Пример #1
0
 function action_runscript()
 {
     header('Content-type: text/html;charset=utf-8');
     set_time_limit(0);
     if (!($file = $_POST['file']) || !file_exists(CORE_DIR . '/updatescripts/' . $file)) {
         echo 'missing file' . $_POST['file'];
         return;
     }
     if (!file_exists(HOME_DIR . '/logs/upgrade_' . substr($_POST['file'], 0, -4) . '_' . $_POST['timeline'] . '.log.php')) {
         error_log('#<?php exit()?>' . " \n \n", 3, HOME_DIR . '/logs/upgrade_' . substr($_POST['file'], 0, -4) . '_' . $_POST['timeline'] . '.log.php');
     }
     switch (ext_name($file)) {
         case '.php':
             include CORE_DIR . '/updatescripts/' . $file;
             if (class_exists('UpgradeScript')) {
                 $oUpgrade = new UpgradeScript();
                 $oUpgrade->step = $_POST['step'] ? $_POST['step'] : '1';
                 $oUpgrade->runFunc = $_POST['runFunc'] ? $_POST['runFunc'] : 'first';
                 $oUpgrade->status = $_POST['runStatus'] ? $_POST['runStatus'] : 'all-finish';
                 $oUpgrade->version = substr($file, 0, -4);
                 //                $oUpgrade->runFunc = $runFunc;
                 $oUpgrade->__Upgrade();
             }
             break;
         case '.sql':
             $this->run_update_sql($file);
             break;
     }
     $this->setDbver(substr($file, 0, -4));
 }
Пример #2
0
 function _get_ident($file, $type, $addons, &$url, &$path)
 {
     $addons = implode('-', $addons);
     $dir = ($type ? $type . '/' : '') . date('Ymd') . '/';
     $uri = $dir . substr(md5(($addons ? $addons : $file) . microtime()), 0, 16) . ext_name(basename($addons ? $addons : $file));
     $path = $this->_ident($uri);
     $url = 'http://' . S_NAME . $path;
     return $uri;
 }
Пример #3
0
 function _get_ident($file, $type, $addons, &$url, &$path)
 {
     $addons = implode('-', $addons);
     $dir = '/' . $type . '/' . date('Ymd') . '/';
     $uri = $dir . substr(md5(($addons ? $addons : $file) . microtime()), 0, 16) . ext_name(basename($addons ? $addons : $file));
     $path = MEDIA_DIR . $uri;
     $url = 'images' . $uri;
     if (file_exists($path) && !unlink($path)) {
         return false;
     }
     $dir = dirname($path);
     if (!is_dir($dir)) {
         if (!mkdir_p($dir)) {
             return false;
         }
     }
     return $uri;
 }
Пример #4
0
 function saveImage($gid, $imgThumbnail, $imgDefault, $aImgFile, $imgUdf = 'false', &$newThumbnail)
 {
     foreach ($aImgFile as $k => $v) {
         if (!$v) {
             unset($aImgFile[$k]);
         }
     }
     if (!isset($aImgFile[0])) {
         $aImgFile = array(0);
     }
     $this->clean($gid, $aImgFile);
     $this->_gen_all_size('gimage_id in (' . implode(',', $aImgFile) . ')', $gid);
     if (!($row = $this->db->selectrow('select gimage_id,small,thumbnail,big from sdb_gimages where gimage_id=' . intval($imgDefault)))) {
         $row = $this->db->selectrow('select gimage_id,small,thumbnail,big from sdb_gimages where goods_id=' . intval($gid));
         $imgDefault = $row['gimage_id'];
     }
     if (substr($newThumbnail, 0, 4) == 'http') {
         $row['thumbnail'] = $newThumbnail;
     }
     $data = array('thumbnail_pic' => $row['thumbnail'], 'small_pic' => $row['small'], 'big_pic' => $row['big'], 'image_default' => $imgDefault, 'goods_id' => $gid, 'udfimg' => $imgUdf);
     $old_img = $this->db->selectrow('select udfimg,thumbnail_pic from sdb_goods where goods_id=' . intval($gid));
     if ($imgUdf == 'true' && $newThumbnail['goods_thumbnail_pic'] && substr($newThumbnail, 0, 4) != 'http') {
         //?????
         $data['thumbnail_pic'] = parent::save_upload($newThumbnail['goods_thumbnail_pic'], 'goods', substr(md5(implode(',', microtime() . rand(0, time()))), 0, 16) . ext_name($newThumbnail['goods_thumbnail_pic']['name']));
         if ($this->elmar_storage) {
             if ($w = strpos($old_img['thumbnail_pic'], '|img_id:')) {
                 $old_img_id = substr($old_img['thumbnail_pic'], $w + strlen('|img_id:'));
                 if ($old_img_id) {
                     $file = BASE_DIR . '/' . substr($data['thumbnail_pic'], 0, strpos($data['thumbnail_pic'], '|'));
                     if (!$this->elmar_storage->update($old_img_id, $file, 'thumb')) {
                         trigger_error("更新图库信息失败", E_USER_WARNING);
                     }
                     $elmer_t_url = explode('|', $old_img['thumbnail_pic']);
                     $data['thumbnail_pic'] .= '|' . $elmer_t_url[3] . '|img_id:' . $old_img_id;
                 }
             }
         }
         if ($old_img['udfimg'] == 'true') {
             $this->remove($old_img['thumbnail_pic']);
         }
     } else {
         //???
         if ($imgUdf == 'false' && $old_img['udfimg'] == 'true') {
             $this->remove($old_img['thumbnail_pic']);
         }
         if ($imgUdf == 'true' && $old_img['udfimg'] == 'true') {
             unset($data['thumbnail_pic']);
         }
     }
     return $this->toUpdateImages($data);
 }
Пример #5
0
    <p id="logged"><a href="<?php 
echo ABS_PATH;
?>
">Logged in</a> as <strong><?php 
echo $_SESSION['login'];
?>
</strong> &mdash;
    <a id="logout" class="smallround" href="<?php 
echo ADMIN_PATH;
?>
sys/logout.php">disconnect</a></p>
    
  </div><!-- end header -->
    
  <div id="nav">
    <ul>
      <?php 
$basedir = filename_to_str(ext_name());
$basecss = $basedir == "admin" ? ' class="current"' : null;
// display always the dashboard
echo '<li' . $basecss . '><a href="' . ADMIN_PATH . '">Dashboard</a></li>';
// display allowed sections
echo ext_format();
?>
    </ul>
  </div><!-- end nav -->
  
  <div id="global">
  
  <?php 
// Custom admin content ("extension" from here onwards) should start here
Пример #6
0
 function save_upload($file, $type = null, $addons = '', &$msg)
 {
     $file['name'] = strtolower($file['name']);
     if ($file['error']) {
         $msg = $this->__check_upload($file);
         trigger_error($msg, E_USER_ERROR);
         return false;
     } else {
         $limited = $this->get_pic_upload_max();
         if ($file['size'] > $limited['size']) {
             $msg = __('上传的文件大小不能超过') . $limited['desc'] . __(',请处理后重新上传!');
             trigger_error(__('上传的文件大小不能超过') . $limited['desc'] . __(',请处理后重新上传!'), E_USER_ERROR);
             return false;
         }
         $allow_upload = array('.gif' => 1, '.jpg' => 1, '.jpeg' => 1, '.png' => 1, '.bmp' => 1, '.swf' => 1);
         if (!isset($allow_upload[ext_name($file['name'])])) {
             $msg = __('上传文件类型错误。');
             trigger_error(__('上传文件类型错误。'), E_USER_ERROR);
             return false;
         }
         if ($addons) {
             if (is_array($addons)) {
                 $addons[] = $file['name'];
             } else {
                 $addons = array($addons, $file['name']);
             }
         } else {
             $addons = array($file['name']);
         }
         if (method_exists($this->worker, 'save_upload')) {
             if ($id = $this->worker->save_upload($file['tmp_name'], $url, $type, $addons)) {
                 return $url . '|' . $id . '|' . $this->class_name;
             } else {
                 return false;
             }
         } else {
             if ($id = $this->worker->save($file['tmp_name'], $url, $type, $addons)) {
                 return $url . '|' . $id . '|' . $this->class_name;
             } else {
                 return false;
             }
         }
     }
 }
Пример #7
0
 function saveImage($gid, $imgThumbnail, $imgDefault, $aImgFile, $imgUdf = 'false', &$newThumbnail)
 {
     foreach ($aImgFile as $k => $v) {
         if (!$v) {
             unset($aImgFile[$k]);
         }
     }
     if (!isset($aImgFile[0])) {
         $aImgFile = array(0);
     }
     $this->clean($gid, $aImgFile);
     $this->_gen_all_size('gimage_id in (' . implode(',', $aImgFile) . ')', $gid);
     if (!($row = $this->db->selectrow('select gimage_id,small,thumbnail,big from sdb_gimages where gimage_id=' . intval($imgDefault)))) {
         $row = $this->db->selectrow('select gimage_id,small,thumbnail,big from sdb_gimages where goods_id=' . intval($gid));
         $imgDefault = $row['gimage_id'];
     }
     if (substr($newThumbnail, 0, 4) == 'http') {
         $row['thumbnail'] = $newThumbnail;
     }
     $data = array('thumbnail_pic' => $row['thumbnail'], 'small_pic' => $row['small'], 'big_pic' => $row['big'], 'image_default' => $imgDefault, 'goods_id' => $gid, 'udfimg' => $imgUdf);
     $old_img = $this->db->selectrow('select udfimg,thumbnail_pic from sdb_goods where goods_id=' . intval($gid));
     if ($imgUdf == 'true' && $newThumbnail['goods_thumbnail_pic'] && substr($newThumbnail, 0, 4) != 'http') {
         if ($newThumbnail['goods_thumbnail_pic']['img_source'] == 'local') {
             $data['thumbnail_pic'] = parent::save($newThumbnail['goods_thumbnail_pic']['name'], 'goods', substr(md5(implode(',', microtime() . rand(0, time()))), 0, 16) . ext_name($newThumbnail['goods_thumbnail_pic']['name']));
         } else {
             $data['thumbnail_pic'] = parent::save_upload($newThumbnail['goods_thumbnail_pic'], 'goods', substr(md5(implode(',', microtime() . rand(0, time()))), 0, 16) . ext_name($newThumbnail['goods_thumbnail_pic']['name']));
         }
         if ($old_img['udfimg'] == 'true') {
             $old_gimg = $this->db->selectrow('select thumbnail from sdb_gimages where goods_id=' . intval($gid));
             if ($old_gimg['thumbnail'] != $old_img['thumbnail_pic']) {
                 $this->remove($old_img['thumbnail_pic']);
             }
         }
     } else {
         //没有上传缩略图
         if ($imgUdf == 'false' && $old_img['udfimg'] == 'true') {
             $this->remove($old_img['thumbnail_pic']);
         }
         if ($imgUdf == 'true' && $old_img['udfimg'] == 'true') {
             unset($data['thumbnail_pic']);
         }
     }
     return $this->toUpdateImages($data);
 }
Пример #8
0
 function do_upload_bg()
 {
     $this->begin('index.php?ctl=order/delivery_printer&act=do_upload_bg&p[0]=0');
     $extname = strtolower(ext_name($_FILES['background']['name']));
     if ($extname == '.jpg' || $extname == '.jpeg') {
         $file = tempnam(HOME_DIR . '/tmp', 'dly_');
         unlink($file);
         $file .= '.jpg';
         $rs = move_uploaded_file($_FILES['background']['tmp_name'], $file);
     } else {
         $this->splash('failed', 'index.php?ctl=order/delivery_printer&act=upload_bg', __('必须是.jpg的图片'));
     }
     $this->end($rs, __('快递单背景图片保存成功'), 'index.php?ctl=order/delivery_printer&act=done_upload_bg&p[0]=' . DPGB_TMP_MODE . '&p[1]=' . basename($file));
 }
Пример #9
0
/** 
 * Gets all allowed CMS extensions for the current user.
 * @return  array   Array of strings (sections)
 */
function is_allowed()
{
    // check current user's role
    if ($_SESSION['role_id'] > 0) {
        $user = db_select(TBL_PREFIX . TBL_USERS, "role_id", "login = '******'login'] . "'");
        if ((int) $user['role_id'] !== 1) {
            $current = ext_name();
            // check if current section is allowed
            return strpos($current, $_SESSION['ext_allowed']) !== false;
        } else {
            return true;
        }
    } else {
        return false;
    }
}
Пример #10
0
if (isset($_COOKIE['smt-login'])) {
    $_SESSION['login'] = $_COOKIE['smt-login'];
}
if (empty($_SESSION['login'])) {
    // redirect to root dir, where user authentication will prompt
    $_SESSION['error'] = "NOT_LOGGED";
    header("Location: " . ABS_PATH . "?redirect=" . urlencode(url_get_current(true)));
    exit;
} else {
    // check current session login
    $user = db_select(TBL_PREFIX . TBL_USERS, "role_id", "login='******'login'] . "'");
    $role = db_select(TBL_PREFIX . TBL_ROLES, "ext_allowed", "id='" . $user['role_id'] . "'");
    // save session
    $_SESSION['role_id'] = (int) $user['role_id'];
    $_SESSION['allowed'] = explode(",", $role['ext_allowed']);
    // root user have wide access
    if ($_SESSION['role_id'] === 1) {
        $_SESSION['allowed'] = ext_available();
    }
    // always set available the dashboard!
    array_push($_SESSION['allowed'], "admin");
    if (!in_array(ext_name(), $_SESSION['allowed'])) {
        // redirect to admin dir
        $_SESSION['error'] = "NOT_ALLOWED";
        header("Location: " . ADMIN_PATH);
        exit;
    } else {
        // update status
        db_update(TBL_PREFIX . TBL_USERS, "last_access = NOW()", "login = '******'login'] . "'");
    }
}
Пример #11
0
        return;
    }
    if (!isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) || strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) < NOW_TIME - $second) {
        //过期了
        header('Cache-Control: max-age=' . $second);
        header('Last-Modified: ' . gmdate('D, d M Y H:i:s', NOW_TIME) . ' GMT');
        header('Pragma: max-age=' . $second);
        header('Expires:' . gmdate('D, d M Y H:i:s', NOW_TIME + $second) . ' GMT');
    } else {
        header('Last-Modified: ' . $_SERVER['HTTP_IF_MODIFIED_SINCE'], true, 304);
        exit;
    }
}
function ext_name($file)
{
    return strtolower(substr($file, strrpos($file, '.') + 1));
}
foreach ($getfiles as $file) {
    if ($gettype == ext_name($file)) {
        if ($file[0] == '/') {
            $file = __DIR__ . '/..' . $file;
        }
        readfile($file);
    } else {
        echo PHP_EOL . '/* not allowed file type:' . $file . ' */' . PHP_EOL;
    }
}
//输出buffer中的内容,即压缩后的css文件
if (extension_loaded('zlib')) {
    ob_end_flush();
}