DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
187 Commits
3 Branches
110MB
Tree: 183d1ab45a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '183d1ab45a'
${ noResults }
DedeV6/src/dede/sys_info.php

186 lines
5.9KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 系统配置

  4.  *

  5.  * @version        $Id: sys_info.php 1 22:28 2010年7月20日Z tianya $

  6.  * @package        DedeCMS.Administrator

  7.  * @copyright      Copyright (c) 2020, DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. CheckPurview('sys_Edit');

  13. if(empty($dopost)) $dopost = "";

  14. 

  15. $configfile = DEDEDATA.'/config.cache.inc.php';

  16. 

  17. //更新配置函数

  18. function ReWriteConfig()

  19. {

  20.     global $dsql,$configfile;

  21.     if(!is_writeable($configfile))

  22.     {

  23.         echo "配置文件'{$configfile}'不支持写入,无法修改系统配置参数!";

  24.         exit();

  25.     }

  26.     $fp = fopen($configfile,'w');

  27.     flock($fp,3);

  28.     fwrite($fp,"<"."?php\r\n");

  29.     $dsql->SetQuery("SELECT `varname`,`type`,`value`,`groupid` FROM `#@__sysconfig` ORDER BY aid ASC ");

  30.     $dsql->Execute();

  31.     while($row = $dsql->GetArray())

  32.     {

  33.         if($row['type']=='number')

  34.         {

  35.             if($row['value']=='') $row['value'] = 0;

  36.             fwrite($fp,"\${$row['varname']} = ".$row['value'].";\r\n");

  37.         }

  38.         else

  39.         {

  40.             fwrite($fp,"\${$row['varname']} = '".str_replace("'",'',$row['value'])."';\r\n");

  41.         }

  42.     }

  43.     fwrite($fp,"?".">");

  44.     fclose($fp);

  45. }

  46. 

  47. //保存配置的改动

  48. if($dopost=="save")

  49. {

  50.     CheckCSRF();

  51.     foreach($_POST as $k=>$v)

  52.     {

  53.         if(preg_match("#^edit___#", $k))

  54.         {

  55.             $v = cn_substrR(${$k}, 1024);

  56.         }

  57.         else

  58.         {

  59.             continue;

  60.         }

  61.         $k = preg_replace("#^edit___#", "", $k);

  62.         $dsql->ExecuteNoneQuery("UPDATE `#@__sysconfig` SET `value`='$v' WHERE varname='$k' ");

  63.     }

  64.     ReWriteConfig();

  65.     ShowMsg("成功更改站点配置!", "sys_info.php");

  66.     exit();

  67. }

  68. //增加新变量

  69. else if($dopost=='add')

  70. {

  71.     CheckCSRF();

  72.     if($vartype=='bool' && ($nvarvalue!='Y' && $nvarvalue!='N'))

  73.     {

  74.         ShowMsg("布尔变量值必须为'Y'或'N'!","-1");

  75.         exit();

  76.     }

  77.     if(trim($nvarname)=='' || preg_match("#[^a-z_]#i", $nvarname) )

  78.     {

  79.         ShowMsg("变量名不能为空并且必须为[a-z_]组成!","-1");

  80.         exit();

  81.     }

  82.     $row = $dsql->GetOne("SELECT varname FROM `#@__sysconfig` WHERE varname LIKE '$nvarname' ");

  83.     if(is_array($row))

  84.     {

  85.         ShowMsg("该变量名称已经存在!","-1");

  86.         exit();

  87.     }

  88.     $row = $dsql->GetOne("SELECT aid FROM `#@__sysconfig` ORDER BY aid DESC ");

  89.     $aid = $row['aid'] + 1;

  90.     $inquery = "INSERT INTO `#@__sysconfig`(`aid`,`varname`,`info`,`value`,`type`,`groupid`)

  91.     VALUES ('$aid','$nvarname','$varmsg','$nvarvalue','$vartype','$vargroup')";

  92.     $rs = $dsql->ExecuteNoneQuery($inquery);

  93.     if(!$rs)

  94.     {

  95.         ShowMsg("新增变量失败,可能有非法字符!", "sys_info.php?gp=$vargroup");

  96.         exit();

  97.     }

  98.     if(!is_writeable($configfile))

  99.     {

  100.         ShowMsg("成功保存变量,但由于 $configfile 无法写入,因此不能更新配置文件!","sys_info.php?gp=$vargroup");

  101.         exit();

  102.     }else

  103.     {

  104.         ReWriteConfig();

  105.         ShowMsg("成功保存变量并更新配置文件!","sys_info.php?gp=$vargroup");

  106.         exit();

  107.     }

  108. }

  109. // 搜索配置

  110. else if ($dopost=='search')

  111. {

  112.     $keywords = isset($keywords)? strip_tags($keywords) : '';

  113.     $i = 1;

  114.     $configstr = <<<EOT

  115.  <table width="100%" cellspacing="1" cellpadding="1" border="0" bgcolor="#cfcfcf" id="tdSearch" style="">

  116.   <tbody>

  117.    <tr height="25" bgcolor="#fbfce2" align="center">

  118.     <td width="300">参数说明</td>

  119.     <td>参数值</td>

  120.     <td width="220">变量名</td>

  121.    </tr>

  122. EOT;

  123.     echo $configstr;

  124.     if ($keywords)

  125.     {

  126. 

  127.         $dsql->SetQuery("SELECT * FROM `#@__sysconfig` WHERE info LIKE '%$keywords%' OR varname LIKE '%$keywords%' order by aid asc");

  128.         $dsql->Execute();

  129.        

  130.         while ($row = $dsql->GetArray()) {

  131.             $bgcolor = ($i++%2==0)? "#F9FCEF" : "#ffffff";

  132.             $row['info'] = preg_replace("#{$keywords}#", '<font color="red">'.$keywords.'</font>', $row['info']);

  133.             $row['varname'] = preg_replace("#{$keywords}#", '<font color="red">'.$keywords.'</font>', $row['varname']);

  134. ?>

  135.       <tr align="center" height="25" bgcolor="<?php echo $bgcolor?>">

  136.        <td width="300"><?php echo $row['info']; ?>: </td>

  137.        <td align="left" style="padding:3px;">

  138. <?php

  139.     if($row['type']=='bool')

  140.     {

  141.         $c1='';

  142.         $c2 = '';

  143.         $row['value']=='Y' ? $c1=" checked" : $c2=" checked";

  144.         echo "<label><input type='radio' class='np' name='edit___{$row['varname']}' value='Y'$c1> 是</label>";

  145.         echo "<label><input type='radio' class='np' name='edit___{$row['varname']}' value='N'$c2> 否</label>";

  146.     }else if($row['type']=='bstring')

  147.     {

  148.         echo "<textarea name='edit___{$row['varname']}' row='4' id='edit___{$row['varname']}' class='textarea_info' style='width:98%;height:50px'>".dede_htmlspecialchars($row['value'])."</textarea>";

  149.     }else if($row['type']=='number')

  150.     {

  151.         echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value='{$row['value']}' style='width:30%'>";

  152.     }else

  153.     {

  154.         echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value=\"".dede_htmlspecialchars($row['value'])."\" style='width:80%'>";

  155.     }

  156.     ?>

  157. </td>

  158.        <td><?php echo $row['varname']?></td>

  159.       </tr>

  160.       <?php

  161. }

  162. ?>

  163.      </table>

  164.       <?php

  165.         exit;

  166.     }

  167.     if ($i == 1)

  168.     {

  169.         echo '      <tr align="center" bgcolor="#F9FCEF" height="25">

  170.            <td colspan="3">没有找到搜索的内容</td>

  171.           </tr></table>';

  172.     }

  173.     exit;

  174. } else if ($dopost=='make_encode')

  175. {

  176.     $chars='abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789';

  177.     $hash='';

  178.     $length = rand(28,32);

  179.     $max = strlen($chars) - 1;

  180.     for($i = 0; $i < $length; $i++) {

  181.         $hash .= $chars[mt_rand(0, $max)];

  182.     }

  183.     echo $hash;

  184.     exit();

  185. }

  186. include DedeInclude('templets/sys_info.htm');