@@ -265,5 +265,15 @@ else if ($dopost == 'moveCatalog') { | |||||
ShowMsg('成功移动目录', 'catalog_main.php'); | ShowMsg('成功移动目录', 'catalog_main.php'); | ||||
exit(); | exit(); | ||||
} | } | ||||
} //查看API | |||||
else if ($dopost == 'viewAPI') { | |||||
require_once(DEDEINC.'/typelink/typelink.class.php'); | |||||
$typeid = isset($typeid) ? intval($typeid) : 0; | |||||
$tl = new TypeLink($typeid); | |||||
$timestamp = time(); | |||||
$sign = sha1($typeid.$timestamp.$tl->TypeInfos['apikey'].'1'.'10'); | |||||
$u = "tid={$typeid}&mod=1×tamp={$timestamp}&PageNo=1&PageSize=10&sign={$sign}"; | |||||
header('HTTP/1.1 301 Moved Permanently'); | |||||
header("Location:../apps/list.php?{$u}"); | |||||
} | } | ||||
?> | ?> |
@@ -34,6 +34,7 @@ class ListView | |||||
var $IsReplace; | var $IsReplace; | ||||
var $remoteDir; | var $remoteDir; | ||||
var $mod; | var $mod; | ||||
var $_parms = array('tid','TotalResult','PageNo','PageSize','mod','timestamp','sign'); | |||||
/** | /** | ||||
* php5构造函数 | * php5构造函数 | ||||
* | * | ||||
@@ -74,13 +75,41 @@ class ListView | |||||
//添加联动单筛选 | //添加联动单筛选 | ||||
if (isset($_REQUEST['tid'])) { | if (isset($_REQUEST['tid'])) { | ||||
foreach($_GET as $key => $value) { | foreach($_GET as $key => $value) { | ||||
if ($key!="tid" && $key!="TotalResult" && $key!="PageNo" && $key!="PageSize" && $key!="mod") { | |||||
if (!in_array($key,$this->_parms)) { | |||||
$this->Fields[string_filter($key)] = string_filter(urldecode($value)); | $this->Fields[string_filter($key)] = string_filter(urldecode($value)); | ||||
} | } | ||||
} | } | ||||
} | } | ||||
//设置一些全局参数的值 | //设置一些全局参数的值 | ||||
foreach ($GLOBALS['PubFields'] as $k => $v) $this->Fields[$k] = $v; | foreach ($GLOBALS['PubFields'] as $k => $v) $this->Fields[$k] = $v; | ||||
//API相关逻辑处理 | |||||
if ($this->mod == 1 && empty($this->Fields['apikey'])) { | |||||
echo json_encode(array( | |||||
"code" => -1, | |||||
"msg" => "api key is empty", | |||||
)); | |||||
exit; | |||||
} | |||||
if($this->mod == 1){ | |||||
if (empty($GLOBALS['sign'])) { | |||||
echo json_encode(array( | |||||
"code" => -1, | |||||
"msg" => "sign is empty", | |||||
)); | |||||
exit; | |||||
} | |||||
//验签算法 sha1(typeid+timestamp+apikey+PageNo+PageSize) | |||||
$sign = sha1($this->TypeID.$GLOBALS['timestamp'].$this->Fields['apikey'].$GLOBALS['PageNo'].$GLOBALS['PageSize']); | |||||
if ($sign !== $GLOBALS['sign']) { | |||||
echo json_encode(array( | |||||
"code" => -1, | |||||
"msg" => "sign check failed", | |||||
)); | |||||
exit; | |||||
} | |||||
} | |||||
$this->Fields['rsslink'] = $GLOBALS['cfg_cmsurl']."/static/rss/".$this->TypeID.".xml"; | $this->Fields['rsslink'] = $GLOBALS['cfg_cmsurl']."/static/rss/".$this->TypeID.".xml"; | ||||
//设置环境变量 | //设置环境变量 | ||||
SetSysEnv($this->TypeID, $this->Fields['typename'], 0, '', 'list'); | SetSysEnv($this->TypeID, $this->Fields['typename'], 0, '', 'list'); | ||||
@@ -151,7 +180,7 @@ class ListView | |||||
} | } | ||||
if (isset($_REQUEST['tid'])) { | if (isset($_REQUEST['tid'])) { | ||||
foreach ($_GET as $key => $value) { | foreach ($_GET as $key => $value) { | ||||
$filtersql .= ($key!="tid" && $key!="TotalResult" && $key!="PageNo" && $key!="PageSize" && $key!="mod") ? " AND $addtable.".string_filter($key)." = '".string_filter(urldecode($value))."'" : ''; | |||||
$filtersql .= (!in_array($key,$this->_parms)) ? " AND $addtable.".string_filter($key)." = '".string_filter(urldecode($value))."'" : ''; | |||||
} | } | ||||
} | } | ||||
} else { | } else { | ||||
@@ -428,7 +457,7 @@ class ListView | |||||
if (isset($_REQUEST['tid'])) { | if (isset($_REQUEST['tid'])) { | ||||
foreach($_GET as $key => $value) | foreach($_GET as $key => $value) | ||||
{ | { | ||||
$filtersql .= ($key!="tid" && $key!="TotalResult" && $key!="PageNo" && $key!="PageSize" && $key !="mod") ? " AND $addtable.".string_filter($key)." = '".string_filter(urldecode($value))."'" : ''; | |||||
$filtersql .= (!in_array($key,$this->_parms)) ? " AND $addtable.".string_filter($key)." = '".string_filter(urldecode($value))."'" : ''; | |||||
} | } | ||||
} | } | ||||
} else { | } else { | ||||
@@ -837,7 +866,7 @@ class ListView | |||||
if (isset($_REQUEST['tid'])) { | if (isset($_REQUEST['tid'])) { | ||||
foreach($_GET as $key => $value) | foreach($_GET as $key => $value) | ||||
{ | { | ||||
$filtersql .= ($key!="tid" && $key!="TotalResult" && $key!="PageNo" && $key!="PageSize" && $key!="mod") ? " AND $addtable.".string_filter($key)." = '".string_filter(urldecode($value))."'" : ''; | |||||
$filtersql .= (!in_array($key,$this->_parms)) ? " AND $addtable.".string_filter($key)." = '".string_filter(urldecode($value))."'" : ''; | |||||
} | } | ||||
} | } | ||||
} else { | } else { | ||||
@@ -12,14 +12,25 @@ require_once(DEDEINC . "/libraries/jsonq/Jsonq.php"); | |||||
helper('cache'); | helper('cache'); | ||||
function lib_jsonq(&$ctag, &$refObj) | function lib_jsonq(&$ctag, &$refObj) | ||||
{ | { | ||||
$attlist = "url|,path|,cachetime|3600"; | |||||
$attlist = "url|,path|,typeid|,row|,apikey|,cachetime|3600"; | |||||
FillAttsDefault($ctag->CAttribute->Items, $attlist); | FillAttsDefault($ctag->CAttribute->Items, $attlist); | ||||
extract($ctag->CAttribute->Items, EXTR_SKIP); | extract($ctag->CAttribute->Items, EXTR_SKIP); | ||||
$Innertext = trim($ctag->GetInnerText()); | $Innertext = trim($ctag->GetInnerText()); | ||||
if ($url == '' || $Innertext == '') return ''; | if ($url == '' || $Innertext == '') return ''; | ||||
if (!empty($typeid)) { | |||||
$typeid = intval($typeid); | |||||
} | |||||
if ($typeid > 0) { | |||||
$timestamp = time(); | |||||
$sign = sha1($typeid.$timestamp.$apikey.'1'.'10'); | |||||
$u = "tid={$typeid}&mod=1×tamp={$timestamp}&PageNo=1&PageSize={$row}&sign={$sign}"; | |||||
$url = $url."/apps/list.php?{$u}"; | |||||
$path = "$.lists"; | |||||
} | |||||
$key = md5($url); | $key = md5($url); | ||||
try { | try { | ||||
if ($path=='') { | if ($path=='') { | ||||
//选择器获取某个特定值 | |||||
$jsonq = new Jsonq($url); | $jsonq = new Jsonq($url); | ||||
$revalue = GetCache("tagjsonq2", $key); | $revalue = GetCache("tagjsonq2", $key); | ||||
if (!empty($revalue)) { | if (!empty($revalue)) { | ||||
@@ -90,7 +90,7 @@ class TypeUnit | |||||
$admin_catalogs = explode(',', $admin_catalog); | $admin_catalogs = explode(',', $admin_catalog); | ||||
$admin_catalogs = array_unique($admin_catalogs); | $admin_catalogs = array_unique($admin_catalogs); | ||||
} | } | ||||
$this->dsql->SetQuery("SELECT id,typedir,typename,ispart,sortrank,ishidden FROM `#@__arctype` WHERE reid=0 ORDER BY sortrank"); | |||||
$this->dsql->SetQuery("SELECT id,typedir,typename,ispart,sortrank,ishidden,apienabled FROM `#@__arctype` WHERE reid=0 ORDER BY sortrank"); | |||||
$this->dsql->Execute(0); | $this->dsql->Execute(0); | ||||
$i = 0; | $i = 0; | ||||
while ($row = $this->dsql->GetObject(0)) { | while ($row = $this->dsql->GetObject(0)) { | ||||
@@ -114,6 +114,8 @@ class TypeUnit | |||||
echo "<td class='admin-td'><table width='98%' cellspacing='0' cellpadding='0'><tr><td width='50%'><i id='img".$id."' onClick=\"LoadSuns('suns".$id."',$id);\" class='fa fa-plus-square'></i><input type='checkbox' name='tids[]' value='{$id}' class='mr-3 ml-3'><span class='btn btn-success btn-xs'>列表</span>{$nss}<a href='catalog_do.php?cid=".$id."&dopost=listArchives' class='mr-3 ml-3'>".$typeName."</a>[id:".$id."](文档数:".$this->GetTotalArc($id).")"; | echo "<td class='admin-td'><table width='98%' cellspacing='0' cellpadding='0'><tr><td width='50%'><i id='img".$id."' onClick=\"LoadSuns('suns".$id."',$id);\" class='fa fa-plus-square'></i><input type='checkbox' name='tids[]' value='{$id}' class='mr-3 ml-3'><span class='btn btn-success btn-xs'>列表</span>{$nss}<a href='catalog_do.php?cid=".$id."&dopost=listArchives' class='mr-3 ml-3'>".$typeName."</a>[id:".$id."](文档数:".$this->GetTotalArc($id).")"; | ||||
echo "</td>"; | echo "</td>"; | ||||
echo "<td align='right'><a href='{$GLOBALS['cfg_phpurl']}/list.php?tid={$id}' target='_blank' title='预览' class='btn btn-light btn-sm'><i class='fa fa-eye'></i></a>"; | echo "<td align='right'><a href='{$GLOBALS['cfg_phpurl']}/list.php?tid={$id}' target='_blank' title='预览' class='btn btn-light btn-sm'><i class='fa fa-eye'></i></a>"; | ||||
$apidisabled = $row->apienabled == 1? '' : ' disabled'; | |||||
echo "<a href='catalog_do.php?dopost=viewAPI&typeid={$id}' target='_blank' title='接口' class='btn btn-light btn-sm{$apidisabled}'><i class='fa fa-bolt'></i></a>"; | |||||
echo "<a href='catalog_do.php?cid={$id}&dopost=listArchives' title='文档' class='btn btn-light btn-sm'><i class='fa fa-file-text'></i></a>"; | echo "<a href='catalog_do.php?cid={$id}&dopost=listArchives' title='文档' class='btn btn-light btn-sm'><i class='fa fa-file-text'></i></a>"; | ||||
echo "<a href='catalog_add.php?id={$id}' title='添加' class='btn btn-light btn-sm'><i class='fa fa-plus-circle'></i></a>"; | echo "<a href='catalog_add.php?id={$id}' title='添加' class='btn btn-light btn-sm'><i class='fa fa-plus-circle'></i></a>"; | ||||
echo "<a href='catalog_edit.php?id={$id}' title='修改' class='btn btn-light btn-sm'><i class='fa fa-pencil-square'></i></a>"; | echo "<a href='catalog_edit.php?id={$id}' title='修改' class='btn btn-light btn-sm'><i class='fa fa-pencil-square'></i></a>"; | ||||
@@ -197,6 +199,8 @@ class TypeUnit | |||||
echo "$step<i id='img".$id."' onClick=\"LoadSuns('suns".$id."',$id);\" class='fa fa-plus-square'></i><input type='checkbox' name='tids[]' value='{$id}' class='mr-3 ml-3'><span class='btn btn-success btn-xs'>列表</span>{$nss}<a href='catalog_do.php?cid=".$id."&dopost=listArchives' class='mr-3 ml-3'>".$typeName."</a>[id:".$id."](文档数:".$this->GetTotalArc($id).")"; | echo "$step<i id='img".$id."' onClick=\"LoadSuns('suns".$id."',$id);\" class='fa fa-plus-square'></i><input type='checkbox' name='tids[]' value='{$id}' class='mr-3 ml-3'><span class='btn btn-success btn-xs'>列表</span>{$nss}<a href='catalog_do.php?cid=".$id."&dopost=listArchives' class='mr-3 ml-3'>".$typeName."</a>[id:".$id."](文档数:".$this->GetTotalArc($id).")"; | ||||
echo "</td>"; | echo "</td>"; | ||||
echo "<td align='right'><a href='{$GLOBALS['cfg_phpurl']}/list.php?tid={$id}' target='_blank' title='预览' class='btn btn-light btn-sm'><i class='fa fa-eye'></i></a>"; | echo "<td align='right'><a href='{$GLOBALS['cfg_phpurl']}/list.php?tid={$id}' target='_blank' title='预览' class='btn btn-light btn-sm'><i class='fa fa-eye'></i></a>"; | ||||
$apidisabled = $row->apienabled == 1? '' : ' disabled'; | |||||
echo "<a href='catalog_do.php?dopost=viewAPI&typeid={$id}' target='_blank' title='接口' class='btn btn-light btn-sm{$apidisabled}'><i class='fa fa-bolt'></i></a>"; | |||||
echo "<a href='catalog_do.php?cid={$id}&dopost=listArchives' title='文档' class='btn btn-light btn-sm'><i class='fa fa-file-text'></i></a>"; | echo "<a href='catalog_do.php?cid={$id}&dopost=listArchives' title='文档' class='btn btn-light btn-sm'><i class='fa fa-file-text'></i></a>"; | ||||
echo "<a href='catalog_add.php?id={$id}' title='添加' class='btn btn-light btn-sm'><i class='fa fa-plus-circle'></i></a>"; | echo "<a href='catalog_add.php?id={$id}' title='添加' class='btn btn-light btn-sm'><i class='fa fa-plus-circle'></i></a>"; | ||||
echo "<a href='catalog_edit.php?id={$id}' title='修改' class='btn btn-light btn-sm'><i class='fa fa-pencil-square'></i></a>"; | echo "<a href='catalog_edit.php?id={$id}' title='修改' class='btn btn-light btn-sm'><i class='fa fa-pencil-square'></i></a>"; | ||||