = htmlspecialchars($edition['title']);
if (!$edition['content']) {
$edition['content'] = file::readfromfile($this->get_edition_fileinfo($edition['eid'], 'file'));
}
$editionlist[] = $edition;
}
return $editionlist;
}
}
function dogettpl()
{
list($block, $fun) = explode('-', $this->post['tplfile']);
$tplfile = $_ENV['global']->block_file($GLOBALS['theme'], '/' . $block . '/' . $fun . '.htm');
echo file::readfromfile($tplfile);
}
function block_query($post, $temp = '')
{
$temlist = array();
list($theme, $file) = explode('-', array_shift($post));
//得到 theme 和 file 值。
//删除操作
if (is_array($temp['del'])) {
$delid = implode(',', $temp['del']);
$this->db->query("DELETE FROM " . DB_TABLEPRE . "block WHERE id IN ({$delid})");
}
//添加和更新 block数据的操作。
$insertsql = "INSERT INTO " . DB_TABLEPRE . "block (theme,file,area,areaorder,block,fun,tpl,params) VALUES ";
$areas = '';
//用来保存页面区域的数组。供下面的删除页面没有区域使用。
foreach ($post as $key => $value) {
$areas .= "'" . $key . "',";
$value = explode('-', $value);
$num = count($value);
for ($i = 0; $i < $num; $i++) {
$id = $value[$i];
if (is_numeric($id)) {
//id是数字,表明是需要更新的。
$updatesql = "UPDATE " . DB_TABLEPRE . "block SET area='{$key}',areaorder={$i}";
if (isset($temp[$id]['params'])) {
$updatesql .= ",params='" . serialize($temp[$id]['params']) . "'";
$temlist[] = $id;
}
$updatesql .= " WHERE id = {$id}";
$this->db->query($updatesql);
} else {
//id非数字,表明是新加入的模块。
$temlist[] = $id;
if (is_array($temp[$id])) {
$block = $temp[$id];
$params = $block['params'] ? serialize($block['params']) : '';
$insertsql .= "('" . $block['theme'] . "','" . $block['file'] . "','{$key}',{$i},'" . $block['block'] . "','" . $block['fun'] . "','" . $block['fun'] . ".htm','{$params}'),";
}
}
}
}
if (isset($block)) {
$insertsql = substr($insertsql, 0, -1);
$this->db->query($insertsql);
}
foreach ($temlist as $id) {
$block = $temp[$id];
$fromfile = HDWIKI_ROOT . "/data/tmp/" . $theme . ".{$block['block']}.{$block['fun']}.htm";
if (file_exists($fromfile)) {
$tofile = HDWIKI_ROOT . '/block/' . $theme . '/' . $block['block'] . '/' . $block['fun'] . '.htm';
$tplcontent = file::readfromfile($fromfile);
file::writetofile($tofile, $tplcontent);
unlink($fromfile);
}
}
//删除页面中没有区域的元素。(比如页面只有一个right区域,但是数据库中却多了一个left区域,显然是需要删掉的。
//如果模板被修改的话,可能出现这种情况。)
$areas = substr($areas, 0, -1);
$delsql = 'DELETE FROM ' . DB_TABLEPRE . "block WHERE theme = '{$theme}' and file = '{$file}' and area NOT IN ({$areas})";
$this->db->query($delsql);
return 'ok';
}
function share_plugin($plugin)
{
$identifier = $plugin['identifier'];
$descxml = "<?xml version=\"1.0\" encoding=\"" . WIKI_CHARSET . "\"?>\n" . "<theme>\n" . "<author><![CDATA[" . $plugin['author'] . "]]></author>\n" . "<authorurl><![CDATA[" . $plugin['authorurl'] . "]]></authorurl>\n" . "<name><![CDATA[" . $plugin['name'] . "]]></name>\n" . "<tag><![CDATA[" . $plugin['tag'] . "]]></tag>\n" . "<desc><![CDATA[" . $plugin['description'] . "]]></desc>\n" . "<weburl><![CDATA[" . $plugin['weburl'] . "]]></weburl>\n" . "<version><![CDATA[" . $plugin['version'] . "]]></version>\n" . "<hdversion><![CDATA[" . $plugin['hdversion'] . "]]></hdversion>\n" . "<copyright><![CDATA[" . $plugin['copyright'] . "]]></copyright>\n" . "<charset><![CDATA[" . WIKI_CHARSET . "]]></charset>\n" . "</theme>";
file::writetofile(HDWIKI_ROOT . '/plugins/' . $identifier . '/desc.xml', $descxml);
require_once HDWIKI_ROOT . '/lib/zip.class.php';
$zip = new zip();
$filedir = array('plugins/' . $identifier);
$zipdir = array($identifier);
$tmpname = HDWIKI_ROOT . '/data/tmp/' . util::random(6) . '.zip';
@$zip->zip_dir($filedir, $tmpname, $zipdir);
$zip_content = file::readfromfile($tmpname);
$upload_url = $this->base->setting['app_url'] . '/hdapp.php?action=upload&type=plugin';
$data = 'data=' . base64_encode($zip_content);
if ('1' == @util::hfopen($upload_url, 0, $data)) {
unlink($tmpname);
return true;
}
return false;
}
