From 1956a7cc4c7458d8ca29637e6c80b25531f58989 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=8F=99=E8=BF=B0=E3=80=81=E5=88=AB=E7=A6=BB?=
 <93301500+xushubieli@users.noreply.github.com>
Date: Fri, 2 Jun 2023 14:45:05 +0800
Subject: [PATCH] Update common.func.php

---
 src/system/common.func.php | 79 ++++++++++++++++++++------------------
 1 file changed, 41 insertions(+), 38 deletions(-)

diff --git a/src/system/common.func.php b/src/system/common.func.php
index 4b69d670..3f5c5e24 100755
--- a/src/system/common.func.php
+++ b/src/system/common.func.php
@@ -527,7 +527,7 @@ function GetUpdateSQL()
     fclose($fp);
     return $result;
 }
-/*会员中心调用默认主题模板<?php obtaintheme('head.htm');?>*/
+/*会员中心调用主题模板<?php obtaintheme('head.htm');?>*/
 if (!function_exists('obtaintheme')) {
     require_once DEDEINC."/archive/partview.class.php";
     function obtaintheme($path)
@@ -554,7 +554,7 @@ if (!function_exists('obtaintags')) {
         return $tags;
     }
 }
-//提取文档多图片[field:body function='obtainimgs(@me,3)'/]3表示调用文档3张图片，body则列表附加字段需添加body字段
+//提取文档多图片[field:body function='obtainimgs(@me,3)'/]3表示调用文档3张图片，则附加字段需添加body字段调用
 if (!function_exists('obtainimgs')) {
     function obtainimgs($string, $num)
     {
@@ -571,39 +571,7 @@ if (!function_exists('obtainimgs')) {
         return $result;
     }
 }
-//联动单筛选{dede:php}obtainfilter(模型id,类型,'字段1,字段2');{/dede:php}类型有三种，对应以下case值
-function litimgurls($imgid = 0)
-{
-    global  $dsql, $lit_imglist;
-    $row = $dsql->GetOne("SELECT c.addtable FROM `#@__archives` AS a LEFT JOIN `#@__channeltype` AS c ON a.channel=c.id WHERE a.id='$imgid'");
-    $addtable = trim($row['addtable']);
-    $row = $dsql->GetOne("SELECT imgurls FROM `$addtable` WHERE aid='$imgid'");
-    $ChannelUnit = new ChannelUnit(2, $imgid);
-    $lit_imglist = $ChannelUnit->GetlitImgLinks($row['imgurls']);
-    return $lit_imglist;
-}
-//联动单筛选字符过滤函数
-function string_filter($str, $stype = "inject")
-{
-    if ($stype == "inject") {
-        $str = str_replace(
-            array("select", "insert", "update", "delete", "alter", "cas", "union", "into", "load_file", "outfile", "create", "join", "where", "like", "drop", "modify", "rename", "'", "/*", "*", "../", "./"),
-            array("", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", ""),
-            $str
-        );
-    } else if ($stype == "xss") {
-        $farr = array("/\s+/", "/<(\/?)(script|META|STYLE|HTML|HEAD|BODY|STYLE |i?frame|b|strong|style|html|img|P|o:p|iframe|u|em|strike|BR|div|a|TABLE|TBODY|object|tr|td|st1:chsdate|FONT|span|MARQUEE|body|title|\r\n|link|meta|\?|\%)([^>]*?)>/isU", "/(<[^>]*)on[a-zA-Z]+\s*=([^>]*>)/isU",);
-        $tarr = array(" ", "", "\\1\\2",);
-        $str = preg_replace($farr, $tarr, $str);
-        $str = str_replace(
-            array("<", ">", "'", "\"", ";", "/*", "*", "../", "./"),
-            array("&lt;", "&gt;", "", "", "", "", "", "", ""),
-            $str
-        );
-    }
-    return $str;
-}
-//联动单筛选三种类型显示
+//联动单筛选{dede:php}obtainfilter(模型id,类型,'字段1,字段2');{/dede:php}类型表示前台展现方式对应case值
 function obtainfilter($channelid, $type = 1, $fieldsnamef = '', $defaulttid = 0, $toptid = 0, $loadtype = 'autofield')
 {
     global $tid, $dsql, $id, $aid;
@@ -631,6 +599,7 @@ function obtainfilter($channelid, $type = 1, $fieldsnamef = '', $defaulttid = 0,
                 $fields_value = $href2[0];
                 switch ($type) {
                     case 1:
+                        $dede_addonfields .= '<div class="mb-3">';
                         $dede_addonfields .= (preg_match("/&".$ctag->GetName()."=/is",$filterarr,$regm) ? '<a href="'.str_replace("&".$ctag->GetName()."=".$fields_value,"",$filterarr).'" class="btn btn-outline-success btn-sm">全部</a>' : '<a href="'.str_replace("&".$ctag->GetName()."=".$fields_value,"",$filterarr).'" class="btn btn-success btn-sm">全部</a>');
                         $addonfields_items = explode(",",$ctag->GetAtt('default'));
                         for ($i=0; $i<count($addonfields_items); $i++)
@@ -638,9 +607,10 @@ function obtainfilter($channelid, $type = 1, $fieldsnamef = '', $defaulttid = 0,
                             $href = stripos($filterarr,$ctag->GetName().'=') ? str_replace("=".$fields_value,"=".urlencode($addonfields_items[$i]),$filterarr) : $filterarr.'&'.$ctag->GetName().'='.urlencode($addonfields_items[$i]);
                             $dede_addonfields .= ($fields_value!=urlencode($addonfields_items[$i]) ? '<a title="'.$addonfields_items[$i].'" href="'.$href.'" class="btn btn-outline-success btn-sm">'.$addonfields_items[$i].'</a>' : '<a href="'.$href.'" class="btn btn-success btn-sm">'.$addonfields_items[$i].'</a>');
                         }
+                        $dede_addonfields .= '</div>';
                     break;
                     case 2:
-                        $dede_addonfields .= '<select name="filter'.$ctag->GetName().'" onchange="window.location=this.options[this.selectedIndex].value">
+                        $dede_addonfields .= '<select name="filter'.$ctag->GetName().'" onchange="window.location=this.options[this.selectedIndex].value" class="form-control w-25 mr-3">
                             '.'<option value="'.str_replace("&".$ctag->GetName()."=".$fields_value,"",$filterarr).'">全部</option>';
                         $addonfields_items = explode(",",$ctag->GetAtt('default'));
                         for ($i=0; $i<count($addonfields_items); $i++)
@@ -649,10 +619,10 @@ function obtainfilter($channelid, $type = 1, $fieldsnamef = '', $defaulttid = 0,
                             $dede_addonfields .= '<option value="'.$href.'"'.($fields_value==urlencode($addonfields_items[$i]) ? ' selected="selected"' : '').'>'.$addonfields_items[$i].'</option>
                             ';
                         }
-                        $dede_addonfields .= '</select>
-                        ';
+                        $dede_addonfields .= '</select>';
                     break;
                     case 3:
+                        $dede_addonfields .= '<div class="mb-3">';
                         $dede_addonfields .= (preg_match("/&".$ctag->GetName()."=/is",$filterarr,$regm) ? '<a href="'.str_replace("&".$ctag->GetName()."=".$fields_value,"",$filterarr).'"><input type="radio" name="filter'.$ctag->GetName().'" value="'.str_replace("&".$ctag->GetName()."=".$fields_value,"",$filterarr).'" onclick="window.location=this.value">全部</a>' : '<span><input type="radio" name="filter'.$ctag->GetName().'" checked="checked">全部</span>');
                         $addonfields_items = explode(",",$ctag->GetAtt('default'));
                         for ($i=0; $i<count($addonfields_items); $i++)
@@ -660,6 +630,7 @@ function obtainfilter($channelid, $type = 1, $fieldsnamef = '', $defaulttid = 0,
                             $href = stripos($filterarr,$ctag->GetName().'=') ? str_replace("=".$fields_value,"=".urlencode($addonfields_items[$i]),$filterarr) : $filterarr.'&'.$ctag->GetName().'='.urlencode($addonfields_items[$i]);
                             $dede_addonfields .= ($fields_value!=urlencode($addonfields_items[$i]) ? '<a title="'.$addonfields_items[$i].'" href="'.$href.'"><input type="radio" name="filter'.$ctag->GetName().'" value="'.$href.'" onclick="window.location=this.value">'.$addonfields_items[$i].'</a>' : '<span><input type="radio" name="filter'.$ctag->GetName().'" checked="checked">'.$addonfields_items[$i].'</span>');
                         }
+                        $dede_addonfields .= '</div>';
                     break;
                 }
             }
@@ -667,6 +638,38 @@ function obtainfilter($channelid, $type = 1, $fieldsnamef = '', $defaulttid = 0,
     }
     echo $dede_addonfields;
 }
+//联动单筛选获取附加表
+function litimgurls($imgid = 0)
+{
+    global  $dsql, $lit_imglist;
+    $row = $dsql->GetOne("SELECT c.addtable FROM `#@__archives` AS a LEFT JOIN `#@__channeltype` AS c ON a.channel=c.id WHERE a.id='$imgid'");
+    $addtable = trim($row['addtable']);
+    $row = $dsql->GetOne("SELECT imgurls FROM `$addtable` WHERE aid='$imgid'");
+    $ChannelUnit = new ChannelUnit(2, $imgid);
+    $lit_imglist = $ChannelUnit->GetlitImgLinks($row['imgurls']);
+    return $lit_imglist;
+}
+//联动单筛选字符过滤函数
+function string_filter($str, $stype = "inject")
+{
+    if ($stype == "inject") {
+        $str = str_replace(
+            array("select", "insert", "update", "delete", "alter", "cas", "union", "into", "load_file", "outfile", "create", "join", "where", "like", "drop", "modify", "rename", "'", "/*", "*", "../", "./"),
+            array("", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", ""),
+            $str
+        );
+    } else if ($stype == "xss") {
+        $farr = array("/\s+/", "/<(\/?)(script|META|STYLE|HTML|HEAD|BODY|STYLE |i?frame|b|strong|style|html|img|P|o:p|iframe|u|em|strike|BR|div|a|TABLE|TBODY|object|tr|td|st1:chsdate|FONT|span|MARQUEE|body|title|\r\n|link|meta|\?|\%)([^>]*?)>/isU", "/(<[^>]*)on[a-zA-Z]+\s*=([^>]*>)/isU",);
+        $tarr = array(" ", "", "\\1\\2",);
+        $str = preg_replace($farr, $tarr, $str);
+        $str = str_replace(
+            array("<", ">", "'", "\"", ";", "/*", "*", "../", "./"),
+            array("&lt;", "&gt;", "", "", "", "", "", "", ""),
+            $str
+        );
+    }
+    return $str;
+}
 /**
  * GetMimeTypeOrExtension
  *