国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

163 lines
6.2KB

  1. <?php
  2. /**
  3. * 系统配置
  4. *
  5. * @version $Id: sys_info.php 1 22:28 2010年7月20日Z tianya $
  6. * @package DedeBIZ.Administrator
  7. * @copyright Copyright (c) 2020, DedeBIZ.COM
  8. * @license https://www.dedebiz.com/license
  9. * @link https://www.dedebiz.com
  10. */
  11. require_once(dirname(__FILE__) . "/config.php");
  12. CheckPurview('sys_Edit');
  13. if (empty($dopost)) $dopost = "";
  14. $configfile = DEDEDATA . '/config.cache.inc.php';
  15. //更新配置函数
  16. function ReWriteConfig()
  17. {
  18. global $dsql, $configfile;
  19. if (!is_writeable($configfile)) {
  20. echo "配置文件'{$configfile}'不支持写入,无法修改系统配置参数!";
  21. exit();
  22. }
  23. $fp = fopen($configfile, 'w');
  24. flock($fp, 3);
  25. fwrite($fp, "<" . "?php\r\n");
  26. $dsql->SetQuery("SELECT `varname`,`type`,`value`,`groupid` FROM `#@__sysconfig` ORDER BY aid ASC ");
  27. $dsql->Execute();
  28. while ($row = $dsql->GetArray()) {
  29. if ($row['type'] == 'number') {
  30. if ($row['value'] == '') $row['value'] = 0;
  31. fwrite($fp, "\${$row['varname']} = " . $row['value'] . ";\r\n");
  32. } else {
  33. fwrite($fp, "\${$row['varname']} = '" . str_replace("'", '', $row['value']) . "';\r\n");
  34. }
  35. }
  36. fwrite($fp, "?" . ">");
  37. fclose($fp);
  38. }
  39. //保存配置的改动
  40. if ($dopost == "save") {
  41. CheckCSRF();
  42. foreach ($_POST as $k => $v) {
  43. if (preg_match("#^edit___#", $k)) {
  44. $v = cn_substrR(${$k}, 1024);
  45. } else {
  46. continue;
  47. }
  48. $k = preg_replace("#^edit___#", "", $k);
  49. $dsql->ExecuteNoneQuery("UPDATE `#@__sysconfig` SET `value`='$v' WHERE varname='$k' ");
  50. }
  51. ReWriteConfig();
  52. ShowMsg("成功更改站点配置!", "sys_info.php");
  53. exit();
  54. }
  55. //增加新变量
  56. else if ($dopost == 'add') {
  57. CheckCSRF();
  58. if ($vartype == 'bool' && ($nvarvalue != 'Y' && $nvarvalue != 'N')) {
  59. ShowMsg("布尔变量值必须为'Y'或'N'!", "-1");
  60. exit();
  61. }
  62. if (trim($nvarname) == '' || preg_match("#[^a-z_]#i", $nvarname)) {
  63. ShowMsg("变量名不能为空并且必须为[a-z_]组成!", "-1");
  64. exit();
  65. }
  66. $row = $dsql->GetOne("SELECT varname FROM `#@__sysconfig` WHERE varname LIKE '$nvarname' ");
  67. if (is_array($row)) {
  68. ShowMsg("该变量名称已经存在!", "-1");
  69. exit();
  70. }
  71. $row = $dsql->GetOne("SELECT aid FROM `#@__sysconfig` ORDER BY aid DESC ");
  72. $aid = $row['aid'] + 1;
  73. $inquery = "INSERT INTO `#@__sysconfig`(`aid`,`varname`,`info`,`value`,`type`,`groupid`)
  74. VALUES ('$aid','$nvarname','$varmsg','$nvarvalue','$vartype','$vargroup')";
  75. $rs = $dsql->ExecuteNoneQuery($inquery);
  76. if (!$rs) {
  77. ShowMsg("新增变量失败,可能有非法字符!", "sys_info.php?gp=$vargroup");
  78. exit();
  79. }
  80. if (!is_writeable($configfile)) {
  81. ShowMsg("成功保存变量,但由于 $configfile 无法写入,因此不能更新配置文件!", "sys_info.php?gp=$vargroup");
  82. exit();
  83. } else {
  84. ReWriteConfig();
  85. ShowMsg("成功保存变量并更新配置文件!", "sys_info.php?gp=$vargroup");
  86. exit();
  87. }
  88. }
  89. // 搜索配置
  90. else if ($dopost == 'search') {
  91. $keywords = isset($keywords) ? strip_tags($keywords) : '';
  92. $i = 1;
  93. $configstr = <<<EOT
  94. <table width="100%" cellspacing="1" cellpadding="1" border="0" bgcolor="#cfcfcf" id="tdSearch" style="">
  95. <tbody>
  96. <tr height="25" bgcolor="#fbfce2" align="center">
  97. <td width="300">参数说明</td>
  98. <td>参数值</td>
  99. <td width="220">变量名</td>
  100. </tr>
  101. EOT;
  102. echo $configstr;
  103. if ($keywords) {
  104. $dsql->SetQuery("SELECT * FROM `#@__sysconfig` WHERE info LIKE '%$keywords%' OR varname LIKE '%$keywords%' order by aid asc");
  105. $dsql->Execute();
  106. while ($row = $dsql->GetArray()) {
  107. $bgcolor = ($i++ % 2 == 0) ? "#F9FCEF" : "#ffffff";
  108. $row['info'] = preg_replace("#{$keywords}#", '<font color="red">' . $keywords . '</font>', $row['info']);
  109. $row['varname'] = preg_replace("#{$keywords}#", '<font color="red">' . $keywords . '</font>', $row['varname']);
  110. ?>
  111. <tr align="center" height="25" bgcolor="<?php echo $bgcolor ?>">
  112. <td width="300"><?php echo $row['info']; ?>: </td>
  113. <td align="left" style="padding:3px;">
  114. <?php
  115. if ($row['type'] == 'bool') {
  116. $c1 = '';
  117. $c2 = '';
  118. $row['value'] == 'Y' ? $c1 = " checked" : $c2 = " checked";
  119. echo "<label><input type='radio' class='np' name='edit___{$row['varname']}' value='Y'$c1> 是</label>";
  120. echo "<label><input type='radio' class='np' name='edit___{$row['varname']}' value='N'$c2> 否</label>";
  121. } else if ($row['type'] == 'bstring') {
  122. echo "<textarea name='edit___{$row['varname']}' row='4' id='edit___{$row['varname']}' class='textarea_info' style='width:98%;height:50px'>" . dede_htmlspecialchars($row['value']) . "</textarea>";
  123. } else if ($row['type'] == 'number') {
  124. echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value='{$row['value']}' style='width:30%'>";
  125. } else {
  126. echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value=\"" . dede_htmlspecialchars($row['value']) . "\" style='width:80%'>";
  127. }
  128. ?>
  129. </td>
  130. <td><?php echo $row['varname'] ?></td>
  131. </tr>
  132. <?php
  133. }
  134. ?>
  135. </table>
  136. <?php
  137. exit;
  138. }
  139. if ($i == 1) {
  140. echo ' <tr align="center" bgcolor="#F9FCEF" height="25">
  141. <td colspan="3">没有找到搜索的内容</td>
  142. </tr></table>';
  143. }
  144. exit;
  145. } else if ($dopost == 'make_encode') {
  146. $chars = 'abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789';
  147. $hash = '';
  148. $length = rand(28, 32);
  149. $max = strlen($chars) - 1;
  150. for ($i = 0; $i < $length; $i++) {
  151. $hash .= $chars[mt_rand(0, $max)];
  152. }
  153. echo $hash;
  154. exit();
  155. }
  156. include DedeInclude('templets/sys_info.htm');