tianya
2 年之前
共有 4 個檔案被更改,包括 46 行新增 和 10 行删除
統一視圖
Diff Options
-
+5 -0src/admin/article_test_same.php
-
+31 -6src/admin/index_body.php
-
+5 -2src/system/database/dedesqli.class.php
-
+5 -2src/system/database/dedesqlite.class.php
+ 5
- 0
src/admin/article_test_same.php
查看文件
| @@ -20,6 +20,7 @@ if ($dopost == 'analyse') { | |||||
| showmsg('栏目id不正确,无法处理', 'javascript:;'); | showmsg('栏目id不正确,无法处理', 'javascript:;'); | ||||
| exit(); | exit(); | ||||
| } | } | ||||
| $pagesize = intval($pagesize); | |||||
| $dsql->SetQuery("SELECT COUNT(title) AS dd,title FROM `$maintable` WHERE channel='$channelid' GROUP BY title ORDER BY dd DESC LIMIT 0, $pagesize"); | $dsql->SetQuery("SELECT COUNT(title) AS dd,title FROM `$maintable` WHERE channel='$channelid' GROUP BY title ORDER BY dd DESC LIMIT 0, $pagesize"); | ||||
| $dsql->Execute(); | $dsql->Execute(); | ||||
| $allarc = 0; | $allarc = 0; | ||||
| @@ -36,6 +37,10 @@ else if ($dopost == 'delsel') { | |||||
| echo "没有指定删除的文档"; | echo "没有指定删除的文档"; | ||||
| exit(); | exit(); | ||||
| } | } | ||||
| if (!$dsql->IsTable($maintable)) { | |||||
| ShowMsg("数据表名称错误", "javascript:;"); | |||||
| exit(); | |||||
| } | |||||
| $titless = split('`', $titles); | $titless = split('`', $titles); | ||||
| if ($channelid < -1) { | if ($channelid < -1) { | ||||
| $orderby = ($deltype == 'delnew' ? " ORDER BY aid DESC " : " ORDER BY aid ASC "); | $orderby = ($deltype == 'delnew' ? " ORDER BY aid DESC " : " ORDER BY aid ASC "); | ||||
+ 31
- 6
src/admin/index_body.php
查看文件
| @@ -65,18 +65,43 @@ if (empty($dopost)) { | |||||
| <?php | <?php | ||||
| exit; | exit; | ||||
| } elseif ($dopost == "system_info") { | } elseif ($dopost == "system_info") { | ||||
| if (!extension_loaded("openssl")) { | |||||
| if (empty(trim($cfg_auth_code))) { | |||||
| $indexHTML = ""; | |||||
| if (file_exists(DEDEROOT."/index.html")) { | |||||
| $indexHTML = file_get_contents(DEDEROOT."/index.html"); | |||||
| } else { | |||||
| $row = $dsql->GetOne("SELECT * FROM `#@__homepageset`"); | |||||
| $row['templet'] = MfTemplet($row['templet']); | |||||
| $pv = new PartView(); | |||||
| $pv->SetTemplet($cfg_basedir.$cfg_templets_dir."/".$row['templet']); | |||||
| $row['showmod'] = isset($row['showmod']) ? $row['showmod'] : 0; | |||||
| if ($row['showmod'] == 0) { | |||||
| ob_start(); | |||||
| $pv->Display(); | |||||
| $indexHTML = ob_get_contents(); | |||||
| ob_end_clean(); | |||||
| } | |||||
| } | |||||
| $pattern = '/<a\s[^>]*href=["\']?([^"\'>\s]*)["\']?[^>]*>/is'; | |||||
| preg_match_all($pattern, $indexHTML, $matches); | |||||
| $hasPowered = false; | |||||
| foreach ($matches[1] as $href) { | |||||
| if (preg_match("#^https://www.dedebiz.com#",$href)) { | |||||
| $hasPowered = true; | |||||
| } | |||||
| } | |||||
| $poweredStr = $hasPowered? "" : "请保留正确的<a href='https://www.dedebiz.com/powered_by_dedebiz' class='text-primary'>底部版权信息</a>,"; | |||||
| echo json_encode(array( | echo json_encode(array( | ||||
| "code" => -1001, | |||||
| "msg" => "PHP不支持OpenSSL,无法完成商业版授权", | |||||
| "code" => -1002, | |||||
| "msg" => "当前站点已授权社区版,{$poweredStr}获取更多官方技术支持,请选择<a href='https://www.dedebiz.com/auth' class='text-primary'>商业版</a>", | |||||
| "result" => null, | "result" => null, | ||||
| )); | )); | ||||
| exit; | exit; | ||||
| } | } | ||||
| if (empty(trim($cfg_auth_code))) { | |||||
| if (!extension_loaded("openssl")) { | |||||
| echo json_encode(array( | echo json_encode(array( | ||||
| "code" => -1002, | |||||
| "msg" => "当前站点已授权社区版,获取更多官方技术支持,请选择<a href='https://www.dedebiz.com/auth' class='text-primary'>商业版</a>", | |||||
| "code" => -1001, | |||||
| "msg" => "PHP不支持OpenSSL,无法完成商业版授权", | |||||
| "result" => null, | "result" => null, | ||||
| )); | )); | ||||
| exit; | exit; | ||||
+ 5
- 2
src/system/database/dedesqli.class.php
查看文件
| @@ -375,11 +375,14 @@ class DedeSqli | |||||
| function IsTable($tbname) | function IsTable($tbname) | ||||
| { | { | ||||
| global $dsqli; | global $dsqli; | ||||
| $prefix = "#@__"; | |||||
| $tbname = str_replace($prefix, $GLOBALS['cfg_dbprefix'], $tbname); | |||||
| if (!preg_match('/^[\p{L}_][\p{L}\p{N}@$#\-_]*$/u', $tbname)) { | |||||
| return FALSE; | |||||
| } | |||||
| if (!$dsqli->isInit) { | if (!$dsqli->isInit) { | ||||
| $this->Init($this->pconnect); | $this->Init($this->pconnect); | ||||
| } | } | ||||
| $prefix = "#@__"; | |||||
| $tbname = str_replace($prefix, $GLOBALS['cfg_dbprefix'], $tbname); | |||||
| if (mysqli_num_rows(@mysqli_query($this->linkID, "SHOW TABLES LIKE '".$tbname."'"))) { | if (mysqli_num_rows(@mysqli_query($this->linkID, "SHOW TABLES LIKE '".$tbname."'"))) { | ||||
| return TRUE; | return TRUE; | ||||
| } | } | ||||
+ 5
- 2
src/system/database/dedesqlite.class.php
查看文件
| @@ -352,11 +352,14 @@ class DedeSqlite | |||||
| function IsTable($tbname) | function IsTable($tbname) | ||||
| { | { | ||||
| global $dsqlite; | global $dsqlite; | ||||
| $prefix = "#@__"; | |||||
| $tbname = str_replace($prefix, $GLOBALS['cfg_dbprefix'], $tbname); | |||||
| if (!preg_match('/^[\p{L}_][\p{L}\p{N}@$#\-_]*$/u', $tbname)) { | |||||
| return FALSE; | |||||
| } | |||||
| if (!$dsqlite->isInit) { | if (!$dsqlite->isInit) { | ||||
| $this->Init($this->pconnect); | $this->Init($this->pconnect); | ||||
| } | } | ||||
| $prefix = "#@__"; | |||||
| $tbname = str_replace($prefix, $GLOBALS['cfg_dbprefix'], $tbname); | |||||
| $row = $this->linkID->querySingle("PRAGMA table_info({$tbname});"); | $row = $this->linkID->querySingle("PRAGMA table_info({$tbname});"); | ||||
| if ($row !== null) { | if ($row !== null) { | ||||
| return TRUE; | return TRUE; | ||||