2 years ago · d3cb949d16
--- a/.gitignore
+++ b/.gitignore
@@ -37,3 +37,4 @@ src/data/js/
 src/data/vote/*.js
 src/data/module/*.xml
 src/data/*.db
 src/uploads/soft/*/
--- a/README.md
+++ b/README.md
@@ -1,10 +1,10 @@
 # DedeCMSV6
 # DedeBIZ

 国内流行的内容管理系统（CMS）多端全媒体解决方案，DedeCMSV6系统基于PHP7.X开发，具有很强的可扩展性，并且完全开放源代码。DedeBIZ商业支持采用现流行的Go语言设计开发，让DedeCMS系统拥有简单易用、灵活扩展特性之外更安全、高效。模板设计制作简单一直是系统的一大特点，全新的版本延续了之前标签引擎，同时采用响应式模板引擎Bootstrap作为系统模板渲染引擎，让搭建跨终端（移动、PC）全媒体站点更简单。
 国内流行的内容管理系统（CMS）多端全媒体解决方案，DedeBIZ系统基于PHP7.X开发，具有很强的可扩展性，并且完全开放源代码。DedeBIZ商业支持采用现流行的Go语言设计开发，让DedeCMS系统拥有简单易用、灵活扩展特性之外更安全、高效。模板设计制作简单一直是系统的一大特点，全新的版本延续了之前标签引擎，同时采用响应式模板引擎Bootstrap作为系统模板渲染引擎，让搭建跨终端（移动、PC）全媒体站点更简单。

 ## 版本说明

 DedeCMSV6.x是一个LTS版本，支持将到2022年10月截止，目前DedeCMSV6已经发布，可以[点击下载](https://www.dedebiz.com/download)获取。
 DedeBIZ.x是一个LTS版本，支持将到2022年10月截止，目前DedeBIZ已经发布，可以[点击下载](https://www.dedebiz.com/download)获取。

 ## 参与开源

@@ -14,7 +14,7 @@ DedeCMSV6.x是一个LTS版本，支持将到2022年10月截止，目前DedeCMSV6

 我们将会收集、整理新的功能需求制定新的Roadmap。

 [开发者](https://www.dedebiz.com/developer)可以到[工单管理](https://www.zhelixie.com/DedeBiz/DedeCMSV6/issues)中进行交流反馈。
 [开发者](https://www.dedebiz.com/developer)可以到[工单管理](https://www.zhelixie.com/DedeBiz/DedeBIZ/issues)中进行交流反馈。

 普通用户可以通过微信公众号或者邮件的方式进行反馈，详见本页底部资源。

@@ -95,8 +95,8 @@ NAME:
 USAGE:
 	php ./dedebiz command [arguments...]
 COMMANDS:
 	serv,s Run cli web server for DedeCMSV6
 	make,m Make DedeCMSV6 HTML
 	serv,s Run cli web server for DedeBIZ
 	make,m Make DedeBIZ HTML
 	update,u Update to latest system
 	help,h Shows a list of commands or help
 	quick,q Quick start a development environment
@@ -112,13 +112,13 @@ WEBSITE:

 ## 版权信息

 详细参考：[DedeCMSV6站点授权协议](https://www.dedebiz.com/license)
 详细参考：[DedeBIZ站点授权协议](https://www.dedebiz.com/license)

 我们对DedeCMSV6系统授权的态度是“鼓励但不强制”，购买授权是对知识产权的尊重，是对我们技术服务的认可。
 我们对DedeBIZ系统授权的态度是“鼓励但不强制”，购买授权是对知识产权的尊重，是对我们技术服务的认可。

 ## 相关资源

 - [DedeCMSV6](https://www.dedebiz.com)
 - [DedeBIZ](https://www.dedebiz.com)

 - [帮助中心](https://www.dedebiz.com/help)

--- a/dedebiz
+++ b/dedebiz
@@ -14,7 +14,7 @@ $workDir = dirname(__FILE__) . "/src";
 chdir($workDir);

 if (substr(php_sapi_name(), 0, 3) === 'cgi') {
 	die("DedeCMSV6:needs php-cli to run\n\n");
 	die("DedeBIZ:needs php-cli to run\n\n");
 }

 $helpStr = "
@@ -23,8 +23,8 @@ NAME:
 USAGE:
 	php ./dedebiz command [arguments...]
 COMMANDS:
 	serv,s Run cli web server for DedeCMSV6
 	make,m Make DedeCMSV6 HTML
 	serv,s Run cli web server for DedeBIZ
 	make,m Make DedeBIZ HTML
 	update,u Update to latest system
 	help,h Shows a list of commands or help
 	quick,q Quick start a development environment
@@ -75,9 +75,9 @@ if (count($argv) > 1 && ($argv[1] == "serv" || $argv[1] == "s")) {
 	// PHP5.4以下不支持内建服务器
 	// 用于开发调试
 	if (phpversion() < "5.4") {
 		die("DedeCMSV6:command web server not support\n\n");
 		die("DedeBIZ:command web server not support\n\n");
 	}
 	echo "Start Dev Server For DedeCMSV6\n\r";
 	echo "Start Dev Server For DedeBIZ\n\r";
 	echo "Open http://localhost:8088\n\r";
 	passthru(PHP_BINARY . ' -S localhost:8088 -t' . escapeshellarg('./'));
 } else if (count($argv) > 1 && ($argv[1] == "make" || $argv[1] == "m")) {
@@ -296,23 +296,23 @@ if (count($argv) > 1 && ($argv[1] == "serv" || $argv[1] == "s")) {
 } else if (count($argv) > 1 && ($argv[1] == "quick" || $argv[1] == "q")){
 	define("DEDEINC", $workDir."/include");
 	require_once(DEDEINC . "/cli.class.php");
 	// 快速开始一个用于开发的DedeCMSV6环境，基于SQLite无其他依赖
 	if (file_exists($workDir."/data/dedecmsv6.db")) {
 	// 快速开始一个用于开发的DedeBIZ环境，基于SQLite无其他依赖
 	if (file_exists($workDir."/data/DedeBIZ.db")) {
 		DedeCli::write("development environment has inited");
 		echo "Start Dev Server For DedeCMSV6\n\r";
 		echo "Start Dev Server For DedeBIZ\n\r";
 		echo "Open http://localhost:8088\n\r";
 		passthru(PHP_BINARY . ' -S localhost:8088 -t' . escapeshellarg('./'));
 		exit;
 	}
 	// 初始化安装一个开发环境
 	$db = new SQLite3($workDir.'/data/dedecmsv6.db');
 	$db = new SQLite3($workDir.'/data/DedeBIZ.db');
 	$fp = fopen($workDir."/install/common.inc.php","r");
    $configStr1 = fread($fp,filesize($workDir."/install/common.inc.php"));
    fclose($fp);
    @chmod($workDir."/data",0777);
    $dbtype = "sqlite";
    $dbhost = "";
    $dbname = "dedecmsv6";
    $dbname = "DedeBIZ";
    $dbuser = "";
    $dbpwd = "";
    $dbprefix = "dede_";
@@ -334,7 +334,7 @@ if (count($argv) > 1 && ($argv[1] == "serv" || $argv[1] == "s")) {
    $baseurl = "http://127.0.0.1:8088";
    $indexUrl = "/";
    $cmspath = "";
    $webname = "DedeCMSV6本地测试开发站点";
    $webname = "DedeBIZ本地测试开发站点";
    $adminmail = "admin@dedebiz.com";

    $fp = fopen($workDir."/install/config.cache.inc.php","r");
@@ -459,9 +459,9 @@ if (count($argv) > 1 && ($argv[1] == "serv" || $argv[1] == "s")) {
                Values('1','10','0','{$adminuser}的空间','','person','',''); ";
    $db->exec($adminquery);
 	if (phpversion() < "5.4") {
 		die("DedeCMSV6:command web server not support\n\n");
 		die("DedeBIZ:command web server not support\n\n");
 	}
 	echo "Start Dev Server For DedeCMSV6\n\r";
 	echo "Start Dev Server For DedeBIZ\n\r";
 	echo "Open http://localhost:8088\n\r";
 	passthru(PHP_BINARY . ' -S localhost:8088 -t' . escapeshellarg('./'));
 	exit;
--- a/docs/changelog.md
+++ b/docs/changelog.md
@@ -1,6 +1,12 @@
 # 更新记录
 通过访问 https://www.dedebiz.com/git 获取完整更新记录

 ## v6.0.4
 - 兼容PHP8+；
 - 修正已知存在的安全问题；
 - 优化系统管理后台界面；
 - 修正sqlite3下的错误；

 ## v6.0.0
 - 调整DedeCMS目录结构，将原有include中外部访问的内容迁移出去；
 - 修正已知存在的安全问题；
--- a/src/a/.dede
+++ b/src/a/.dede
@@ -1 +0,0 @@
 dedecms
--- a/src/data/admin/config_update.php
+++ b/src/data/admin/config_update.php
@@ -3,7 +3,7 @@
 /**
 * @version        $Id: config_update.php 1 11:36 2011-2-21 tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
--- a/src/data/safequestions.php
+++ b/src/data/safequestions.php
@@ -6,13 +6,13 @@ $safequestions[0] = '没安全提示问题';
 //下面的设置可以手工修改
 //start****************************

 $safequestions[1] = '你最喜欢的格言什么？';
 $safequestions[2] = '你家乡的名称是什么？';
 $safequestions[3] = '你读的小学叫什么？';
 $safequestions[4] = '你的父亲叫什么名字？';
 $safequestions[5] = '你的母亲叫什么名字？';
 $safequestions[6] = '你最喜欢的偶像是谁？';
 $safequestions[7] = '你最喜欢的歌曲是什么？';
 $safequestions[1] = '您最喜欢的格言什么？';
 $safequestions[2] = '您家乡的名称是什么？';
 $safequestions[3] = '您读的小学叫什么？';
 $safequestions[4] = '您的父亲叫什么名字？';
 $safequestions[5] = '您的母亲叫什么名字？';
 $safequestions[6] = '您最喜欢的偶像是谁？';
 $safequestions[7] = '您最喜欢的歌曲是什么？';

 //end****************************

--- a/src/data/vote/vote_1.js
+++ b/src/data/vote/vote_1.js
@@ -1 +1 @@
 document.write("<table width='100%' border='0' cellspacing='1' cellpadding='1' id='voteitem'> <form name='voteform' method='post' action='\/plus\/vote.php' target='_blank'> <input type='hidden' name='dopost' value='send' \/> <input type='hidden' name='aid' value='1' \/> <input type='hidden' name='ismore' value='0' \/> <tr align='center'><td height='30' id='votetitle' style='border-bottom:1px dashed #999999;color:#3F7652' ><strong>你是从哪儿得知本站的？<\/strong><\/td><\/tr> <tr><td height=30 bgcolor=#FFFFFF style='color:#666666'><input type='radio' name='voteitem' value='1' \/>朋友介绍<\/td><\/tr> <tr><td height=30 bgcolor=#FFFFFF style='color:#666666'><input type='radio' name='voteitem' value='2' \/>门户网站的搜索引擎<\/td><\/tr> <tr><td height=30 bgcolor=#FFFFFF style='color:#666666'><input type='radio' name='voteitem' value='3' \/>Google或百度搜索<\/td><\/tr> <tr><td height=30 bgcolor=#FFFFFF style='color:#666666'><input type='radio' name='voteitem' value='4' \/>别的网站上的链接<\/td><\/tr> <tr><td height=30 bgcolor=#FFFFFF style='color:#666666'><input type='radio' name='voteitem' value='5' \/>其它途径<\/td><\/tr> <tr><td height='30'> <input type='submit' class='btn-1' name='vbt1' value='投票' \/> <input type='button' class='btn-1' name='vbt2' value='查看结果' onClick=window.open('\/plus\/vote.php?dopost=view&aid=1'); \/><\/td><\/tr> <\/form> <\/table> ");
 document.write("<table width='100%' border='0' cellspacing='1' cellpadding='1' id='voteitem'> <form name='voteform' method='post' action='\/plus\/vote.php' target='_blank'> <input type='hidden' name='dopost' value='send' \/> <input type='hidden' name='aid' value='1' \/> <input type='hidden' name='ismore' value='0' \/> <tr align='center'><td height='30' id='votetitle' style='border-bottom:1px dashed #999999;color:#3F7652' ><strong>您是从哪儿得知本站的？<\/strong><\/td><\/tr> <tr><td height=30 bgcolor=#FFFFFF style='color:#666666'><input type='radio' name='voteitem' value='1' \/>朋友介绍<\/td><\/tr> <tr><td height=30 bgcolor=#FFFFFF style='color:#666666'><input type='radio' name='voteitem' value='2' \/>门户网站的搜索引擎<\/td><\/tr> <tr><td height=30 bgcolor=#FFFFFF style='color:#666666'><input type='radio' name='voteitem' value='3' \/>Google或百度搜索<\/td><\/tr> <tr><td height=30 bgcolor=#FFFFFF style='color:#666666'><input type='radio' name='voteitem' value='4' \/>别的网站上的链接<\/td><\/tr> <tr><td height=30 bgcolor=#FFFFFF style='color:#666666'><input type='radio' name='voteitem' value='5' \/>其它途径<\/td><\/tr> <tr><td height='30'> <input type='submit' class='btn-1' name='vbt1' value='投票' \/> <input type='button' class='btn-1' name='vbt2' value='查看结果' onClick=window.open('\/plus\/vote.php?dopost=view&aid=1'); \/><\/td><\/tr> <\/form> <\/table> ");
--- a/src/dede/action_search.php
+++ b/src/dede/action_search.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: action_search.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__) . "/actionsearch_class.php");
 require_once(dirname(__FILE__)."/config.php");
 require_once(dirname(__FILE__)."/actionsearch_class.php");

 //增加权限检查
 if (empty($dopost)) $dopost = "";
--- a/src/dede/actionsearch_class.php
+++ b/src/dede/actionsearch_class.php
@@ -3,7 +3,7 @@
 /**
 * @version        $Id: actionsearch_class.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
@@ -27,7 +27,7 @@ class ActionSearch

    function GetSearchstr()
    {
        require_once(dirname(__FILE__) . "/inc/inc_action_info.php");
        require_once(dirname(__FILE__)."/inc/inc_action_info.php");
        return is_array($actionSearch) ? $actionSearch : array();
    }

@@ -80,11 +80,11 @@ class ActionSearch
            foreach ($text as $key => $value) {
                if ($key == 'title' || $key == 'description') {
                    //仅对title,description进行数组替换
                    $text[$key] = str_replace($this->keyword, '<font color="red">' . $this->keyword . '</font>', $text[$key]);
                    $text[$key] = str_replace($this->keyword, '<font color="red">'.$this->keyword.'</font>', $text[$key]);
                }
            }
        } else {
            $text = str_replace($this->keyword, '<font color="red">' . $this->keyword . '</font>', $text);
            $text = str_replace($this->keyword, '<font color="red">'.$this->keyword.'</font>', $text);
        }
        return $text;
    }
--- a/src/dede/ad_add.php
+++ b/src/dede/ad_add.php
@@ -5,14 +5,14 @@
 *
 * @version        $Id: ad_add.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */

 require(dirname(__FILE__) . "/config.php");
 require(dirname(__FILE__)."/config.php");
 CheckPurview('plus_广告管理');
 require_once DEDEINC . "/typelink.class.php";
 require_once DEDEINC."/typelink.class.php";
 if (empty($dopost)) $dopost = "";

 if ($dopost == "save") {
@@ -21,7 +21,7 @@ if ($dopost == "save") {
    $tagname = trim($tagname);
    $row = $dsql->GetOne("SELECT typeid FROM #@__myad WHERE typeid='$typeid' AND tagname LIKE '$tagname'");
    if (is_array($row)) {
        ShowMsg("在相同栏目下已经存在同名的标记！", "-1");
        ShowMsg("在相同栏目下已经存在同名的标记", "-1");
        exit();
    }
    $starttime = GetMkTime($starttime);
@@ -62,7 +62,7 @@ if ($dopost == "save") {
     VALUES('$clsid','$typeid','$tagname','$adname','$timeset','$starttime','$endtime','$normbody','$expbody');
    ";
    $dsql->ExecuteNoneQuery($query);
    ShowMsg("成功增加一个广告！", "ad_main.php");
    ShowMsg("成功增加一个广告", "ad_main.php");
    exit();
 }
 $dsql->Execute('dd', 'SELECT * FROM `#@__myadtype` ORDER BY id DESC');
--- a/src/dede/ad_edit.php
+++ b/src/dede/ad_edit.php
@@ -5,34 +5,34 @@
 *
 * @version        $Id: ad_edit.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require(dirname(__FILE__) . "/config.php");
 require(dirname(__FILE__)."/config.php");
 CheckPurview('plus_广告管理');
 require_once(DEDEINC . '/typelink.class.php');
 require_once(DEDEINC.'/typelink.class.php');
 if (empty($dopost)) $dopost = '';
 $aid = preg_replace("#[^0-9]#", '', $aid);
 $ENV_GOBACK_URL = empty($_COOKIE['ENV_GOBACK_URL']) ? "ad_main.php" : $_COOKIE['ENV_GOBACK_URL'];

 if ($dopost == 'delete') {
    $dsql->ExecuteNoneQuery("DELETE FROM `#@__myad` WHERE aid='$aid' ");
    ShowMsg("成功删除一则广告代码！", $ENV_GOBACK_URL);
    ShowMsg("成功删除一则广告代码", $ENV_GOBACK_URL);
    exit();
 } else if ($dopost == "gettag") {
    require_once(DEDEINC . '/oxwindow.class.php');
    require_once(DEDEINC.'/oxwindow.class.php');
    $jscode = "<script src='{$cfg_phpurl}/ad_js.php?aid=$aid' language='javascript'></script>";
    $showhtml = "<xmp style='color:#333333;background-color:#ffffff'>\r\n\r\n$jscode\r\n\r\n</xmp>";
    $showhtml .= "预览：<iframe name='testfrm' frameborder='0' src='ad_edit.php?aid={$aid}&dopost=testjs' id='testfrm' width='100%' height='200'></iframe>";
    $row = $dsql->GetOne("SELECT tagname from `#@__myad` WHERE aid='$aid' ");

    $showtag = '{' . "dede:myad name='{$row['tagname']}'/" . '}';
    $showtag = '{'."dede:myad name='{$row['tagname']}'/".'}';
    $info = "<b>说明：</b>如果嵌入的是织梦CMS广告标签，那么将会解析成标签中的内容到页面，广告更改后需要重新生成。<br />
    如果不希望重新生成所有页面，则直接调用JS代码即可。
    ";
    $wintitle = "广告管理-获取广告标签";
    $wecome_info = "<a href='ad_main.php'><u>广告管理</u></a>::获取JS";
    $wecome_info = "<a href='ad_main.php'>广告管理</a>::获取JS";
    $win = new OxWindow();
    $win->Init();
    $winform = $win->GetWindow("hand", $info);
@@ -63,7 +63,7 @@ if ($dopost == 'delete') {
     WHERE aid='$aid'
     ";
    $dsql->ExecuteNoneQuery($query);
    ShowMsg("成功更改一则广告代码！", $ENV_GOBACK_URL);
    ShowMsg("成功更改一则广告代码", $ENV_GOBACK_URL);
    exit();
 }

--- a/src/dede/ad_main.php
+++ b/src/dede/ad_main.php
@@ -5,13 +5,13 @@
 *
 * @version        $Id: ad_main.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(DEDEINC . '/datalistcp.class.php');
 require_once(DEDEINC . '/common.func.php');
 require_once(dirname(__FILE__).'/config.php');
 require_once(DEDEINC.'/datalistcp.class.php');
 require_once(DEDEINC.'/common.func.php');
 setcookie('ENV_GOBACK_URL', $dedeNowurl, time() + 3600, '/');

 $clsid = isset($clsid) ? intval($clsid) : 0;
@@ -37,7 +37,7 @@ LEFT JOIN `#@__myadtype` ap on ap.id=ad.clsid
 WHERE $where_sql
 ORDER BY ad.aid desc";
 $dlist = new DataListCP();
 $dlist->SetTemplet(DEDEADMIN . "/templets/ad_main.htm");
 $dlist->SetTemplet(DEDEADMIN."/templets/ad_main.htm");
 $dlist->SetSource($sql);
 $dlist->display();

--- a/src/dede/adtype_main.php
+++ b/src/dede/adtype_main.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: friendlink_type.php 1 8:48 2010年7月13日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 if (empty($dopost)) $dopost = '';

 //保存更改
@@ -18,9 +18,9 @@ if ($dopost == "save") {
    $endID = $idend;
    for (; $startID <= $endID; $startID++) {
        $query = '';
        $tid = ${'ID_' . $startID};
        $pname =   ${'pname_' . $startID};
        if (isset(${'check_' . $startID})) {
        $tid = ${'ID_'.$startID};
        $pname =   ${'pname_'.$startID};
        if (isset(${'check_'.$startID})) {
            if ($pname != '') {
                $query = "UPDATE `#@__myadtypee` SET typename='$pname' WHERE id='$tid' ";
                $dsql->ExecuteNoneQuery($query);
@@ -36,7 +36,7 @@ if ($dopost == "save") {
        $dsql->ExecuteNoneQuery($query);
    }
    header("Content-Type: text/html; charset={$cfg_soft_lang}");
    ShowMsg("成功更新广告分类列表！", 'adtype_main.php');
    ShowMsg("成功更新广告分类列表", 'adtype_main.php');
    exit;
 }

--- a/src/dede/album_add.php
+++ b/src/dede/album_add.php
@@ -1,24 +1,21 @@
 <?php

 /**
 * 图集发布
 *
 * @version        $Id: album_add.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('a_New,a_AccNew');
 require_once(DEDEINC . "/customfields.func.php");
 require_once(DEDEADMIN . "/inc/inc_archives_functions.php");

 require_once(DEDEINC."/customfields.func.php");
 require_once(DEDEADMIN."/inc/inc_archives_functions.php");
 if (empty($dopost)) $dopost = '';

 if ($dopost != 'save') {
    require_once(DEDEINC . "/dedetag.class.php");
    require_once(DEDEADMIN . "/inc/inc_catalog_options.php");
    require_once(DEDEINC."/dedetag.class.php");
    require_once(DEDEADMIN."/inc/inc_catalog_options.php");
    ClearMyAddon();
    $channelid = empty($channelid) ? 0 : intval($channelid);
    $cid = empty($cid) ? 0 : intval($cid);
@@ -30,11 +27,9 @@ if ($dopost != 'save') {
    } else {
        if ($channelid == 0) $channelid = 2;
    }

    //获得频道模型信息
    $cInfos = $dsql->GetOne(" SELECT * FROM  `#@__channeltype` WHERE id='$channelid' ");
    $channelid = $cInfos['id'];

    //获取文章最大id以确定当前权重
    $maxWright = $dsql->GetOne("SELECT COUNT(*) AS cc FROM #@__archives");
    include DedeInclude("templets/album_add.htm");
@@ -42,14 +37,13 @@ if ($dopost != 'save') {
 }
 /*--------------------------------
 function __save(){  }
 -------------------------------*/ else if ($dopost == 'save') {
    require_once(DEDEINC . '/image.func.php');
    require_once(DEDEINC . '/oxwindow.class.php');

 -------------------------------*/
 else if ($dopost == 'save') {
    require_once(DEDEINC.'/image.func.php');
    require_once(DEDEINC.'/oxwindow.class.php');
    $flag = isset($flags) ? join(',', $flags) : '';
    $notpost = isset($notpost) && $notpost == 1 ? 1 : 0;
    if (empty($click)) $click = ($cfg_arc_click == '-1' ? mt_rand(50, 200) : $cfg_arc_click);

    if (!isset($typeid2)) $typeid2 = 0;
    if (!isset($autokey)) $autokey = 0;
    if (!isset($remote)) $remote = 0;
@@ -61,23 +55,21 @@ function __save(){  }
    if (!isset($albums)) $albums = "";
    if (!isset($delzip)) $delzip = 0;
    if (empty($click)) $click = ($cfg_arc_click == '-1' ? mt_rand(50, 200) : $cfg_arc_click);

    if ($typeid == 0) {
        ShowMsg("请指定文档的栏目！", "-1");
        ShowMsg("请指定文档的栏目", "-1");
        exit();
    }
    if (empty($channelid)) {
        ShowMsg("文档为非指定的类型，请检查你发布内容的表单是否合法！", "-1");
        ShowMsg("文档为非指定的类型，请检查您发布内容的表单是否合法", "-1");
        exit();
    }
    if (!CheckChannel($typeid, $channelid)) {
        ShowMsg("你所选择的栏目与当前模型不相符，请选择白色的选项！", "-1");
        ShowMsg("您所选择的栏目与当前模型不相符，请选择白色的选项", "-1");
        exit();
    }
    if (!TestPurview('a_New')) {
        CheckCatalog($typeid, "对不起，你没有操作栏目 {$typeid} 的权限！");
        CheckCatalog($typeid, "对不起，您没有操作栏目 {$typeid} 的权限");
    }

    //对保存的内容进行处理
    if (empty($writer)) $writer = $cuserLogin->getUserName();
    if (empty($source)) $source = '未知';
@@ -101,37 +93,30 @@ function __save(){  }
        $arcrank = -1;
    }
    $adminid = $cuserLogin->getUserID();

    //处理上传的缩略图
    if (empty($ddisremote)) $ddisremote = 0;
    $litpic = GetDDImage('none', $picname, $ddisremote);

    // 处理新的缩略图上传
    if ($litpic_b64 != "") {
        $data = explode(',', $litpic_b64);
        $ntime = time();
        $savepath = $ddcfg_image_dir . '/' . MyDate($cfg_addon_savetype, $ntime);
        $savepath = $ddcfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime);
        CreateDir($savepath);
        $fullUrl = $savepath . '/' . dd2char(MyDate('mdHis', $ntime) . $cuserLogin->getUserID() . mt_rand(1000, 9999));
        $fullUrl = $fullUrl . ".png";

        file_put_contents($cfg_basedir . $fullUrl, base64_decode($data[1]));

        // 加水印
        WaterImg($cfg_basedir . $fullUrl, 'up');
        $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999));
        $fullUrl = $fullUrl.".png";
        file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1]));
        //加水印
        WaterImg($cfg_basedir.$fullUrl, 'up');
        $litpic = $fullUrl;
    }

    //生成文档ID
    $arcID = GetIndexKey($arcrank, $typeid, $sortrank, $channelid, $senddate, $adminid);
    if (empty($arcID)) {
        ShowMsg("无法获得主键，因此无法进行后续操作！", "-1");
        ShowMsg("无法获得主键，因此无法进行后续操作", "-1");
        exit();
    }

    $imgurls = "{dede:pagestyle maxwidth='$maxwidth' pagepicnum='$pagepicnum' ddmaxwidth='$ddmaxwidth' row='$row' col='$col' value='$pagestyle'/}\r\n";
    $hasone = FALSE;

    //处理并保存从网上复制的图片
    /*---------------------
    function _getformhtml()
@@ -149,10 +134,10 @@ function __save(){  }
    处理从ZIP中解压的图片
    ---------------------*/
    if ($formzip == 1) {
        include_once(DEDEINC . "/zip.class.php");
        include_once(DEDEADMIN . "/file_class.php");
        $zipfile = $cfg_basedir . str_replace($cfg_mainsite, '', $zipfile);
        $tmpzipdir = DEDEDATA . '/ziptmp/' . cn_substr(md5(ExecTime()), 16);
        include_once(DEDEINC."/zip.class.php");
        include_once(DEDEADMIN."/file_class.php");
        $zipfile = $cfg_basedir.str_replace($cfg_mainsite, '', $zipfile);
        $tmpzipdir = DEDEDATA.'/ziptmp/'.cn_substr(md5(ExecTime()), 16);
        $ntime = time();
        if (file_exists($zipfile)) {
            @mkdir($tmpzipdir, $GLOBALS['cfg_dir_purview']);
@@ -165,14 +150,13 @@ function __save(){  }
            $i = 0;
            foreach ($imgs as $imgold) {
                $i++;
                $savepath = $cfg_image_dir . "/" . MyDate("Y-m", $ntime);
                $savepath = $cfg_image_dir."/".MyDate("Y-m", $ntime);
                CreateDir($savepath);
                $iurl = $savepath . "/" . MyDate("d", $ntime) . dd2char(MyDate("His", $ntime) . '-' . $adminid . "-{$i}" . mt_rand(1000, 9999));
                $iurl = $iurl . substr($imgold, -4, 4);
                $imgfile = $cfg_basedir . $iurl;
                $iurl = $savepath."/".MyDate("d", $ntime).dd2char(MyDate("His", $ntime).'-'.$adminid."-{$i}".mt_rand(1000, 9999));
                $iurl = $iurl.substr($imgold, -4, 4);
                $imgfile = $cfg_basedir.$iurl;
                copy($imgold, $imgfile);
                unlink($imgold);

                if (is_file($imgfile)) {
                    $litpicname = $pagestyle > 2 ? GetImageMapDD($iurl, $cfg_ddimg_width) : $iurl;
                    //指定了提取第一张为缩略图的情况强制使用第一张缩略图
@@ -183,19 +167,15 @@ function __save(){  }
                    }
                    $info = '';
                    $imginfos = GetImageSize($imgfile, $info);
                    $imgurls .= "{dede:img ddimg='$litpicname' text='' width='" . $imginfos[0] . "' height='" . $imginfos[1] . "'} $iurl {/dede:img}\r\n";

                    $imgurls .= "{dede:img ddimg='$litpicname' text='' width='".$imginfos[0]."' height='".$imginfos[1]."'} $iurl {/dede:img}\r\n";
                    //把图片信息保存到媒体文档管理档案中
                    $inquery = "
                   INSERT INTO #@__uploads(title,url,mediatype,width,height,playtime,filesize,uptime,mid)
                    VALUES ('{$title}','{$iurl}','1','" . $imginfos[0] . "','" . $imginfos[1] . "','0','" . filesize($imgfile) . "','" . $ntime . "','$adminid');
                 ";
                    VALUES ('{$title}','{$iurl}','1','".$imginfos[0]."','".$imginfos[1]."','0','".filesize($imgfile)."','".$ntime."','$adminid');";
                    $dsql->ExecuteNoneQuery($inquery);
                    $fid = $dsql->GetLastID();
                    AddMyAddon($fid, $iurl);

                    WaterImg($imgfile, 'up');

                    if (!$hasone && $ddisfirst == 1 && $litpic == '') {
                        if (empty($litpicname)) {
                            $litpicname = $iurl;
@@ -210,36 +190,30 @@ function __save(){  }
            $fm->RmDirFiles($tmpzipdir);
        }
    }

    if ($albums !== "") {
        $albumsArr  = json_decode(stripslashes($albums), true);

        for ($i = 0; $i <= count($albumsArr) - 1; $i++) {
            $album = $albumsArr[$i];
            $data = explode(',', $album['img']);
            $ntime = time();
            $savepath = $ddcfg_image_dir . '/' . MyDate($cfg_addon_savetype, $ntime);
            $savepath = $ddcfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime);
            CreateDir($savepath);
            $fullUrl = $savepath . '/' . dd2char(MyDate('mdHis', $ntime) . $cuserLogin->getUserID() . mt_rand(1000, 9999));
            $fullUrl = $fullUrl . ".png";

            file_put_contents($cfg_basedir . $fullUrl, base64_decode($data[1]));
            $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999));
            $fullUrl = $fullUrl.".png";
            file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1]));
            $info = '';
            $imginfos = GetImageSize($cfg_basedir . $fullUrl, $info);
            $imginfos = GetImageSize($cfg_basedir.$fullUrl, $info);
            $v = $fullUrl;
            $imginfo =  !empty($album['txt']) ? $album['txt'] : '';
            $imgurls .= "{dede:img ddimg='$v' text='$imginfo' width='" . $imginfos[0] . "' height='" . $imginfos[1] . "'} $v {/dede:img}\r\n";
            $imgurls .= "{dede:img ddimg='$v' text='$imginfo' width='".$imginfos[0]."' height='".$imginfos[1]."'} $v {/dede:img}\r\n";
            if ($ddisfirst == 1 && $litpic == '' && !empty($fullUrl)) {
                $litpic = $fullUrl;
            }
        }
    }

    $imgurls = addslashes($imgurls);

    //处理body字段自动摘要、自动提取缩略图等
    $body = AnalyseHtmlBody($body, $description, $litpic, $keywords, 'htmltext');

    //分析处理附加表数据
    $inadd_f = '';
    $inadd_v = '';
@@ -264,20 +238,18 @@ function __save(){  }
                    }
                    ${$vs[0]} = GetFieldValueA(${$vs[0]}, $vs[1], $arcID);
                }
                $inadd_f .= ',' . $vs[0];
                $inadd_v .= " ,'" . ${$vs[0]} . "' ";
                $inadd_f .= ','.$vs[0];
                $inadd_v .= " ,'".${$vs[0]}."' ";
            }
        }
    }

    //处理图片文档的自定义属性
    if ($litpic != '' && !preg_match("#p#", $flag)) {
        $flag = ($flag == '' ? 'p' : $flag . ',p');
        $flag = ($flag == '' ? 'p' : $flag.',p');
    }
    if ($redirecturl != '' && !preg_match("#j#", $flag)) {
        $flag = ($flag == '' ? 'j' : $flag . ',j');
        $flag = ($flag == '' ? 'j' : $flag.',j');
    }

    //跳转网址的文档强制为动态
    if (preg_match("#j#", $flag)) $ismake = -1;
    //加入主档案表
@@ -288,17 +260,16 @@ function __save(){  }
    if (!$dsql->ExecuteNoneQuery($query)) {
        $gerr = $dsql->GetError();
        $dsql->ExecuteNoneQuery(" DELETE FROM `#@__arctiny` WHERE id='$arcID' ");
        ShowMsg("把数据保存到数据库主表 `#@__archives` 时出错，请把相关信息提交给DedeCMS官方。" . str_replace('"', '', $gerr), "javascript:;");
        ShowMsg("把数据保存到数据库主表 `#@__archives` 时出错，请把相关信息提交给DedeBIZ官方".str_replace('"', '', $gerr), "javascript:;");
        exit();
    }

    //加入附加表
    $cts = $dsql->GetOne("SELECT addtable FROM `#@__channeltype` WHERE id='$channelid' ");
    $addtable = trim($cts['addtable']);
    if (empty($addtable)) {
        $dsql->ExecuteNoneQuery("DELETE FROM `#@__archives` WHERE id='$arcID'");
        $dsql->ExecuteNoneQuery("DELETE FROM `#@__arctiny` WHERE id='$arcID'");
        ShowMsg("没找到当前模型[{$channelid}]的主表信息，无法完成操作！。", "javascript:;");
        ShowMsg("没找到当前模型[{$channelid}]的主表信息，无法完成操作。", "javascript:;");
        exit();
    }
    $useip = GetIP();
@@ -308,19 +279,17 @@ function __save(){  }
        $gerr = $dsql->GetError();
        $dsql->ExecuteNoneQuery("DELETE FROM `#@__archives` WHERE id='$arcID'");
        $dsql->ExecuteNoneQuery("DELETE FROM `#@__arctiny` WHERE id='$arcID'");
        ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错，请把相关信息提交给DedeCMS官方。" . str_replace('"', '', $gerr), "javascript:;");
        ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错，请把相关信息提交给DedeBIZ官方".str_replace('"', '', $gerr), "javascript:;");
        exit();
    }

    //生成HTML
    InsertTags($tags, $arcID);
    $artUrl = MakeArt($arcID, TRUE, TRUE, $isremote);
    if ($artUrl == '') {
        $artUrl = $cfg_phpurl . "/view.php?aid=$arcID";
        $artUrl = $cfg_phpurl."/view.php?aid=$arcID";
    }
    ClearMyAddon($arcID, $title);

    // 自动更新关联内容
    //自动更新关联内容
    if (is_array($automake)) {
        foreach ($automake as $key => $value) {
            if (isset(${$key}) && !empty(${$key})) {
@@ -331,27 +300,15 @@ function __save(){  }
            }
        }
    }

    //返回成功信息
    $msg = "
    　　请选择你的后续操作：
    <a href='album_add.php?cid=$typeid' class='btn btn-success btn-sm'>继续发布图片</a>
    &nbsp;&nbsp;
    <a href='archives_do.php?aid=" . $arcID . "&dopost=editArchives' class='btn btn-success btn-sm'>更改图集</a>
    &nbsp;&nbsp;
    <a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>预览文档</a>
    &nbsp;&nbsp;
    <a href='catalog_do.php?cid=$typeid&dopost=listArchives' class='btn btn-success btn-sm'>已发布图片管理</a>
    &nbsp;&nbsp;
    $backurl
   ";
    $msg = "<div style=\"line-height:36px;height:36px\">{$msg}</div>" . GetUpdateTest();
    $msg = "请选择您的后续操作：<a href='album_add.php?cid=$typeid' class='btn btn-success btn-sm'>继续发布图片</a>&nbsp;&nbsp;<a href='archives_do.php?aid=".$arcID."&dopost=editArchives' class='btn btn-success btn-sm'>更改图集</a>&nbsp;&nbsp;<a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>预览文档</a>&nbsp;&nbsp;<a href='catalog_do.php?cid=$typeid&dopost=listArchives' class='btn btn-success btn-sm'>已发布图片管理</a>&nbsp;&nbsp;$backurl";
    $msg = "<div style=\"line-height:36px;height:36px\">{$msg}</div>".GetUpdateTest();

    $wintitle = "成功发布一个图集！";
    $wintitle = "成功发布一个图集";
    $wecome_info = "文章管理::发布图集";
    $win = new OxWindow();
    $win->AddTitle("成功发布一个图集：");
    $win->AddMsgItem($msg);
    $winform = $win->GetWindow("hand", "&nbsp;", FALSE);
    $win->Display();
 }
 }
--- a/src/dede/album_edit.php
+++ b/src/dede/album_edit.php
@@ -1,27 +1,23 @@
 <?php

 /**
 * 图集编辑
 *
 * @version        $Id: album_edit.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('a_Edit,a_AccEdit,a_MyEdit');
 require_once(DEDEINC . "/customfields.func.php");
 require_once(DEDEADMIN . "/inc/inc_archives_functions.php");

 require_once(DEDEINC."/customfields.func.php");
 require_once(DEDEADMIN."/inc/inc_archives_functions.php");
 if (empty($dopost)) $dopost = '';

 if ($dopost != 'save') {
    require_once(DEDEADMIN . "/inc/inc_catalog_options.php");
    require_once(DEDEINC . "/dedetag.class.php");
    require_once(DEDEADMIN."/inc/inc_catalog_options.php");
    require_once(DEDEINC."/dedetag.class.php");
    ClearMyAddon();
    $aid = intval($aid);

    //读取归档信息
    $arcQuery = "SELECT ch.typename as channelname,ar.membername as rankname,arc.*
    FROM `#@__archives` arc
@@ -32,7 +28,7 @@ if ($dopost != 'save') {
        ShowMsg("读取档案基本信息出错!", "-1");
        exit();
    }
    $query = "SELECT * FROM `#@__channeltype` WHERE id='" . $arcRow['channel'] . "'";
    $query = "SELECT * FROM `#@__channeltype` WHERE id='".$arcRow['channel']."'";
    $cInfos = $dsql->GetOne($query);
    if (!is_array($cInfos)) {
        ShowMsg("读取频道配置信息出错!", "javascript:;");
@@ -58,10 +54,10 @@ if ($dopost != 'save') {
 }
 /*--------------------------------
 function __save(){  }
 -------------------------------*/ else if ($dopost == 'save') {
    require_once(DEDEINC . '/image.func.php');
    require_once(DEDEINC . '/oxwindow.class.php');

 -------------------------------*/
 else if ($dopost == 'save') {
    require_once(DEDEINC.'/image.func.php');
    require_once(DEDEINC.'/oxwindow.class.php');
    $flag = isset($flags) ? join(',', $flags) : '';
    $notpost = isset($notpost) && $notpost == 1 ? 1 : 0;
    if (empty($typeid2)) $typeid2 = 0;
@@ -74,27 +70,25 @@ function __save(){  }
    if (!isset($formzip)) $formzip = 0;
    if (!isset($ddisfirst)) $ddisfirst = 0;
    if (!isset($delzip)) $delzip = 0;

    if ($typeid == 0) {
        ShowMsg("请指定文档的栏目！", "-1");
        ShowMsg("请指定文档的栏目", "-1");
        exit();
    }
    if (empty($channelid)) {
        ShowMsg("文档为非指定的类型，请检查你发布内容的表单是否合法！", "-1");
        ShowMsg("文档为非指定的类型，请检查您发布内容的表单是否合法", "-1");
        exit();
    }
    if (!CheckChannel($typeid, $channelid)) {
        ShowMsg("你所选择的栏目与当前模型不相符，请选择白色的选项！", "-1");
        ShowMsg("您所选择的栏目与当前模型不相符，请选择白色的选项", "-1");
        exit();
    }
    if (!TestPurview('a_Edit')) {
        if (TestPurview('a_AccEdit')) {
            CheckCatalog($typeid, "对不起，你没有操作栏目 {$typeid} 的文档权限！");
            CheckCatalog($typeid, "对不起，您没有操作栏目 {$typeid} 的文档权限");
        } else {
            CheckArcAdmin($id, $cuserLogin->getUserID());
        }
    }

    //对保存的内容进行处理
    $pubdate = GetMkTime($pubdate);
    $sortrank = AddDay($pubdate, $sortup);
@@ -113,7 +107,6 @@ function __save(){  }
        $arcrank = -1;
    }
    $adminid = $cuserLogin->getUserID();

    //处理上传的缩略图
    if (empty($ddisremote)) {
        $ddisremote = 0;
@@ -123,32 +116,26 @@ function __save(){  }
    if ($litpic_b64 != "") {
        $data = explode(',', $litpic_b64);
        $ntime = time();
        $savepath = $ddcfg_image_dir . '/' . MyDate($cfg_addon_savetype, $ntime);
        $savepath = $ddcfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime);
        CreateDir($savepath);
        $fullUrl = $savepath . '/' . dd2char(MyDate('mdHis', $ntime) . $cuserLogin->getUserID() . mt_rand(1000, 9999));
        $fullUrl = $fullUrl . ".png";

        file_put_contents($cfg_basedir . $fullUrl, base64_decode($data[1]));

        // 加水印
        WaterImg($cfg_basedir . $fullUrl, 'up');
        $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999));
        $fullUrl = $fullUrl.".png";
        file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1]));
        //加水印
        WaterImg($cfg_basedir.$fullUrl, 'up');
        $litpic = $fullUrl;
    }

    //分析body里的内容
    $body = AnalyseHtmlBody($body, $description, $litpic, $keywords, 'htmltext');

    //处理图片文档的自定义属性
    if ($litpic != '' && !preg_match("#p#", $flag)) {
        $flag = ($flag == '' ? 'p' : $flag . ',p');
        $flag = ($flag == '' ? 'p' : $flag.',p');
    }
    if ($redirecturl != '' && !preg_match("#j#", $flag)) {
        $flag = ($flag == '' ? 'j' : $flag . ',j');
        $flag = ($flag == '' ? 'j' : $flag.',j');
    }

    //跳转网址的文档强制为动态
    if (preg_match("#j#", $flag)) $ismake = -1;

    //更新数据库的SQL语句
    $query = "
    UPDATE `#@__archives` SET
@@ -173,62 +160,58 @@ function __save(){  }
    filename='$filename',
    dutyadmin='$adminid'
    WHERE id='$id'; ";

    if (!$dsql->ExecuteNoneQuery($query)) {
        ShowMsg("更新数据库archives表时出错，请检查！" . $dsql->GetError(), "javascript:;");
        ShowMsg("更新数据库archives表时出错，请检查".$dsql->GetError(), "javascript:;");
        exit();
    }

    $imgurls = "{dede:pagestyle maxwidth='$maxwidth' pagepicnum='$pagepicnum' ddmaxwidth='$ddmaxwidth' row='$row' col='$col' value='$pagestyle'/}\r\n";
    $hasone = false;

    //----------------------------------------
    //检查旧的图片是否有更新，并保存
    //-----------------------------------------
    for ($i = 1; $i <= 120; $i++) {
        if (!isset(${'imgurl' . $i})) continue;
        if (!isset(${'imgurl'.$i})) continue;
        $info = '';
        $iinfo = str_replace("'", "`", stripslashes(${'imgmsg' . $i}));
        $iurl = stripslashes(${'imgurl' . $i});
        $ddurl = stripslashes(${'imgddurl' . $i});
        $iinfo = str_replace("'", "`", stripslashes(${'imgmsg'.$i}));
        $iurl = stripslashes(${'imgurl'.$i});
        $ddurl = stripslashes(${'imgddurl'.$i});
        if (preg_match("#swfupload#i", $ddurl)) $ddurl = '';
        $imgfile = $cfg_basedir . $iurl;
        $litimgfile = $cfg_basedir . $ddurl;
        $imgfile = $cfg_basedir.$iurl;
        $litimgfile = $cfg_basedir.$ddurl;
        //有上传文件的情况
        if (isset(${'imgfile' . $i}) && is_uploaded_file(${'imgfile' . $i})) {
            $tmpFile = ${'imgfile' . $i};
        if (isset(${'imgfile'.$i}) && is_uploaded_file(${'imgfile'.$i})) {
            $tmpFile = ${'imgfile'.$i};
            //检测上传的图片， 如果类型不对，保留原来图片
            $imginfos = @GetImageSize($tmpFile, $info);
            if (!is_array($imginfos)) {
                $imginfos = @GetImageSize($imgfile, $info);
                $imgurls .= "{dede:img ddimg='$ddurl' text='$iinfo' width='" . $imginfos[0] . "' height='" . $imginfos[1] . "'} $iurl {/dede:img}\r\n";
                $imgurls .= "{dede:img ddimg='$ddurl' text='$iinfo' width='".$imginfos[0]."' height='".$imginfos[1]."'} $iurl {/dede:img}\r\n";
                continue;
            }
            move_uploaded_file($tmpFile, $imgfile);
            $imginfos = @GetImageSize($imgfile, $info);
            if ($ddurl == $iurl) {
                $litpicname = $pagestyle > 2 ? GetImageMapDD($iurl, $cfg_ddimg_width) : $iurl;
                $litimgfile = $cfg_basedir . $litpicname;
                $litimgfile = $cfg_basedir.$litpicname;
            } else {
                if ($cfg_ddimg_full == 'Y') ImageResizeNew($imgfile, $cfg_ddimg_width, $cfg_ddimg_height, $litimgfile);
                else ImageResize($imgfile, $cfg_ddimg_width, $cfg_ddimg_height, $litimgfile);
                $litpicname = $ddurl;
            }
            $imgurls .= "{dede:img ddimg='$litpicname' text='$iinfo' width='" . $imginfos[0] . "' height='" . $imginfos[1] . "'} $iurl {/dede:img}\r\n";
            $imgurls .= "{dede:img ddimg='$litpicname' text='$iinfo' width='".$imginfos[0]."' height='".$imginfos[1]."'} $iurl {/dede:img}\r\n";
        }
        //没上传图片(只修改msg信息)
        else {
            $iinfo = str_replace("'", "`", stripslashes(${'imgmsg' . $i}));
            $iurl = stripslashes(${'imgurl' . $i});
            $ddurl = stripslashes(${'imgddurl' . $i});
            $iinfo = str_replace("'", "`", stripslashes(${'imgmsg'.$i}));
            $iurl = stripslashes(${'imgurl'.$i});
            $ddurl = stripslashes(${'imgddurl'.$i});
            if (preg_match("#swfupload#i", $ddurl)) {
                $ddurl = $pagestyle > 2 ? GetImageMapDD($iurl, $cfg_ddimg_width) : $iurl;
            }
            $imginfos = @GetImageSize($imgfile, $info);
            $imgurls .= "{dede:img ddimg='$ddurl' text='$iinfo' width='" . $imginfos[0] . "' height='" . $imginfos[1] . "'} $iurl {/dede:img}\r\n";
            $imgurls .= "{dede:img ddimg='$ddurl' text='$iinfo' width='".$imginfos[0]."' height='".$imginfos[1]."'} $iurl {/dede:img}\r\n";
        }
    }

    //----------------------------
    //从HTML中获取新图片
    //----------------------------
@@ -245,13 +228,12 @@ function __save(){  }
    从ZIP文件中获取新图片
    ---------------------*/
    if ($formzip == 1) {
        include_once(DEDEINC . "/zip.class.php");
        include_once(DEDEADMIN . "/file_class.php");
        $zipfile = $cfg_basedir . str_replace($cfg_mainsite, '', $zipfile);
        $tmpzipdir = DEDEDATA . '/ziptmp/' . cn_substr(md5(ExecTime()), 16);
        include_once(DEDEINC."/zip.class.php");
        include_once(DEDEADMIN."/file_class.php");
        $zipfile = $cfg_basedir.str_replace($cfg_mainsite, '', $zipfile);
        $tmpzipdir = DEDEDATA.'/ziptmp/'.cn_substr(md5(ExecTime()), 16);
        $ntime = time();
        if (file_exists($zipfile)) {

            @mkdir($tmpzipdir, $GLOBALS['cfg_dir_purview']);
            @chmod($tmpzipdir, $GLOBALS['cfg_dir_purview']);
            $z = new zip();
@@ -262,30 +244,28 @@ function __save(){  }
            $i = 0;
            foreach ($imgs as $imgold) {
                $i++;
                $savepath = $cfg_image_dir . "/" . MyDate("Y-m", $ntime);
                $savepath = $cfg_image_dir."/".MyDate("Y-m", $ntime);
                CreateDir($savepath);
                $iurl = $savepath . "/" . MyDate("d", $ntime) . dd2char(MyDate("His", $ntime) . '-' . $adminid . "-{$i}" . mt_rand(1000, 9999));
                $iurl = $iurl . substr($imgold, -4, 4);
                $imgfile = $cfg_basedir . $iurl;
                $iurl = $savepath."/".MyDate("d", $ntime).dd2char(MyDate("His", $ntime).'-'.$adminid."-{$i}".mt_rand(1000, 9999));
                $iurl = $iurl.substr($imgold, -4, 4);
                $imgfile = $cfg_basedir.$iurl;
                copy($imgold, $imgfile);
                unlink($imgold);
                if (is_file($imgfile)) {
                    $litpicname = $pagestyle > 2 ? GetImageMapDD($iurl, $cfg_ddimg_width) : $iurl;
                    $info = '';
                    $imginfos = GetImageSize($imgfile, $info);
                    $imgurls .= "{dede:img ddimg='$litpicname' text='' width='" . $imginfos[0] . "' height='" . $imginfos[1] . "'} $iurl {/dede:img}\r\n";

                    $imgurls .= "{dede:img ddimg='$litpicname' text='' width='".$imginfos[0]."' height='".$imginfos[1]."'} $iurl {/dede:img}\r\n";
                    //把图片信息保存到媒体文档管理档案中
                    $inquery = "
                   INSERT INTO #@__uploads(title,url,mediatype,width,height,playtime,filesize,uptime,mid)
                    VALUES ('{$title}','{$iurl}','1','" . $imginfos[0] . "','" . $imginfos[1] . "','0','" . filesize($imgfile) . "','" . $ntime . "','$adminid');
                 ";
                    VALUES ('{$title}','{$iurl}','1','".$imginfos[0]."','".$imginfos[1]."','0','".filesize($imgfile)."','".$ntime."','$adminid');";
                    $dsql->ExecuteNoneQuery($inquery);
                    if (
                        !$hasone && $ddisfirst == 1
                        && $litpic == "" && !empty($litpicname)
                    ) {
                        if (file_exists($cfg_basedir . $litpicname)) {
                        if (file_exists($cfg_basedir.$litpicname)) {
                            $litpic = $litpicname;
                            $hasone = true;
                        }
@@ -298,32 +278,26 @@ function __save(){  }
            $fm->RmDirFiles($tmpzipdir);
        }
    }

    if ($albums !== "") {
        $albumsArr  = json_decode(stripslashes($albums), true);

        // var_dump($albumsArr);exit;

        for ($i = 0; $i <= count($albumsArr) - 1; $i++) {
            $album = $albumsArr[$i];
            $data = explode(',', $album['img']);
            $ntime = time();
            $savepath = $ddcfg_image_dir . '/' . MyDate($cfg_addon_savetype, $ntime);
            $savepath = $ddcfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime);
            CreateDir($savepath);
            $fullUrl = $savepath . '/' . dd2char(MyDate('mdHis', $ntime) . $cuserLogin->getUserID() . mt_rand(1000, 9999));
            $fullUrl = $fullUrl . ".png";

            file_put_contents($cfg_basedir . $fullUrl, base64_decode($data[1]));
            $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999));
            $fullUrl = $fullUrl.".png";
            file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1]));
            $info = '';
            $imginfos = GetImageSize($cfg_basedir . $fullUrl, $info);
            $imginfos = GetImageSize($cfg_basedir.$fullUrl, $info);
            $v = $fullUrl;
            $imginfo =  !empty($album['txt']) ? $album['txt'] : '';
            $imgurls .= "{dede:img ddimg='$v' text='$imginfo' width='" . $imginfos[0] . "' height='" . $imginfos[1] . "'} $v {/dede:img}\r\n";
            $imgurls .= "{dede:img ddimg='$v' text='$imginfo' width='".$imginfos[0]."' height='".$imginfos[1]."'} $v {/dede:img}\r\n";
        }
    }

    $imgurls = addslashes($imgurls);

    //分析处理附加表数据
    $inadd_f = '';
    $inadd_v = '';
@@ -346,45 +320,42 @@ function __save(){  }
                    }
                    ${$vs[0]} = GetFieldValueA(${$vs[0]}, $vs[1], $id);
                }
                $inadd_f .= ",`{$vs[0]}` = '" . ${$vs[0]} . "'";
                $inadd_f .= ",`{$vs[0]}` = '".${$vs[0]}."'";
            }
        }
    }

    //更新附加表
    $cts = $dsql->GetOne("SELECT addtable FROM `#@__channeltype` WHERE id='$channelid' ");
    $addtable = trim($cts['addtable']);
    if ($addtable != '') {
        $useip = GetIP();
        $query = "Update `$addtable`
          set typeid='$typeid',
          pagestyle='$pagestyle',
        set typeid='$typeid',
        pagestyle='$pagestyle',
        body='$body',
          maxwidth = '$maxwidth',
          ddmaxwidth = '$ddmaxwidth',
          pagepicnum = '$pagepicnum',
          imgurls='$imgurls',
          `row`='$row',
          col='$col',
          isrm='$isrm'{$inadd_f},
          redirecturl='$redirecturl',
          userip = '$useip'
        maxwidth = '$maxwidth',
        ddmaxwidth = '$ddmaxwidth',
        pagepicnum = '$pagepicnum',
        imgurls='$imgurls',
        `row`='$row',
        col='$col',
        isrm='$isrm'{$inadd_f},
        redirecturl='$redirecturl',
        userip = '$useip'
        WHERE aid='$id'; ";
        if (!$dsql->ExecuteNoneQuery($query)) {
            ShowMsg("更新附加表 `$addtable` 时出错，请检查原因！" . $dsql->GetError(), "javascript:;");
            ShowMsg("更新附加表 `$addtable` 时出错，请检查原因".$dsql->GetError(), "javascript:;");
            exit();
        }
    }

    //生成HTML
    UpIndexKey($id, $arcrank, $typeid, $sortrank, $tags);
    $arcUrl = MakeArt($id, true, true, $isremote);
    if ($arcUrl == '') {
        $arcUrl = $cfg_phpurl . "/view.php?aid=$id";
        $arcUrl = $cfg_phpurl."/view.php?aid=$id";
    }
    ClearMyAddon($id, $title);

    // 自动更新关联内容
    //自动更新关联内容
    if (is_array($automake)) {
        foreach ($automake as $key => $value) {
            if (isset(${$key}) && !empty(${$key})) {
@@ -395,26 +366,13 @@ function __save(){  }
            }
        }
    }

    //返回成功信息
    $msg =
        " 　　请选择你的后续操作：
    <a href='album_add.php?cid=$typeid' class='btn btn-success btn-sm'>继续发布图片</a>
    &nbsp;&nbsp;
    <a href='archives_do.php?aid=" . $id . "&dopost=editArchives' class='btn btn-success btn-sm'>查看更改</a>
    &nbsp;&nbsp;
    <a href='$arcUrl' target='_blank' class='btn btn-success btn-sm'>预览文档</a>
    &nbsp;&nbsp;
    <a href='catalog_do.php?cid=$typeid&dopost=listArchives' class='btn btn-success btn-sm'>管理已发布图片</a>
    &nbsp;&nbsp;
    $backurl
    ";

    $wintitle = "成功更改图集！";
    $msg = "请选择您的后续操作：<a href='album_add.php?cid=$typeid' class='btn btn-success btn-sm'>继续发布图片</a>&nbsp;&nbsp;<a href='archives_do.php?aid=".$id."&dopost=editArchives' class='btn btn-success btn-sm'>查看更改</a>&nbsp;&nbsp;<a href='$arcUrl' target='_blank' class='btn btn-success btn-sm'>预览文档</a>&nbsp;&nbsp;<a href='catalog_do.php?cid=$typeid&dopost=listArchives' class='btn btn-success btn-sm'>管理已发布图片</a>&nbsp;&nbsp;$backurl";
    $wintitle = "成功更改图集";
    $wecome_info = "文章管理::更改图集";
    $win = new OxWindow();
    $win->AddTitle("成功更改一个图集：");
    $win->AddMsgItem($msg);
    $winform = $win->GetWindow("hand", "&nbsp;", false);
    $win->Display();
 }
 }
--- a/src/dede/album_testhtml.php
+++ b/src/dede/album_testhtml.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: album_testhtml.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */

 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 AjaxHead();
 $myhtml = UnicodeUrl2Gbk(stripslashes($myhtml));
 echo "<div class='coolbg61'>[<a href='#' onclick='javascript:HideObj(\"_myhtml\")'>关闭</a>]</div>\r\n";
--- a/src/dede/archives_add.php
+++ b/src/dede/archives_add.php
@@ -1,39 +1,34 @@
 <?php

 /**
 * 文档发布
 *
 * @version        $Id: archives_add.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(dirname(__FILE__).'/config.php');
 CheckPurview('a_New,a_AccNew');
 require_once(DEDEINC . '/customfields.func.php');
 require_once(DEDEADMIN . '/inc/inc_archives_functions.php');

 require_once(DEDEINC.'/customfields.func.php');
 require_once(DEDEADMIN.'/inc/inc_archives_functions.php');
 if (empty($dopost)) $dopost = '';

 if ($dopost != 'save') {
    require_once(DEDEINC . '/dedetag.class.php');
    require_once(DEDEADMIN . '/inc/inc_catalog_options.php');
    require_once(DEDEINC.'/dedetag.class.php');
    require_once(DEDEADMIN.'/inc/inc_catalog_options.php');
    ClearMyAddon();
    $channelid = empty($channelid) ? 0 : intval($channelid);
    $cid = empty($cid) ? 0 : intval($cid);

    //获得频道模型ID
    if ($cid > 0 && $channelid == 0) {
        $row = $dsql->GetOne("SELECT channeltype FROM `#@__arctype` WHERE id='$cid'; ");
        $channelid = $row['channeltype'];
    } else {
        if ($channelid == 0) {
            ShowMsg('无法识别模型信息，因此无法操作！', '-1');
            ShowMsg('无法识别模型信息，因此无法操作', '-1');
            exit();
        }
    }

    //获得频道模型信息
    $cInfos = $dsql->GetOne(" SELECT * FROM  `#@__channeltype` WHERE id='$channelid' ");
    $channelid = $cInfos['id'];
@@ -44,38 +39,35 @@ if ($dopost != 'save') {
 }
 /*--------------------------------
 function __save(){  }
 -------------------------------*/ else if ($dopost == 'save') {
    require_once(DEDEINC . '/image.func.php');
    require_once(DEDEINC . '/oxwindow.class.php');

 -------------------------------*/
 else if ($dopost == 'save') {
    require_once(DEDEINC.'/image.func.php');
    require_once(DEDEINC.'/oxwindow.class.php');
    $flag = isset($flags) ? join(',', $flags) : '';
    $notpost = isset($notpost) && $notpost == 1 ? 1 : 0;
    if (empty($click)) $click = ($cfg_arc_click == '-1' ? mt_rand(50, 200) : $cfg_arc_click);
    if (empty($litpic_b64)) $litpic_b64 = '';

    if (empty($typeid2)) $typeid2 = 0;
    if (!isset($autokey)) $autokey = 0;
    if (!isset($remote)) $remote = 0;
    if (!isset($dellink)) $dellink = 0;
    if (!isset($autolitpic)) $autolitpic = 0;
    if (empty($click)) $click = ($cfg_arc_click == '-1' ? mt_rand(50, 200) : $cfg_arc_click);

    if ($typeid == 0) {
        ShowMsg('请指定文档的栏目！', '-1');
        ShowMsg('请指定文档的栏目', '-1');
        exit();
    }
    if (empty($channelid)) {
        ShowMsg('文档为非指定的类型，请检查你发布内容的表单是否合法！', '-1');
        ShowMsg('文档为非指定的类型，请检查您发布内容的表单是否合法', '-1');
        exit();
    }
    if (!CheckChannel($typeid, $channelid)) {
        ShowMsg('你所选择的栏目与当前模型不相符，请选择白色的选项！', '-1');
        ShowMsg('您所选择的栏目与当前模型不相符，请选择白色的选项', '-1');
        exit();
    }
    if (!TestPurview('a_New')) {
        CheckCatalog($typeid, "对不起，你没有操作栏目 {$typeid} 的权限！");
        CheckCatalog($typeid, "对不起，您没有操作栏目 {$typeid} 的权限");
    }

    //对保存的内容进行处理
    if (empty($writer)) $writer = $cuserLogin->getUserName();
    if (empty($source)) $source = '未知';
@@ -100,7 +92,6 @@ function __save(){  }
        $arcrank = -1;
    }
    $adminid = $cuserLogin->getUserID();

    //处理上传的缩略图
    if (empty($ddisremote)) {
        $ddisremote = 0;
@@ -110,26 +101,21 @@ function __save(){  }
    if ($litpic_b64 != "") {
        $data = explode(',', $litpic_b64);
        $ntime = time();
        $savepath = $ddcfg_image_dir . '/' . MyDate($cfg_addon_savetype, $ntime);
        $savepath = $ddcfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime);
        CreateDir($savepath);
        $fullUrl = $savepath . '/' . dd2char(MyDate('mdHis', $ntime) . $cuserLogin->getUserID() . mt_rand(1000, 9999));
        $fullUrl = $fullUrl . ".png";

        file_put_contents($cfg_basedir . $fullUrl, base64_decode($data[1]));

        // 加水印
        WaterImg($cfg_basedir . $fullUrl, 'up');
        $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999));
        $fullUrl = $fullUrl.".png";
        file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1]));
        //加水印
        WaterImg($cfg_basedir.$fullUrl, 'up');
        $litpic = $fullUrl;
    }

    //生成文档ID
    $arcID = GetIndexKey($arcrank, $typeid, $sortrank, $channelid, $senddate, $adminid);

    if (empty($arcID)) {
        ShowMsg("无法获得主键，因此无法进行后续操作！", "-1");
        ShowMsg("无法获得主键，因此无法进行后续操作", "-1");
        exit();
    }

    //分析处理附加表数据
    $inadd_f = $inadd_v = '';
    if (!empty($dede_addonfields)) {
@@ -144,35 +130,30 @@ function __save(){  }
                    if (!isset(${$vs[0]})) ${$vs[0]} = '';
                    ${$vs[0]} = GetFieldValueA(${$vs[0]}, $vs[1], $arcID);
                }
                $inadd_f .= ',' . $vs[0];
                $inadd_v .= " ,'" . ${$vs[0]} . "' ";
                $inadd_f .= ','.$vs[0];
                $inadd_v .= " ,'".${$vs[0]}."' ";
            }
        }
    }

    //处理图片文档的自定义属性
    if ($litpic != '' && !preg_match("#p#", $flag)) {
        $flag = ($flag == '' ? 'p' : $flag . ',p');
        $flag = ($flag == '' ? 'p' : $flag.',p');
    }
    if ($redirecturl != '' && !preg_match("#j#", $flag)) {
        $flag = ($flag == '' ? 'j' : $flag . ',j');
        $flag = ($flag == '' ? 'j' : $flag.',j');
    }

    //跳转网址的文档强制为动态
    if (preg_match("#j#", $flag)) $ismake = -1;
    //保存到主表
    $query = "INSERT INTO `#@__archives`(id,typeid,typeid2,sortrank,flag,ismake,channel,arcrank,click,money,title,shorttitle,
 color,writer,source,litpic,pubdate,senddate,mid,voteid,notpost,description,keywords,filename,dutyadmin,weight)
    $query = "INSERT INTO `#@__archives`(id,typeid,typeid2,sortrank,flag,ismake,channel,arcrank,click,money,title,shorttitle,color,writer,source,litpic,pubdate,senddate,mid,voteid,notpost,description,keywords,filename,dutyadmin,weight)
    VALUES ('$arcID','$typeid','$typeid2','$sortrank','$flag','$ismake','$channelid','$arcrank','$click','$money','$title','$shorttitle',
    '$color','$writer','$source','$litpic','$pubdate','$senddate','$adminid','$voteid','$notpost','$description','$keywords','$filename','$adminid','$weight');";

    if (!$dsql->ExecuteNoneQuery($query)) {
        $gerr = $dsql->GetError();
        $dsql->ExecuteNoneQuery("DELETE FROM `#@__arctiny` WHERE id='$arcID'");
        ShowMsg("把数据保存到数据库主表 `#@__archives` 时出错，请把相关信息提交给DedeCMS官方。" . str_replace('"', '', $gerr), "javascript:;");
        ShowMsg("把数据保存到数据库主表 `#@__archives` 时出错，请把相关信息提交给DedeBIZ官方".str_replace('"', '', $gerr), "javascript:;");
        exit();
    }

    //保存到附加表
    $cts = $dsql->GetOne("SELECT addtable FROM `#@__channeltype` WHERE id='$channelid' ");
    $addtable = trim($cts['addtable']);
@@ -183,20 +164,18 @@ color,writer,source,litpic,pubdate,senddate,mid,voteid,notpost,description,keywo
            $gerr = $dsql->GetError();
            $dsql->ExecuteNoneQuery("DELETE FROM `#@__archives` WHERE id='$arcID'");
            $dsql->ExecuteNoneQuery("DELETE FROM `#@__arctiny` WHERE id='$arcID'");
            ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错，请把相关信息提交给DedeCMS官方。" . str_replace('"', '', $gerr), "javascript:;");
            ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错，请把相关信息提交给DedeBIZ官方".str_replace('"', '', $gerr), "javascript:;");
            exit();
        }
    }

    //生成HTML
    InsertTags($tags, $arcID);
    $artUrl = MakeArt($arcID, true, true, $isremote);
    if ($artUrl == '') {
        $artUrl = $cfg_phpurl . "/view.php?aid=$arcID";
        $artUrl = $cfg_phpurl."/view.php?aid=$arcID";
    }
    ClearMyAddon($arcID, $title);

    // 自动更新关联内容
    //自动更新关联内容
    if (is_array($automake)) {
        foreach ($automake as $key => $value) {
            if (isset(${$key}) && !empty(${$key})) {
@@ -207,26 +186,14 @@ color,writer,source,litpic,pubdate,senddate,mid,voteid,notpost,description,keywo
            }
        }
    }

    //返回成功信息
    $msg = "    　　请选择你的后续操作：
    <a href='archives_add.php?cid=$typeid' class='btn btn-success btn-sm'>继续发布文档</a>
    &nbsp;&nbsp;
    <a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>查看文档</a>
    &nbsp;&nbsp;
    <a href='archives_do.php?aid=" . $arcID . "&dopost=editArchives' class='btn btn-success btn-sm'>更改文档</a>
    &nbsp;&nbsp;
    <a href='catalog_do.php?cid=$typeid&dopost=listArchives' class='btn btn-success btn-sm'>已发布文档管理</a>
    &nbsp;&nbsp;
    $backurl
  ";
    $msg = "<div style=\"line-height:36px;height:36px\">{$msg}</div>" . GetUpdateTest();

    $wintitle = '成功发布文档！';
    $msg = "请选择您的后续操作：<a href='archives_add.php?cid=$typeid' class='btn btn-success btn-sm'>继续发布文档</a>&nbsp;&nbsp;<a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>查看文档</a>&nbsp;&nbsp;<a href='archives_do.php?aid=".$arcID."&dopost=editArchives' class='btn btn-success btn-sm'>更改文档</a>&nbsp;&nbsp;<a href='catalog_do.php?cid=$typeid&dopost=listArchives' class='btn btn-success btn-sm'>已发布文档管理</a>&nbsp;&nbsp;$backurl";
    $msg = "<div style=\"line-height:36px;height:36px\">{$msg}</div>".GetUpdateTest();
    $wintitle = '成功发布文档';
    $wecome_info = '文档管理::发布文档';
    $win = new OxWindow();
    $win->AddTitle('成功发布文档：');
    $win->AddMsgItem($msg);
    $winform = $win->GetWindow('hand', '&nbsp;', false);
    $win->Display();
 }
 }
--- a/src/dede/archives_do.php
+++ b/src/dede/archives_do.php
--- a/src/dede/archives_edit.php
+++ b/src/dede/archives_edit.php
@@ -1,41 +1,34 @@
 <?php

 /**
 * 文档编辑
 *
 * @version        $Id: archives_edit.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('a_Edit,a_AccEdit,a_MyEdit');
 require_once(DEDEINC . "/customfields.func.php");
 require_once(DEDEADMIN . "/inc/inc_archives_functions.php");

 require_once(DEDEINC."/customfields.func.php");
 require_once(DEDEADMIN."/inc/inc_archives_functions.php");
 if (empty($dopost)) $dopost = '';

 if ($dopost != 'save') {
    require_once(DEDEADMIN . "/inc/inc_catalog_options.php");
    require_once(DEDEINC . "/dedetag.class.php");
    require_once(DEDEADMIN."/inc/inc_catalog_options.php");
    require_once(DEDEINC."/dedetag.class.php");
    ClearMyAddon();
    $aid = intval($aid);

    //读取归档信息
    $arcQuery = "SELECT ch.typename as channelname,ar.membername as rankname,arc.*
    FROM `#@__archives` arc
    LEFT JOIN `#@__channeltype` ch ON ch.id=arc.channel
    LEFT JOIN `#@__arcrank` ar ON ar.rank=arc.arcrank WHERE arc.id='$aid'
    ";

    LEFT JOIN `#@__arcrank` ar ON ar.rank=arc.arcrank WHERE arc.id='$aid'";
    $arcRow = $dsql->GetOne($arcQuery);
    if (!is_array($arcRow)) {
        ShowMsg("读取档案基本信息出错!", "-1");
        exit();
    }

    $query = "SELECT * FROM `#@__channeltype` WHERE id='" . $arcRow['channel'] . "'";
    $query = "SELECT * FROM `#@__channeltype` WHERE id='".$arcRow['channel']."'";
    $cInfos = $dsql->GetOne($query);
    if (!is_array($cInfos)) {
        ShowMsg("读取频道配置信息出错!", "javascript:;");
@@ -50,40 +43,38 @@ if ($dopost != 'save') {
 }
 /*--------------------------------
 function __save(){  }
 -------------------------------*/ else if ($dopost == 'save') {
    require_once(DEDEINC . '/image.func.php');
    require_once(DEDEINC . '/oxwindow.class.php');
 -------------------------------*/
 else if ($dopost == 'save') {
    require_once(DEDEINC.'/image.func.php');
    require_once(DEDEINC.'/oxwindow.class.php');
    $flag = isset($flags) ? join(',', $flags) : '';
    $notpost = isset($notpost) && $notpost == 1 ? 1 : 0;
    if (empty($litpic_b64)) $litpic_b64 = '';

    if (empty($typeid2)) $typeid2 = 0;
    if (!isset($autokey)) $autokey = 0;
    if (!isset($remote)) $remote = 0;
    if (!isset($dellink)) $dellink = 0;
    if (!isset($autolitpic)) $autolitpic = 0;
    if (!isset($writer)) $writer = '';

    if ($typeid == 0) {
        ShowMsg("请指定文档的栏目！", "-1");
        ShowMsg("请指定文档的栏目", "-1");
        exit();
    }
    if (empty($channelid)) {
        ShowMsg("文档为非指定的类型，请检查你发布内容的表单是否合法！", "-1");
        ShowMsg("文档为非指定的类型，请检查您发布内容的表单是否合法", "-1");
        exit();
    }
    if (!CheckChannel($typeid, $channelid)) {
        ShowMsg("你所选择的栏目与当前模型不相符，请选择白色的选项！", "-1");
        ShowMsg("您所选择的栏目与当前模型不相符，请选择白色的选项", "-1");
        exit();
    }
    if (!TestPurview('a_Edit')) {
        if (TestPurview('a_AccEdit')) {
            CheckCatalog($typeid, "对不起，你没有操作栏目 {$typeid} 的文档权限！");
            CheckCatalog($typeid, "对不起，您没有操作栏目 {$typeid} 的文档权限");
        } else {
            CheckArcAdmin($id, $cuserLogin->getUserID());
        }
    }

    //对保存的内容进行处理
    $pubdate = GetMkTime($pubdate);
    $sortrank = AddDay($pubdate, $sortup);
@@ -99,30 +90,23 @@ function __save(){  }
    $isremote  = 0;
    $serviterm = empty($serviterm) ? "" : $serviterm;
    if (!TestPurview('a_Check,a_AccCheck,a_MyCheck')) $arcrank = -1;

    $adminid = $cuserLogin->getUserID();

    //处理上传的缩略图
    if (empty($ddisremote)) $ddisremote = 0;

    $litpic = GetDDImage('none', $picname, $ddisremote);

    // 处理新的缩略图上传
    //处理新的缩略图上传
    if ($litpic_b64 != "") {
        $data = explode(',', $litpic_b64);
        $ntime = time();
        $savepath = $ddcfg_image_dir . '/' . MyDate($cfg_addon_savetype, $ntime);
        $savepath = $ddcfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime);
        CreateDir($savepath);
        $fullUrl = $savepath . '/' . dd2char(MyDate('mdHis', $ntime) . $cuserLogin->getUserID() . mt_rand(1000, 9999));
        $fullUrl = $fullUrl . ".png";

        file_put_contents($cfg_basedir . $fullUrl, base64_decode($data[1]));

        // 加水印
        WaterImg($cfg_basedir . $fullUrl, 'up');
        $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999));
        $fullUrl = $fullUrl.".png";
        file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1]));
        //加水印
        WaterImg($cfg_basedir.$fullUrl, 'up');
        $litpic = $fullUrl;
    }

    //分析处理附加表数据
    $inadd_f = '';
    $inadd_v = '';
@@ -145,19 +129,17 @@ function __save(){  }
                    }
                    ${$vs[0]} = GetFieldValueA(${$vs[0]}, $vs[1], $id);
                }
                $inadd_f .= ",`{$vs[0]}` = '" . ${$vs[0]} . "'";
                $inadd_f .= ",`{$vs[0]}` = '".${$vs[0]}."'";
            }
        }
    }

    //处理图片文档的自定义属性
    if ($litpic != '' && !preg_match("#p#", $flag)) {
        $flag = ($flag == '' ? 'p' : $flag . ',p');
        $flag = ($flag == '' ? 'p' : $flag.',p');
    }
    if ($redirecturl != '' && !preg_match("#j#", $flag)) {
        $flag = ($flag == '' ? 'j' : $flag . ',j');
        $flag = ($flag == '' ? 'j' : $flag.',j');
    }

    //跳转网址的文档强制为动态
    if (preg_match("#j#", $flag)) $ismake = -1;
    //更新数据库的SQL语句
@@ -185,30 +167,27 @@ function __save(){  }
    weight='$weight'
    WHERE id='$id'; ";
    if (!$dsql->ExecuteNoneQuery($inQuery)) {
        ShowMsg("更新数据库archives表时出错，请检查！", "-1");
        ShowMsg("更新数据库archives表时出错，请检查", "-1");
        exit();
    }

    $cts = $dsql->GetOne("SELECT addtable From `#@__channeltype` WHERE id='$channelid' ");
    $addtable = trim($cts['addtable']);
    if ($addtable != '') {
        $useip = GetIP();
        $iquery = "UPDATE `$addtable` SET typeid='$typeid'{$inadd_f},redirecturl='$redirecturl',userip='$useip' WHERE aid='$id' ";
        if (!$dsql->ExecuteNoneQuery($iquery)) {
            ShowMsg("更新附加表 `$addtable`  时出错，请检查原因！", "javascript:;");
            ShowMsg("更新附加表 `$addtable`  时出错，请检查原因", "javascript:;");
            exit();
        }
    }

    //生成HTML
    UpIndexKey($id, $arcrank, $typeid, $sortrank, $tags);
    $artUrl = MakeArt($id, TRUE, TRUE, $isremote);
    if ($artUrl == '') {
        $artUrl = $cfg_phpurl . "/view.php?aid=$id";
        $artUrl = $cfg_phpurl."/view.php?aid=$id";
    }
    ClearMyAddon($id, $title);

    // 自动更新关联内容
    //自动更新关联内容
    if (is_array($automake)) {
        foreach ($automake as $key => $value) {
            if (isset(${$key}) && !empty(${$key})) {
@@ -219,26 +198,13 @@ function __save(){  }
            }
        }
    }

    //返回成功信息
    $msg = "
    　　请选择你的后续操作：
    <a href='archives_add.php?cid=$typeid' class='btn btn-success btn-sm'>发布新文档</a>
    &nbsp;&nbsp;
    <a href='archives_do.php?aid=" . $id . "&dopost=editArchives' class='btn btn-success btn-sm'>查看更改</a>
    &nbsp;&nbsp;
    <a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>查看文档</a>
    &nbsp;&nbsp;
    <a href='catalog_do.php?cid=$typeid&dopost=listArchives' class='btn btn-success btn-sm'>管理文档</a>
    &nbsp;&nbsp;
    $backurl
    ";

    $wintitle = "成功更改文档！";
    $msg = "请选择您的后续操作：<a href='archives_add.php?cid=$typeid' class='btn btn-success btn-sm'>发布新文档</a>&nbsp;&nbsp;<a href='archives_do.php?aid=".$id."&dopost=editArchives' class='btn btn-success btn-sm'>查看更改</a>&nbsp;&nbsp;<a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>查看文档</a>&nbsp;&nbsp;<a href='catalog_do.php?cid=$typeid&dopost=listArchives' class='btn btn-success btn-sm'>管理文档</a>&nbsp;&nbsp;$backurl";
    $wintitle = "成功更改文档";
    $wecome_info = "文档管理::更改文档";
    $win = new OxWindow();
    $win->AddTitle("成功更改文档：");
    $win->AddMsgItem($msg);
    $winform = $win->GetWindow("hand", "&nbsp;", false);
    $win->Display();
 }
 }
--- a/src/dede/archives_sg_add.php
+++ b/src/dede/archives_sg_add.php
@@ -1,39 +1,34 @@
 <?php

 /**
 * 单表模型文档发布
 *
 * @version        $Id: archives_sg_add.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('a_New,a_AccNew');
 require_once(DEDEINC . "/customfields.func.php");
 require_once(DEDEADMIN . "/inc/inc_archives_functions.php");

 require_once(DEDEINC."/customfields.func.php");
 require_once(DEDEADMIN."/inc/inc_archives_functions.php");
 if (empty($dopost)) $dopost = '';

 if ($dopost != 'save') {
    require_once(DEDEINC . "/dedetag.class.php");
    require_once(DEDEADMIN . "/inc/inc_catalog_options.php");
    require_once(DEDEINC."/dedetag.class.php");
    require_once(DEDEADMIN."/inc/inc_catalog_options.php");
    ClearMyAddon();
    $channelid = empty($channelid) ? 0 : intval($channelid);
    $cid = empty($cid) ? 0 : intval($cid);

    //获得频道模型ID
    if ($cid > 0 && $channelid == 0) {
        $row = $dsql->GetOne("SELECT channeltype FROM `#@__arctype` WHERE id='$cid'; ");
        $channelid = $row['channeltype'];
    } else {
        if ($channelid == 0) {
            ShowMsg("无法识别模型信息，因此无法操作！", "-1");
            ShowMsg("无法识别模型信息，因此无法操作", "-1");
            exit();
        }
    }

    //获得频道模型信息
    $cInfos = $dsql->GetOne(" SELECT * FROM  `#@__channeltype` WHERE id='$channelid' ");
    $channelid = $cInfos['id'];
@@ -42,24 +37,24 @@ if ($dopost != 'save') {
 }
 /*--------------------------------
 function __save(){  }
 -------------------------------*/ else if ($dopost == 'save') {
    require_once(DEDEINC . '/image.func.php');
    require_once(DEDEINC . '/oxwindow.class.php');

 -------------------------------*/
 else if ($dopost == 'save') {
    require_once(DEDEINC.'/image.func.php');
    require_once(DEDEINC.'/oxwindow.class.php');
    if ($typeid == 0) {
        ShowMsg("请指定文档的栏目！", "-1");
        ShowMsg("请指定文档的栏目", "-1");
        exit();
    }
    if (empty($channelid)) {
        ShowMsg("文档为非指定的类型，请检查你发布内容的表单是否合法！", "-1");
        ShowMsg("文档为非指定的类型，请检查您发布内容的表单是否合法", "-1");
        exit();
    }
    if (!CheckChannel($typeid, $channelid)) {
        ShowMsg("你所选择的栏目与当前模型不相符，请选择白色的选项！", "-1");
        ShowMsg("您所选择的栏目与当前模型不相符，请选择白色的选项", "-1");
        exit();
    }
    if (!TestPurview('a_New')) {
        CheckCatalog($typeid, "对不起，你没有操作栏目 {$typeid} 的权限！");
        CheckCatalog($typeid, "对不起，您没有操作栏目 {$typeid} 的权限");
    }
    //对保存的内容进行处理
    if (empty($writer)) $writer = $cuserLogin->getUserName();
@@ -72,36 +67,29 @@ function __save(){  }
    $isremote  = 0;
    $serviterm = empty($serviterm) ? "" : $serviterm;
    if (!TestPurview('a_Check,a_AccCheck,a_MyCheck')) $arcrank = -1;

    $adminid = $cuserLogin->getUserID();
    $userip = GetIP();

    if (empty($ddisremote)) $ddisremote = 0;

    $litpic = GetDDImage('none', $picname, $ddisremote);
    // 处理新的缩略图上传
    //处理新的缩略图上传
    if ($litpic_b64 != "") {
        $data = explode(',', $litpic_b64);
        $ntime = time();
        $savepath = $ddcfg_image_dir . '/' . MyDate($cfg_addon_savetype, $ntime);
        $savepath = $ddcfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime);
        CreateDir($savepath);
        $fullUrl = $savepath . '/' . dd2char(MyDate('mdHis', $ntime) . $cuserLogin->getUserID() . mt_rand(1000, 9999));
        $fullUrl = $fullUrl . ".png";

        file_put_contents($cfg_basedir . $fullUrl, base64_decode($data[1]));

        $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999));
        $fullUrl = $fullUrl.".png";
        file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1]));
        // 加水印
        WaterImg($cfg_basedir . $fullUrl, 'up');
        WaterImg($cfg_basedir.$fullUrl, 'up');
        $litpic = $fullUrl;
    }
    //生成文档ID
    $arcID = GetIndexKey($arcrank, $typeid, $senddate, $channelid, $senddate, $adminid);

    if (empty($arcID)) {
        ShowMsg("无法获得主键，因此无法进行后续操作！", "-1");
        ShowMsg("无法获得主键，因此无法进行后续操作", "-1");
        exit();
    }

    //分析处理附加表数据
    $inadd_f = '';
    $inadd_v = '';
@@ -124,56 +112,41 @@ function __save(){  }
                    }
                    ${$vs[0]} = GetFieldValueA(${$vs[0]}, $vs[1], $arcID);
                }
                $inadd_f .= ',' . $vs[0];
                $inadd_v .= " ,'" . ${$vs[0]} . "' ";
                $inadd_f .= ','.$vs[0];
                $inadd_v .= " ,'".${$vs[0]}."' ";
            }
        }
    }

    //处理图片文档的自定义属性
    if ($litpic != '' && !preg_match("#p#", $flag)) {
        $flag = ($flag == '' ? 'p' : $flag . ',p');
        $flag = ($flag == '' ? 'p' : $flag.',p');
    }

    //保存到附加表
    $cts = $dsql->GetOne("SELECT addtable FROM `#@__channeltype` WHERE id='$channelid' ");
    $addtable = trim($cts['addtable']);
    if (!empty($addtable)) {
        $query = "INSERT INTO `{$addtable}`(aid,typeid,channel,arcrank,mid,click,title,senddate,flag,litpic,userip{$inadd_f})
                       VALUES('$arcID','$typeid','$channelid','$arcrank','$adminid','0','$title','$senddate','$flag','$litpic','$userip'{$inadd_v})";
        VALUES('$arcID','$typeid','$channelid','$arcrank','$adminid','0','$title','$senddate','$flag','$litpic','$userip'{$inadd_v})";
        if (!$dsql->ExecuteNoneQuery($query)) {
            $gerr = $dsql->GetError();
            $dsql->ExecuteNoneQuery("DELETE FROM `#@__arctiny` WHERE id='$arcID'");
            ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错，请把相关信息提交给DedeCMS官方。" . str_replace('"', '', $gerr), "javascript:;");
            ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错，请把相关信息提交给DedeBIZ官方".str_replace('"', '', $gerr), "javascript:;");
            exit();
        }
    }

    //生成HTML
    $artUrl = MakeArt($arcID, TRUE, TRUE, $isremote);
    if ($artUrl == '') {
        $artUrl = $cfg_phpurl . "/view.php?aid=$arcID";
        $artUrl = $cfg_phpurl."/view.php?aid=$arcID";
    }
    ClearMyAddon($arcID, $title);
    //返回成功信息
    $msg = "
    　　请选择你的后续操作：
    <a href='archives_sg_add.php?cid=$typeid' class='btn btn-success btn-sm'>继续发布文档</a>
    &nbsp;&nbsp;
    <a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>查看文档</a>
    &nbsp;&nbsp;
    <a href='archives_do.php?aid=" . $arcID . "&dopost=editArchives' class='btn btn-success btn-sm'>更改文档</a>
    &nbsp;&nbsp;
    <a href='content_sg_list.php?cid=$typeid&channelid={$channelid}&dopost=listArchives' class='btn btn-success btn-sm'>已发布文档管理</a>
    &nbsp;&nbsp;
    <a href='catalog_main.php' class='btn btn-success btn-sm'>网站栏目管理</a>
    ";

    $wintitle = "成功发布文档！";
    $msg = "请选择您的后续操作：<a href='archives_sg_add.php?cid=$typeid' class='btn btn-success btn-sm'>继续发布文档</a>&nbsp;&nbsp;<a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>查看文档</a>&nbsp;&nbsp;<a href='archives_do.php?aid=".$arcID."&dopost=editArchives' class='btn btn-success btn-sm'>更改文档</a>&nbsp;&nbsp;<a href='content_sg_list.php?cid=$typeid&channelid={$channelid}&dopost=listArchives' class='btn btn-success btn-sm'>已发布文档管理</a>&nbsp;&nbsp;<a href='catalog_main.php' class='btn btn-success btn-sm'>网站栏目管理</a>";
    $wintitle = "成功发布文档";
    $wecome_info = "文档管理::发布文档";
    $win = new OxWindow();
    $win->AddTitle("成功发布文档：");
    $win->AddMsgItem($msg);
    $winform = $win->GetWindow("hand", "&nbsp;", false);
    $win->Display();
 }
 }
--- a/src/dede/archives_sg_edit.php
+++ b/src/dede/archives_sg_edit.php
@@ -1,37 +1,31 @@
 <?php

 /**
 * 单表模型文档编辑
 *
 * @version        $Id: archives_sg_edit.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('a_Edit,a_AccEdit,a_MyEdit');
 require_once(DEDEINC . "/customfields.func.php");
 require_once(DEDEADMIN . "/inc/inc_archives_functions.php");

 require_once(DEDEINC."/customfields.func.php");
 require_once(DEDEADMIN."/inc/inc_archives_functions.php");
 if (empty($dopost)) $dopost = '';

 if ($dopost != 'save') {
    require_once(DEDEADMIN . "/inc/inc_catalog_options.php");
    require_once(DEDEINC . "/dedetag.class.php");
    require_once(DEDEADMIN."/inc/inc_catalog_options.php");
    require_once(DEDEINC."/dedetag.class.php");
    ClearMyAddon();
    $aid = intval($aid);

    //读取归档信息
    $arcQuery = "SELECT ch.*,arc.* FROM `#@__arctiny` arc
    LEFT JOIN `#@__channeltype` ch on ch.id=arc.channel WHERE arc.id='$aid' ";

    $cInfos = $dsql->GetOne($arcQuery);
    if (!is_array($cInfos)) {
        ShowMsg("读频道模型信息出错！", "-1");
        ShowMsg("读频道模型信息出错", "-1");
        exit();
    }

    $addtable = $cInfos['addtable'];
    $addRow = $dsql->GetOne("SELECT arc.*,ar.membername as rankname FROM `$addtable` arc LEFT JOIN `#@__arcrank` ar on ar.rank=arc.arcrank WHERE arc.aid='$aid'");
    $channelid = $cInfos['channel'];
@@ -41,24 +35,25 @@ if ($dopost != 'save') {
 }
 /*--------------------------------
 function __save(){  }
 -------------------------------*/ else if ($dopost == 'save') {
    require_once(DEDEINC . '/image.func.php');
    require_once(DEDEINC . '/oxwindow.class.php');
 -------------------------------*/
 else if ($dopost == 'save') {
    require_once(DEDEINC.'/image.func.php');
    require_once(DEDEINC.'/oxwindow.class.php');
    if ($typeid == 0) {
        ShowMsg("请指定文档的栏目！", "-1");
        ShowMsg("请指定文档的栏目", "-1");
        exit();
    }
    if (empty($channelid)) {
        ShowMsg("文档为非指定的类型，请检查你发布内容的表单是否合法！", "-1");
        ShowMsg("文档为非指定的类型，请检查您发布内容的表单是否合法", "-1");
        exit();
    }
    if (!CheckChannel($typeid, $channelid)) {
        ShowMsg("你所选择的栏目与当前模型不相符，请选择白色的选项！", "-1");
        ShowMsg("您所选择的栏目与当前模型不相符，请选择白色的选项", "-1");
        exit();
    }
    if (!TestPurview('a_Edit')) {
        if (TestPurview('a_AccEdit')) {
            CheckCatalog($typeid, "对不起，你没有操作栏目 {$typeid} 的文档权限！");
            CheckCatalog($typeid, "对不起，您没有操作栏目 {$typeid} 的文档权限");
        } else {
            CheckArcAdmin($id, $cuserLogin->getUserID());
        }
@@ -71,25 +66,21 @@ function __save(){  }
    $serviterm = empty($serviterm) ? "" : $serviterm;
    if (empty($litpic_b64)) $litpic_b64 = '';
    if (!TestPurview('a_Check,a_AccCheck,a_MyCheck')) $arcrank = -1;

    $adminid = $cuserLogin->getUserID();

    //处理上传的缩略图
    if (empty($ddisremote)) $ddisremote = 0;
    $litpic = GetDDImage('none', $picname, $ddisremote);
    // 处理新的缩略图上传
    //处理新的缩略图上传
    if ($litpic_b64 != "") {
        $data = explode(',', $litpic_b64);
        $ntime = time();
        $savepath = $ddcfg_image_dir . '/' . MyDate($cfg_addon_savetype, $ntime);
        $savepath = $ddcfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime);
        CreateDir($savepath);
        $fullUrl = $savepath . '/' . dd2char(MyDate('mdHis', $ntime) . $cuserLogin->getUserID() . mt_rand(1000, 9999));
        $fullUrl = $fullUrl . ".png";

        file_put_contents($cfg_basedir . $fullUrl, base64_decode($data[1]));

        $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999));
        $fullUrl = $fullUrl.".png";
        file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1]));
        // 加水印
        WaterImg($cfg_basedir . $fullUrl, 'up');
        WaterImg($cfg_basedir.$fullUrl, 'up');
        $litpic = $fullUrl;
    }
    //分析处理附加表数据
@@ -114,47 +105,31 @@ function __save(){  }
                    }
                    ${$vs[0]} = GetFieldValueA(${$vs[0]}, $vs[1], $id);
                }
                $inadd_f .= ",`{$vs[0]}` = '" . ${$vs[0]} . "'";
                $inadd_f .= ",`{$vs[0]}` = '".${$vs[0]}."'";
            }
        }
    }

    //处理图片文档的自定义属性
    if ($litpic != '' && !preg_match("#p#", $flag)) {
        $flag = ($flag == '' ? 'p' : $flag . ',p');
        $flag = ($flag == '' ? 'p' : $flag.',p');
    }

    $cts = $dsql->GetOne("SELECT addtable FROM `#@__channeltype` WHERE id='$channelid' ");
    $addtable = trim($cts['addtable']);
    if ($addtable != '') {
        $iquery = "UPDATE `$addtable` SET typeid='$typeid',arcrank='$arcrank',title='$title',flag='$flag',litpic='$litpic'{$inadd_f} WHERE aid='$id' ";
        if (!$dsql->ExecuteNoneQuery($iquery)) {
            ShowMsg("更新附加表 `$addtable`  时出错，请检查原因！", "javascript:;");
            ShowMsg("更新附加表 `$addtable`  时出错，请检查原因", "javascript:;");
            exit();
        }
    }

    //生成HTML
    UpIndexKey($id, $arcrank, $typeid, $sortrank, '');
    $artUrl = MakeArt($id, TRUE, TRUE, $isremote);
    if ($artUrl == '') $artUrl = $cfg_phpurl . "/view.php?aid=$id";

    if ($artUrl == '') $artUrl = $cfg_phpurl."/view.php?aid=$id";
    ClearMyAddon($id, $title);
    //返回成功信息
    $msg = "
    　　请选择你的后续操作：
    <a href='archives_sg_add.php?cid=$typeid' class='btn btn-success btn-sm'>发布新文档</a>
    &nbsp;&nbsp;
    <a href='archives_do.php?aid=" . $id . "&dopost=editArchives' class='btn btn-success btn-sm'>查看更改</a>
    &nbsp;&nbsp;
    <a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>查看文档</a>
    &nbsp;&nbsp;
    <a href='catalog_do.php?cid=$typeid&channelid={$channelid}&dopost=listArchives' class='btn btn-success btn-sm'>管理文档</a>
    &nbsp;&nbsp;
    <a href='catalog_main.php' class='btn btn-success btn-sm'>网站栏目管理</a>
    ";

    $wintitle = "成功更改文档！";
    $msg = "请选择您的后续操作：<a href='archives_sg_add.php?cid=$typeid' class='btn btn-success btn-sm'>发布新文档</a>&nbsp;&nbsp;<a href='archives_do.php?aid=".$id."&dopost=editArchives' class='btn btn-success btn-sm'>查看更改</a>&nbsp;&nbsp;<a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>查看文档</a>&nbsp;&nbsp;<a href='catalog_do.php?cid=$typeid&channelid={$channelid}&dopost=listArchives' class='btn btn-success btn-sm'>管理文档</a>&nbsp;&nbsp;<a href='catalog_main.php' class='btn btn-success btn-sm'>网站栏目管理</a>";
    $wintitle = "成功更改文档";
    $wecome_info = "文档管理::更改文档";
    $win = new OxWindow();
    $win->AddTitle("成功更改文档：");
--- a/src/dede/article_add.php
+++ b/src/dede/article_add.php
@@ -1,42 +1,36 @@
 <?php

 /**
 * 文档发布
 *
 * @version        $Id: article_add.php 2020年9月14日 tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(dirname(__FILE__).'/config.php');
 CheckPurview('a_New,a_AccNew');
 require_once(DEDEINC . '/customfields.func.php');
 require_once(DEDEADMIN . '/inc/inc_archives_functions.php');
 if (file_exists(DEDEDATA . '/template.rand.php')) {
    require_once(DEDEDATA . '/template.rand.php');
 require_once(DEDEINC.'/customfields.func.php');
 require_once(DEDEADMIN.'/inc/inc_archives_functions.php');
 if (file_exists(DEDEDATA.'/template.rand.php')) {
    require_once(DEDEDATA.'/template.rand.php');
 }
 if (empty($dopost)) $dopost = '';

 if ($dopost != 'save') {
    require_once(DEDEINC . "/dedetag.class.php");
    require_once(DEDEADMIN . "/inc/inc_catalog_options.php");
    require_once(DEDEINC."/dedetag.class.php");
    require_once(DEDEADMIN."/inc/inc_catalog_options.php");
    ClearMyAddon();
    $channelid = empty($channelid) ? 0 : intval($channelid);
    $cid = empty($cid) ? 0 : intval($cid);
    if (empty($litpic_b64)) $litpic_b64 = '';

    if (empty($geturl)) $geturl = '';

    $keywords = $writer = $source = $body = $description = $title = '';

    //采集单个网页
    if (preg_match("#^http:\/\/#", $geturl)) {
        require_once(DEDEADMIN . "/inc/inc_coonepage.php");
        require_once(DEDEADMIN."/inc/inc_coonepage.php");
        $redatas = CoOnePage($geturl);
        extract($redatas);
    }

    //获得频道模型ID
    if ($cid > 0 && $channelid == 0) {
        $row = $dsql->GetOne("Select channeltype From `#@__arctype` where id='$cid'; ");
@@ -46,48 +40,43 @@ if ($dopost != 'save') {
            $channelid = 1;
        }
    }

    //获得频道模型信息
    $cInfos = $dsql->GetOne(" Select * From  `#@__channeltype` where id='$channelid' ");

    //获取文章最大id以确定当前权重
    $maxWright = $dsql->GetOne("SELECT COUNT(*) AS cc FROM `#@__archives`");

    include DedeInclude("templets/article_add.htm");
    exit();
 }

 /*--------------------------------
 function __save(){  }
 -------------------------------*/ else if ($dopost == 'save') {
    require_once(DEDEINC . '/image.func.php');
    require_once(DEDEINC . '/oxwindow.class.php');
 -------------------------------*/
 else if ($dopost == 'save') {
    require_once(DEDEINC.'/image.func.php');
    require_once(DEDEINC.'/oxwindow.class.php');
    $flag = isset($flags) ? join(',', $flags) : '';
    $notpost = isset($notpost) && $notpost == 1 ? 1 : 0;

    if (empty($typeid2)) $typeid2 = '';
    if (!isset($autokey)) $autokey = 0;
    if (!isset($remote)) $remote = 0;
    if (!isset($dellink)) $dellink = 0;
    if (!isset($autolitpic)) $autolitpic = 0;
    if (empty($click)) $click = ($cfg_arc_click == '-1' ? mt_rand(50, 200) : $cfg_arc_click);

    if (empty($typeid)) {
        ShowMsg("请指定文档的栏目！", "-1");
        ShowMsg("请指定文档的栏目", "-1");
        exit();
    }
    if (empty($channelid)) {
        ShowMsg("文档为非指定的类型，请检查你发布内容的表单是否合法！", "-1");
        ShowMsg("文档为非指定的类型，请检查您发布内容的表单是否合法", "-1");
        exit();
    }
    if (!CheckChannel($typeid, $channelid)) {
        ShowMsg("你所选择的栏目与当前模型不相符，请选择白色的选项！", "-1");
        ShowMsg("您所选择的栏目与当前模型不相符，请选择白色的选项", "-1");
        exit();
    }
    if (!TestPurview('a_New')) {
        CheckCatalog($typeid, "对不起，你没有操作栏目 {$typeid} 的权限！");
        CheckCatalog($typeid, "对不起，您没有操作栏目 {$typeid} 的权限");
    }

    //对保存的内容进行处理
    if (empty($writer)) $writer = $cuserLogin->getUserName();
    if (empty($source)) $source = '未知';
@@ -107,54 +96,44 @@ function __save(){  }
    $userip = GetIP();
    $isremote  = 0;
    $serviterm = empty($serviterm) ? "" : $serviterm;

    if (!TestPurview('a_Check,a_AccCheck,a_MyCheck')) {
        $arcrank = -1;
    }
    $adminid = $cuserLogin->getUserID();

    //处理上传的缩略图
    if (empty($ddisremote)) {
        $ddisremote = 0;
    }

    $litpic = GetDDImage('none', $picname, $ddisremote);
    // 处理新的缩略图上传
    //处理新的缩略图上传
    if ($litpic_b64 != "") {
        $data = explode(',', $litpic_b64);
        $ntime = time();
        $savepath = $ddcfg_image_dir . '/' . MyDate($cfg_addon_savetype, $ntime);
        $savepath = $ddcfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime);
        CreateDir($savepath);
        $fullUrl = $savepath . '/' . dd2char(MyDate('mdHis', $ntime) . $cuserLogin->getUserID() . mt_rand(1000, 9999));
        $fullUrl = $fullUrl . ".png";

        file_put_contents($cfg_basedir . $fullUrl, base64_decode($data[1]));

        // 加水印
        WaterImg($cfg_basedir . $fullUrl, 'up');
        $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999));
        $fullUrl = $fullUrl.".png";
        file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1]));
        //加水印
        WaterImg($cfg_basedir.$fullUrl, 'up');
        $litpic = $fullUrl;
    }

    //生成文档ID
    $arcID = GetIndexKey($arcrank, $typeid, $sortrank, $channelid, $senddate, $adminid);

    if (empty($arcID)) {
        ShowMsg("无法获得主键，因此无法进行后续操作！", "-1");
        ShowMsg("无法获得主键，因此无法进行后续操作", "-1");
        exit();
    }
    if (trim($title) == '') {
        ShowMsg('标题不能为空', '-1');
        exit();
    }

    //处理body字段自动摘要、自动提取缩略图等
    $body = AnalyseHtmlBody($body, $description, $litpic, $keywords, 'htmltext');

    //自动分页
    if ($sptype == 'auto') {
        $body = SpLongBody($body, $spsize * 1024, "#p#分页标题#e#");
    }

    //分析处理附加表数据
    $inadd_f = $inadd_v = '';
    if (!empty($dede_addonfields)) {
@@ -169,44 +148,36 @@ function __save(){  }
                    if (!isset(${$vs[0]})) ${$vs[0]} = '';
                    ${$vs[0]} = GetFieldValueA(${$vs[0]}, $vs[1], $arcID);
                }
                $inadd_f .= ',' . $vs[0];
                $inadd_v .= " ,'" . ${$vs[0]} . "' ";
                $inadd_f .= ','.$vs[0];
                $inadd_v .= " ,'".${$vs[0]}."' ";
            }
        }
    }

    //处理图片文档的自定义属性
    if ($litpic != '' && !preg_match("#p#", $flag)) {
        $flag = ($flag == '' ? 'p' : $flag . ',p');
        $flag = ($flag == '' ? 'p' : $flag.',p');
    }
    if ($redirecturl != '' && !preg_match("#j#", $flag)) {
        $flag = ($flag == '' ? 'j' : $flag . ',j');
        $flag = ($flag == '' ? 'j' : $flag.',j');
    }

    //跳转网址的文档强制为动态
    if (preg_match("#j#", $flag)) $ismake = -1;

    //保存到主表
    $query = "INSERT INTO `#@__archives`(id,typeid,typeid2,sortrank,flag,ismake,channel,arcrank,click,money,title,shorttitle,
    color,writer,source,litpic,pubdate,senddate,mid,voteid,notpost,description,keywords,filename,dutyadmin,weight)
    VALUES ('$arcID','$typeid','$typeid2','$sortrank','$flag','$ismake','$channelid','$arcrank','$click','$money',
    '$title','$shorttitle','$color','$writer','$source','$litpic','$pubdate','$senddate',
    '$adminid','0','$notpost','$description','$keywords','$filename','$adminid','$weight');";

    $query = "INSERT INTO `#@__archives`(id,typeid,typeid2,sortrank,flag,ismake,channel,arcrank,click,money,title,shorttitle,color,writer,source,litpic,pubdate,senddate,mid,voteid,notpost,description,keywords,filename,dutyadmin,weight)
    VALUES ('$arcID','$typeid','$typeid2','$sortrank','$flag','$ismake','$channelid','$arcrank','$click','$money','$title','$shorttitle','$color','$writer','$source','$litpic','$pubdate','$senddate','$adminid','0','$notpost','$description','$keywords','$filename','$adminid','$weight');";
    if (!$dsql->ExecuteNoneQuery($query)) {
        $gerr = $dsql->GetError();
        $dsql->ExecuteNoneQuery("DELETE FROM `#@__arctiny` WHERE id='$arcID'");
        ShowMsg("把数据保存到数据库主表 `#@__archives` 时出错，请把相关信息提交给DedeCMS官方。" . str_replace('"', '', $gerr), "javascript:;");
        ShowMsg("把数据保存到数据库主表 `#@__archives` 时出错，请把相关信息提交给DedeBIZ官方".str_replace('"', '', $gerr), "javascript:;");
        exit();
    }

    //保存到附加表
    $cts = $dsql->GetOne("SELECT addtable FROM `#@__channeltype` WHERE id='$channelid' ");
    $addtable = trim($cts['addtable']);
    if (empty($addtable)) {
        $dsql->ExecuteNoneQuery("DELETE FROM `#@__archives` WHERE id='$arcID'");
        $dsql->ExecuteNoneQuery("DELETE FROM `#@__arctiny` WHERE id='$arcID'");
        ShowMsg("没找到当前模型[{$channelid}]的主表信息，无法完成操作！。", "javascript:;");
        ShowMsg("没找到当前模型[{$channelid}]的主表信息，无法完成操作。", "javascript:;");
        exit();
    }
    $useip = GetIP();
@@ -216,7 +187,7 @@ function __save(){  }
        $gerr = $dsql->GetError();
        $dsql->ExecuteNoneQuery("Delete From `#@__archives` where id='$arcID'");
        $dsql->ExecuteNoneQuery("Delete From `#@__arctiny` where id='$arcID'");
        ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错，请把相关信息提交给DedeCMS官方。" . str_replace('"', '', $gerr), "javascript:;");
        ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错，请把相关信息提交给DedeBIZ官方".str_replace('"', '', $gerr), "javascript:;");
        exit();
    }
    //生成HTML
@@ -225,7 +196,7 @@ function __save(){  }
    if (count($_SESSION['bigfile_info']) > 0) {
        foreach ($_SESSION['bigfile_info'] as $k => $v) {
            if (!empty($v)) {
                $pictitle = ${'picinfook' . $k};
                $pictitle = ${'picinfook'.$k};
                $titleSet = '';
                if (!empty($pictitle)) {
                    $picTitle = TRUE;
@@ -237,11 +208,10 @@ function __save(){  }
    }
    $artUrl = MakeArt($arcID, true, true, $isremote);
    if ($artUrl == '') {
        $artUrl = $cfg_phpurl . "/view.php?aid=$arcID";
        $artUrl = $cfg_phpurl."/view.php?aid=$arcID";
    }
    ClearMyAddon($arcID, $title);

    // 自动更新关联内容
    //自动更新关联内容
    if (is_array($automake)) {
        foreach ($automake as $key => $value) {
            if (isset(${$key}) && !empty(${$key})) {
@@ -252,25 +222,14 @@ function __save(){  }
            }
        }
    }

    //返回成功信息
    $msg = "    　　请选择你的后续操作：
    <a href='article_add.php?cid=$typeid' class='btn btn-success btn-sm'>继续发布文章</a>
    &nbsp;&nbsp;
    <a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>查看文章</a>
    &nbsp;&nbsp;
    <a href='archives_do.php?aid=" . $arcID . "&dopost=editArchives' class='btn btn-success btn-sm'>更改文章</a>
    &nbsp;&nbsp;
    <a href='catalog_do.php?cid=$typeid&dopost=listArchives' class='btn btn-success btn-sm'>已发布文章管理</a>
    &nbsp;&nbsp;
    $backurl
  ";
    $msg = "<div style=\"line-height:36px;height:36px\">{$msg}</div>" . GetUpdateTest();
    $wintitle = "成功发布文章！";
    $msg = "请选择您的后续操作：<a href='article_add.php?cid=$typeid' class='btn btn-success btn-sm'>继续发布文章</a>&nbsp;&nbsp;<a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>查看文章</a>&nbsp;&nbsp;<a href='archives_do.php?aid=".$arcID."&dopost=editArchives' class='btn btn-success btn-sm'>更改文章</a>&nbsp;&nbsp;<a href='catalog_do.php?cid=$typeid&dopost=listArchives' class='btn btn-success btn-sm'>已发布文章管理</a>&nbsp;&nbsp;$backurl";
    $msg = "<div style=\"line-height:36px;height:36px\">{$msg}</div>".GetUpdateTest();
    $wintitle = "成功发布文章";
    $wecome_info = "文章管理::发布文章";
    $win = new OxWindow();
    $win->AddTitle("成功发布文章：");
    $win->AddMsgItem($msg);
    $winform = $win->GetWindow("hand", "&nbsp;", false);
    $win->Display();
 }
 }
--- a/src/dede/article_allowurl_edit.php
+++ b/src/dede/article_allowurl_edit.php
@@ -5,18 +5,18 @@
 *
 * @version        $Id: article_allowurl_edit.php 1 11:36 2010年10月8日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(DEDEINC . "/oxwindow.class.php");
 require_once(dirname(__FILE__)."/config.php");
 require_once(DEDEINC."/oxwindow.class.php");
 CheckPurview('sys_Source');
 if (empty($dopost)) $dopost = '';
 if (empty($allurls)) $allsource = '';
 else $allurls = stripslashes($allurls);

 $m_file = DEDEDATA . "/admin/allowurl.txt";
 $m_file = DEDEDATA."/admin/allowurl.txt";

 //保存
 if ($dopost == 'save') {
--- a/src/dede/article_coonepage_rule.php
+++ b/src/dede/article_coonepage_rule.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: article_coonepage_rule.php 1 14:12 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(DEDEINC . "/datalistcp.class.php");
 require_once(dirname(__FILE__)."/config.php");
 require_once(DEDEINC."/datalistcp.class.php");
 setcookie("ENV_GOBACK_URL", $dedeNowurl, time() + 3600, "/");
 if (empty($action)) $action = '';

@@ -20,7 +20,7 @@ function _AddNote(){ }
 if ($action == 'add') {
  $row = $dsql->GetOne("SELECT * FROM `#@__co_onepage` WHERE url LIKE '$url' ");
  if (is_array($row)) {
    echo "系统已经存在这个网址的条目！";
    echo "系统已经存在这个网址的条目";
  } else {
    $query = " INSERT INTO `#@__co_onepage`(`url`,`title`,`issource`,`lang`,`rule`) Values('$url','$title','$issource','$lang','$rule'); ";
    $dsql->ExecuteNonequery($query);
@@ -115,6 +115,6 @@ function _ShowLoad(){ }
 $sql = "";
 $sql = "SELECT id,url,title,lang,issource FROM `#@__co_onepage` ORDER BY id DESC";
 $dlist = new DataListCP();
 $dlist->SetTemplate(DEDEADMIN . "/templets/article_coonepage_rule.htm");
 $dlist->SetTemplate(DEDEADMIN."/templets/article_coonepage_rule.htm");
 $dlist->SetSource($sql);
 $dlist->Display();
--- a/src/dede/article_description_main.php
+++ b/src/dede/article_description_main.php
@@ -5,13 +5,13 @@
 *
 * @version        $Id: article_description_main.php 1 14:12 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
@ob_start();
@set_time_limit(3600);
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('sys_Keyword');
 if (empty($dojob)) $dojob = '';
 if ($dojob == '') {
@@ -98,7 +98,7 @@ if ($dojob == '') {

    //更新自动分页
    if ($dojob == 'page') {
        require_once(DEDEADMIN . "/inc/inc_archives_functions.php");
        require_once(DEDEADMIN."/inc/inc_archives_functions.php");

        $addquery  = "";
        if ($sid != 0) {
@@ -119,7 +119,7 @@ if ($dojob == '') {
        if ($totalnum > $startdd + $pagesize) {
            $limitSql = " LIMIT $startdd,$pagesize";
        } else if (($totalnum - $startdd) > 0) {
            $limitSql = " LIMIT $startdd," . ($totalnum - $startdd);
            $limitSql = " LIMIT $startdd,".($totalnum - $startdd);
        } else {
            $limitSql = "";
        }
@@ -156,7 +156,7 @@ if ($dojob == '') {
        $tjsta .= "<br/>完成处理文档总数的：$tjlen %，继续执行任务...";

        if ($tjnum < $totalnum) {
            $nurl = "article_description_main.php?totalnum=$totalnum&startdd=" . ($startdd + $pagesize) . "&pagesize=$pagesize&table={$table}&field={$field}&dsize={$dsize}&msize={$msize}&channel={$channel}&dojob={$dojob}";
            $nurl = "article_description_main.php?totalnum=$totalnum&startdd=".($startdd + $pagesize)."&pagesize=$pagesize&table={$table}&field={$field}&dsize={$dsize}&msize={$msize}&channel={$channel}&dojob={$dojob}";
            ShowMsg($tjsta, $nurl, 0, 500);
            exit();
        } else {
--- a/src/dede/article_edit.php
+++ b/src/dede/article_edit.php
@@ -1,30 +1,26 @@
 <?php

 /**
 * 文档编辑
 *
 * @version        $Id: article_edit.php 1 14:12 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('a_Edit,a_AccEdit,a_MyEdit');
 require_once(DEDEINC . "/customfields.func.php");
 require_once(DEDEADMIN . "/inc/inc_archives_functions.php");
 if (file_exists(DEDEDATA . '/template.rand.php')) {
    require_once(DEDEDATA . '/template.rand.php');
 require_once(DEDEINC."/customfields.func.php");
 require_once(DEDEADMIN."/inc/inc_archives_functions.php");
 if (file_exists(DEDEDATA.'/template.rand.php')) {
    require_once(DEDEDATA.'/template.rand.php');
 }
 if (empty($dopost)) $dopost = '';


 $aid = isset($aid) && is_numeric($aid) ? $aid : 0;
 if ($dopost != 'save') {
    require_once(DEDEADMIN . "/inc/inc_catalog_options.php");
    require_once(DEDEINC . "/dedetag.class.php");
    require_once(DEDEADMIN."/inc/inc_catalog_options.php");
    require_once(DEDEINC."/dedetag.class.php");
    ClearMyAddon();

    //读取归档信息
    $query = "SELECT ch.typename AS channelname,ar.membername AS rankname,arc.*
    FROM `#@__archives` arc
@@ -32,19 +28,19 @@ if ($dopost != 'save') {
    LEFT JOIN `#@__arcrank` ar ON ar.rank=arc.arcrank WHERE arc.id='$aid' ";
    $arcRow = $dsql->GetOne($query);
    if (!is_array($arcRow)) {
        ShowMsg("读取档案基本信息出错!", "-1");
        ShowMsg("读取档案基本信息出错", "-1");
        exit();
    }
    $query = "SELECT * FROM `#@__channeltype` WHERE id='" . $arcRow['channel'] . "'";
    $query = "SELECT * FROM `#@__channeltype` WHERE id='".$arcRow['channel']."'";
    $cInfos = $dsql->GetOne($query);
    if (!is_array($cInfos)) {
        ShowMsg("读取频道配置信息出错!", "javascript:;");
        ShowMsg("读取频道配置信息出错", "javascript:;");
        exit();
    }
    $addtable = $cInfos['addtable'];
    $addRow = $dsql->GetOne("SELECT * FROM `$addtable` WHERE aid='$aid'");
    if (!is_array($addRow)) {
        ShowMsg("读取附加信息出错!", "javascript:;");
        ShowMsg("读取附加信息出错", "javascript:;");
        exit();
    }
    $channelid = $arcRow['channel'];
@@ -54,40 +50,37 @@ if ($dopost != 'save') {
 }
 /*--------------------------------
 function __save(){  }
 -------------------------------*/ else if ($dopost == 'save') {
    require_once(DEDEINC . '/image.func.php');
    require_once(DEDEINC . '/oxwindow.class.php');
 -------------------------------*/
 else if ($dopost == 'save') {
    require_once(DEDEINC.'/image.func.php');
    require_once(DEDEINC.'/oxwindow.class.php');
    $flag = isset($flags) ? join(',', $flags) : '';
    $notpost = isset($notpost) && $notpost == 1 ? 1 : 0;

    if (empty($typeid2)) $typeid2 = 0;
    if (!isset($autokey)) $autokey = 0;
    if (!isset($remote)) $remote = 0;
    if (!isset($dellink)) $dellink = 0;
    if (!isset($autolitpic)) $autolitpic = 0;
    if (empty($litpic_b64)) $litpic_b64 = '';

    if (empty($typeid)) {
        ShowMsg("请指定文档的栏目！", "-1");
        ShowMsg("请指定文档的栏目", "-1");
        exit();
    }
    if (empty($channelid)) {
        ShowMsg("文档为非指定的类型，请检查你发布内容的表单是否合法！", "-1");
        ShowMsg("文档为非指定的类型，请检查您发布内容的表单是否合法", "-1");
        exit();
    }
    if (!CheckChannel($typeid, $channelid)) {
        ShowMsg("你所选择的栏目与当前模型不相符，请选择白色的选项！", "-1");
        ShowMsg("您所选择的栏目与当前模型不相符，请选择白色的选项", "-1");
        exit();
    }
    if (!TestPurview('a_Edit')) {
        if (TestPurview('a_AccEdit')) {
            CheckCatalog($typeid, "对不起，你没有操作栏目 {$typeid} 的文档权限！");
            CheckCatalog($typeid, "对不起，您没有操作栏目 {$typeid} 的文档权限");
        } else {
            CheckArcAdmin($id, $cuserLogin->getUserID());
        }
    }


    //对保存的内容进行处理
    $pubdate = GetMkTime($pubdate);
    $sortrank = AddDay($pubdate, $sortup);
@@ -107,16 +100,13 @@ function __save(){  }
        $arcrank = -1;
    }
    $adminid = $cuserLogin->getUserID();

    //处理上传的缩略图
    if (empty($ddisremote)) {
        $ddisremote = 0;
    }
    $litpic = GetDDImage('none', $picname, $ddisremote);

    //分析body里的内容
    $body = AnalyseHtmlBody($body, $description, $litpic, $keywords, 'htmltext');

    //分析处理附加表数据
    $inadd_f = '';
    $inadd_v = '';
@@ -139,67 +129,60 @@ function __save(){  }
                    }
                    ${$vs[0]} = GetFieldValueA(${$vs[0]}, $vs[1], $id);
                }
                $inadd_f .= ",`{$vs[0]}` = '" . ${$vs[0]} . "'";
                $inadd_f .= ",`{$vs[0]}` = '".${$vs[0]}."'";
            }
        }
    }

    // 处理新的缩略图上传
    //处理新的缩略图上传
    if ($litpic_b64 != "") {
        $data = explode(',', $litpic_b64);
        $ntime = time();
        $savepath = $ddcfg_image_dir . '/' . MyDate($cfg_addon_savetype, $ntime);
        $savepath = $ddcfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime);
        CreateDir($savepath);
        $fullUrl = $savepath . '/' . dd2char(MyDate('mdHis', $ntime) . $cuserLogin->getUserID() . mt_rand(1000, 9999));
        $fullUrl = $fullUrl . ".png";

        file_put_contents($cfg_basedir . $fullUrl, base64_decode($data[1]));

        // 加水印
        WaterImg($cfg_basedir . $fullUrl, 'up');
        $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999));
        $fullUrl = $fullUrl.".png";
        file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1]));
        //加水印
        WaterImg($cfg_basedir.$fullUrl, 'up');
        $litpic = $fullUrl;
    }

    //处理图片文档的自定义属性
    if ($litpic != '' && !preg_match("#p#", $flag)) {
        $flag = ($flag == '' ? 'p' : $flag . ',p');
        $flag = ($flag == '' ? 'p' : $flag.',p');
    }
    if ($redirecturl != '' && !preg_match("#j#", $flag)) {
        $flag = ($flag == '' ? 'j' : $flag . ',j');
        $flag = ($flag == '' ? 'j' : $flag.',j');
    }

    //跳转网址的文档强制为动态
    if (preg_match("#j#", $flag)) $ismake = -1;
    //更新数据库的SQL语句
    $query = "UPDATE #@__archives SET
    typeid='$typeid',
    typeid2='$typeid2',
    sortrank='$sortrank',
    flag='$flag',
    click='$click',
    ismake='$ismake',
    arcrank='$arcrank',
    money='$money',
    title='$title',
    color='$color',
    writer='$writer',
    source='$source',
    litpic='$litpic',
    pubdate='$pubdate',
    notpost='$notpost',
    description='$description',
    keywords='$keywords',
    shorttitle='$shorttitle',
    filename='$filename',
    dutyadmin='$adminid',
    weight='$weight'
    WHERE id='$id'; ";

    $query = "UPDATE `#@__archives` SET
    `typeid`='$typeid',
    `typeid2`='$typeid2',
    `sortrank`='$sortrank',
    `flag`='$flag',
    `click`='$click',
    `ismake`='$ismake',
    `arcrank`='$arcrank',
    `money`='$money',
    `title`='$title',
    `color`='$color',
    `writer`='$writer',
    `source`='$source',
    `litpic`='$litpic',
    `pubdate`='$pubdate',
    `notpost`='$notpost',
    `description`='$description',
    `keywords`='$keywords',
    `shorttitle`='$shorttitle',
    `filename`='$filename',
    `dutyadmin`='$adminid',
    `weight`='$weight'
    WHERE `id`='$id'; ";
    if (!$dsql->ExecuteNoneQuery($query)) {
        ShowMsg('更新数据库archives表时出错，请检查', -1);
        exit();
    }

    $cts = $dsql->GetOne("SELECT addtable FROM `#@__channeltype` WHERE id='$channelid' ");
    $addtable = trim($cts['addtable']);
    if ($addtable != '') {
@@ -207,20 +190,18 @@ function __save(){  }
        $templet = empty($templet) ? '' : $templet;
        $iquery = "UPDATE `$addtable` SET typeid='$typeid',body='$body'{$inadd_f},redirecturl='$redirecturl',templet='$templet',userip='$useip' WHERE aid='$id'";
        if (!$dsql->ExecuteNoneQuery($iquery)) {
            ShowMsg("更新附加表 `$addtable`  时出错，请检查原因！", "javascript:;");
            ShowMsg("更新附加表 `$addtable`  时出错，请检查原因", "javascript:;");
            exit();
        }
    }

    //生成HTML
    UpIndexKey($id, $arcrank, $typeid, $sortrank, $tags);
    $artUrl = MakeArt($id, true, true, $isremote);
    if ($artUrl == '') {
        $artUrl = $cfg_phpurl . "/view.php?aid=$id";
        $artUrl = $cfg_phpurl."/view.php?aid=$id";
    }
    ClearMyAddon($id, $title);

    // 自动更新关联内容
    //自动更新关联内容
    if (is_array($automake)) {
        foreach ($automake as $key => $value) {
            if (isset(${$key}) && !empty(${$key})) {
@@ -233,24 +214,12 @@ function __save(){  }
    }

    //返回成功信息
    $msg = "
    　　请选择你的后续操作：
    <a href='article_add.php?cid=$typeid' class='btn btn-success btn-sm'>发布新文章</a>
    &nbsp;&nbsp;
    <a href='archives_do.php?aid=" . $id . "&dopost=editArchives' class='btn btn-success btn-sm'>查看更改</a>
    &nbsp;&nbsp;
    <a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>查看文章</a>
    &nbsp;&nbsp;
    <a href='catalog_do.php?cid=$typeid&dopost=listArchives' class='btn btn-success btn-sm'>管理文章</a>
    &nbsp;&nbsp;
    $backurl
    ";

    $wintitle = "成功更改文章！";
    $msg = "请选择您的后续操作：<a href='article_add.php?cid=$typeid' class='btn btn-success btn-sm'>发布新文章</a>&nbsp;&nbsp;<a href='archives_do.php?aid=".$id."&dopost=editArchives' class='btn btn-success btn-sm'>查看更改</a>&nbsp;&nbsp;<a href='$artUrl' target='_blank' class='btn btn-success btn-sm'>查看文章</a>&nbsp;&nbsp;<a href='catalog_do.php?cid=$typeid&dopost=listArchives' class='btn btn-success btn-sm'>管理文章</a>&nbsp;&nbsp;$backurl";
    $wintitle = "成功更改文章";
    $wecome_info = "文章管理::更改文章";
    $win = new OxWindow();
    $win->AddTitle("成功更改文章：");
    $win->AddMsgItem($msg);
    $winform = $win->GetWindow("hand", "&nbsp;", false);
    $win->Display();
 }
 }
--- a/src/dede/article_keywords_main.php
+++ b/src/dede/article_keywords_main.php
@@ -5,13 +5,13 @@
 *
 * @version        $Id: article_keywords_main.php 1 14:12 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('sys_Keyword');
 require_once(DEDEINC . "/datalistcp.class.php");
 require_once(DEDEINC."/datalistcp.class.php");
 setcookie("ENV_GOBACK_URL", $dedeNowurl, time() + 3600, "/");
 if (empty($dopost)) $dopost = '';

@@ -20,23 +20,23 @@ if (empty($dopost)) $dopost = '';
 if ($dopost == 'saveall') {
    $ENV_GOBACK_URL = empty($_COOKIE['ENV_GOBACK_URL']) ? "article_keywords_main.php" : $_COOKIE['ENV_GOBACK_URL'];
    if (!isset($aids)) {
        ShowMsg("你没有选择要更改的内容！", $ENV_GOBACK_URL);
        ShowMsg("您没有选择要更改的内容！", $ENV_GOBACK_URL);
        exit();
    }
    foreach ($aids as $aid) {
        $rpurl = ${'rpurl_' . $aid};
        $rpurlold = ${'rpurlold_' . $aid};
        $keyword = ${'keyword_' . $aid};
        $rpurl = ${'rpurl_'.$aid};
        $rpurlold = ${'rpurlold_'.$aid};
        $keyword = ${'keyword_'.$aid};

        //删除项目
        if (!empty(${'isdel_' . $aid})) {
        if (!empty(${'isdel_'.$aid})) {
            $dsql->ExecuteNoneQuery("DELETE FROM `#@__keywords` WHERE aid='$aid'");
            continue;
        }

        //禁用项目
        $staold = ${'staold_' . $aid};
        $sta = empty(${'isnouse_' . $aid}) ? 1 : 0;
        $staold = ${'staold_'.$aid};
        $sta = empty(${'isnouse_'.$aid}) ? 1 : 0;
        if ($staold != $sta) {
            $query1 = "UPDATE `#@__keywords` SET sta='$sta',rpurl='$rpurl' WHERE aid='$aid' ";
            $dsql->ExecuteNoneQuery($query1);
@@ -66,7 +66,7 @@ else if ($dopost == 'add') {
        ShowMsg("关键字已存在库中！", "-1");
        exit();
    }
    $inquery = "INSERT INTO `#@__keywords`(keyword,rank,sta,rpurl) VALUES ('$keyword','$rank','1','$rpurl');";
    $inquery = "INSERT INTO `#@__keywords`(`keyword`,`rank`,`sta`,`rpurl`) VALUES ('$keyword','$rank','1','$rpurl');";
    $dsql->ExecuteNoneQuery($inquery);
    ShowMsg("成功增加一个关键字！", $ENV_GOBACK_URL);
    exit();
@@ -78,11 +78,11 @@ if (empty($keyword)) {
    $addquery = " WHERE keyword LIKE '%$keyword%' ";
 }

 $sql = "SELECT * FROM `#@__keywords` $addquery ORDER BY rank DESC";
 $sql = "SELECT * FROM `#@__keywords` $addquery ORDER BY `rank` DESC";
 $dlist = new DataListCP();
 $dlist->pageSize = 20;
 $dlist->SetParameter("keyword", $keyword);
 $dlist->SetTemplate(DEDEADMIN . "/templets/article_keywords_main.htm");
 $dlist->SetTemplate(DEDEADMIN."/templets/article_keywords_main.htm");
 $dlist->SetSource($sql);
 $dlist->Display();

--- a/src/dede/article_keywords_make.php
+++ b/src/dede/article_keywords_make.php
@@ -5,13 +5,13 @@
 *
 * @version        $Id: article_keywords_make.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
@ob_start();
@set_time_limit(3600);
 require_once(dirname(__FILE__) . '/config.php');
 require_once(dirname(__FILE__).'/config.php');
 CheckPurview('sys_Keyword');
 if (empty($dopost)) $dopost = '';

@@ -43,14 +43,14 @@ if ($dopost == 'analyse') {
                    continue;
                }
                if (isset($ws[$v])) {
                    $mykey .= $v . " ";
                    $mykey .= $v." ";
                } else if (isset($wsnew[$v])) {
                    $mykey .= $v . ' ';
                    $mykey .= $v.' ';
                    $wsnew[$v]++;
                } else if (isset($wserr[$v])) {
                    $nerr = true;
                } else {
                    $mykey .= $v . " ";
                    $mykey .= $v." ";
                    $wsnew[$v] = 1;
                }
            }
@@ -68,7 +68,7 @@ if ($dopost == 'analyse') {
            if (strlen($k) > 20) {
                continue;
            }
            $dsql->SetQuery("INSERT INTO `#@__keywords`(keyword,rank,sta,rpurl) VALUES('" . addslashes($k) . "','$v','1','')");
            $dsql->SetQuery("INSERT INTO `#@__keywords`(keyword,`rank`,sta,rpurl) VALUES('".addslashes($k)."','$v','1','')");
            $dsql->Execute();
        }
        echo "完成关键字的导入！<br/>\r\n";
@@ -84,7 +84,7 @@ if ($dopost == 'analyse') {
 }
 //自动获取关键字（适用于默认的文章模型）
 else if ($dopost == 'fetch') {
    require_once(DEDEINC . "/splitword.class.php");
    require_once(DEDEINC."/splitword.class.php");
    if (empty($startdd)) {
        $startdd = 0;
    }
@@ -105,7 +105,7 @@ else if ($dopost == 'fetch') {
    if ($totalnum > $startdd + $pagesize) {
        $limitSql = " LIMIT $startdd,$pagesize";
    } else if (($totalnum - $startdd) > 0) {
        $limitSql = " LIMIT $startdd," . ($totalnum - $startdd);
        $limitSql = " LIMIT $startdd,".($totalnum - $startdd);
    } else {
        $limitSql = '';
    }
@@ -127,7 +127,7 @@ else if ($dopost == 'fetch') {
                $tjnum++;
                $id = $row->id;
                $keywords = "";
                $data = $client->Spliteword($row->title . Html2Text($row->body));
                $data = $client->Spliteword($row->title.Html2Text($row->body));
                $keywords = $data->data;
                $keywords = addslashes($keywords);
                if ($keywords == '') {
@@ -162,7 +162,7 @@ else if ($dopost == 'fetch') {
                            break;
                        } else {
                            if (strlen($k) <= 2) continue;
                            $keywords .= $k . ",";
                            $keywords .= $k.",";
                        }
                    }
                    foreach ($allindexs as $k => $v) {
@@ -170,7 +170,7 @@ else if ($dopost == 'fetch') {
                            break;
                        } else if (!in_array($k, $titleindexs)) {
                            if (strlen($k) <= 2) continue;
                            $keywords .= $k . ",";
                            $keywords .= $k.",";
                        }
                    }
                }
@@ -194,7 +194,7 @@ else if ($dopost == 'fetch') {
    $tjsta .= "<br/>完成处理文档总数的：$tjlen %，位置：{$startdd}，继续执行任务...";

    if ($tjnum < $totalnum) {
        $nurl = "article_keywords_make.php?dopost=fetch&totalnum=$totalnum&startdd=" . ($startdd + $pagesize) . "&pagesize=$pagesize";
        $nurl = "article_keywords_make.php?dopost=fetch&totalnum=$totalnum&startdd=".($startdd + $pagesize)."&pagesize=$pagesize";
        ShowMsg($tjsta, $nurl, 0, 500);
    } else {
        ShowMsg("完成所有任务！", "javascript:;");
--- a/src/dede/article_keywords_select.php
+++ b/src/dede/article_keywords_select.php
@@ -5,21 +5,21 @@
 *
 * @version        $Id: article_keywords_select.php$
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(DEDEINC . "/datalistcp.class.php");
 require_once(dirname(__FILE__)."/config.php");
 require_once(DEDEINC."/datalistcp.class.php");
 setcookie("ENV_GOBACK_URL", $dedeNowurl, time() + 3600, "/");

 $f = RemoveXSS($f);

 if (empty($keywords)) $keywords = "";

 $sql = "SELECT * FROM #@__keywords ORDER BY rank DESC";
 $sql = "SELECT * FROM `#@__keywords` ORDER BY `rank` DESC";
 $dlist = new DataListCP();
 $dlist->SetTemplate(DEDEADMIN . "/templets/article_keywords_select.htm");
 $dlist->SetTemplate(DEDEADMIN."/templets/article_keywords_select.htm");
 $dlist->pageSize = 300;
 $dlist->SetParameter("f", $f);
 $dlist->SetSource($sql);
@@ -33,6 +33,6 @@ function GetSta($sta)

 function GetMan($sta)
 {
    if ($sta == 1) return "<u>禁用</u>";
    else return "<u>启用</u>";
    if ($sta == 1) return "禁用";
    else return "启用";
 }
--- a/src/dede/article_select_sw.php
+++ b/src/dede/article_select_sw.php
@@ -3,18 +3,18 @@
 /**
 * @version        $Id: article_select_sw.php 1 8:26 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require(dirname(__FILE__) . "/config.php");
 require(dirname(__FILE__)."/config.php");
 header("Pragma:no-cache");
 header("Cache-Control:no-cache");
 header("Expires:0");

 //来源列表
 if ($t == 'source') {
    $m_file = DEDEDATA . "/admin/source.txt";
    $m_file = DEDEDATA."/admin/source.txt";
    $allsources = file($m_file);
    echo "<div class='coolbg4'>[<a href=\"javascript:OpenMyWin('article_source_edit.php');ClearDivCt('mysource');\">设置</a>]&nbsp;";
    echo "[<a href='#' onclick='javascript:HideObj(\"mysource\");ChangeFullDiv(\"hide\");'>关闭</a>]</div>\r\n<div class='wsselect'>\r\n";
@@ -27,7 +27,7 @@ if ($t == 'source') {
    echo "</div><div class='coolbg5'>&nbsp;</div>";
 } else {
    //作者列表
    $m_file = DEDEDATA . "/admin/writer.txt";
    $m_file = DEDEDATA."/admin/writer.txt";
    echo "<div class='coolbg4'>[<a href=\"javascript:OpenMyWin('article_writer_edit.php');ClearDivCt('mywriter');\">设置</a>]&nbsp;";
    echo "[<a href='#' onclick='javascript:HideObj(\"mywriter\");ChangeFullDiv(\"hide\");'>关闭</a>]</div>\r\n<div class='wsselect'>\r\n";
    if (filesize($m_file) > 0) {
--- a/src/dede/article_source_edit.php
+++ b/src/dede/article_source_edit.php
@@ -5,18 +5,18 @@
 *
 * @version        $Id: archives_add.php 1 14:30 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(DEDEINC . "/oxwindow.class.php");
 require_once(dirname(__FILE__)."/config.php");
 require_once(DEDEINC."/oxwindow.class.php");
 CheckPurview('sys_Source');
 if (empty($dopost)) $dopost = '';
 if (empty($allsource)) $allsource = '';
 else $allsource = stripslashes($allsource);

 $m_file = DEDEDATA . "/admin/source.txt";
 $m_file = DEDEDATA."/admin/source.txt";

 //保存
 if ($dopost == 'save') {
--- a/src/dede/article_string_mix.php
+++ b/src/dede/article_string_mix.php
@@ -5,19 +5,19 @@
 *
 * @version        $Id: article_string_mix.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(DEDEINC . '/oxwindow.class.php');
 require_once(dirname(__FILE__).'/config.php');
 require_once(DEDEINC.'/oxwindow.class.php');
 CheckPurview('sys_StringMix');
 if (empty($dopost)) $dopost = '';

 if (empty($allsource)) $allsource = '';
 else $allsource = stripslashes($allsource);

 $m_file = DEDEDATA . "/downmix.data.php";
 $m_file = DEDEDATA."/downmix.data.php";

 //保存
 if ($dopost == "save") {
@@ -42,7 +42,7 @@ $win = new OxWindow();
 $win->Init('article_string_mix.php', 'js/blank.js', 'POST');
 $win->AddHidden('dopost', 'save');
 $win->AddHidden('token', $_SESSION['token']);
 $win->AddTitle("如果你要启用字符串混淆来防采集，请在文档模板需要的字段加上 function='RndString(@me)' 属性，如：{dede:field name='body' function='RndString(@me)'/}。");
 $win->AddTitle("如果您要启用字符串混淆来防采集，请在文档模板需要的字段加上 function='RndString(@me)' 属性，如：{dede:field name='body' function='RndString(@me)'/}。");
 $win->AddMsgItem("<textarea name='allsource' id='allsource' style='width:100%;height:300px'>$allsource</textarea>");
 $winform = $win->GetWindow('ok');
 $win->Display();
--- a/src/dede/article_template_rand.php
+++ b/src/dede/article_template_rand.php
@@ -5,16 +5,16 @@
 *
 * @version        $Id: article_template_rand.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(DEDEINC . '/oxwindow.class.php');
 require_once(dirname(__FILE__).'/config.php');
 require_once(DEDEINC.'/oxwindow.class.php');
 CheckPurview('sys_StringMix');
 if (empty($dopost)) $dopost = '';
 $templates = empty($templates) ? '' : stripslashes($templates);
 $m_file = DEDEDATA . '/template.rand.php';
 $m_file = DEDEDATA.'/template.rand.php';

 //----------------------action
 $okmsg = '';
@@ -25,7 +25,7 @@ if ($dopost == 'save') {
    flock($fp, 3);
    fwrite($fp, $templates);
    fclose($fp);
    $okmsg = '成功保存配置信息 AT:(' . MyDate('H:i:s', time()) . ')';
    $okmsg = '成功保存配置信息 AT:('.MyDate('H:i:s', time()).')';
 }
 //对旧文档进行随机模板处理
 else if ($dopost == 'makeold') {
@@ -33,19 +33,19 @@ else if ($dopost == 'makeold') {
    set_time_limit(3600);
    if (!file_exists($m_file)) {
        AjaxHead();
        echo "配置文件不存在！";
        echo "配置文件不存在";
        exit();
    }
    require_once($m_file);
    if ($cfg_tamplate_rand == 0) {
        AjaxHead();
        echo "系统没开启允许随机模板的选项！";
        echo "系统没开启允许随机模板的选项";
        exit();
    }
    $totalTmp = count($cfg_tamplate_arr) - 1;
    if ($totalTmp < 1) {
        AjaxHead();
        echo "随机模板的数量必须为2个或以上！";
        echo "随机模板的数量必须为2个或以上";
        exit();
    }
    for ($i = 0; $i < 10; $i++) {
@@ -53,7 +53,7 @@ else if ($dopost == 'makeold') {
        $dsql->ExecuteNoneQuery(" Update `#@__addonarticle` set templet='$temp' where RIGHT(aid, 1)='$i' ");
    }
    AjaxHead();
    echo "全部随机操作成功！";
    echo "全部随机操作成功";
    exit();
 }
 //清除全部的指定模板
@@ -62,7 +62,7 @@ else if ($dopost == 'clearold') {
    $dsql->ExecuteNoneQuery(" Update `#@__addonarticle` set templet='' ");
    $dsql->ExecuteNoneQuery(" OPTIMIZE TABLE `#@__addonarticle` ");
    AjaxHead();
    echo "全部清除操作成功！";
    echo "全部清除操作成功";
    exit();
 }

@@ -96,8 +96,8 @@ function DoRand(jobname)
 </div>
 <table width='98%' align='center'>
 <tr>
    <td height='28'>
    如果你想对旧的文章应用随机模板设置，请点击此对旧文章进行处理(必须设置好模板项)！
    <td height='26'>
    如果您想对旧的文章应用随机模板设置，请点击此对旧文章进行处理(必须设置好模板项)
    &nbsp; <a href='#' onclick='DoRand(\"makeold\")' class='btn btn-success btn-sm'>设置全部</a>
    &nbsp; <a href='#' onclick='DoRand(\"clearold\")' class='btn btn-success btn-sm'>取消全部</a>
    &nbsp; <span id='tmpct' style='color:red;font-weight:bold'>$okmsg</span>
@@ -115,7 +115,7 @@ $win = new OxWindow();
 $win->Init('article_template_rand.php', 'js/blank.js', 'POST');
 $win->AddHidden('dopost', 'save');
 $win->AddHidden('token', $_SESSION['token']);
 $win->AddTitle("本设置仅适用于系统默认的文章模型，设置后发布文章时会自动按指定的模板随机获取一个，如果不想使用此功能，把它设置为空即可！");
 $win->AddTitle("本设置仅适用于系统默认的文章模型，设置后发布文章时会自动按指定的模板随机获取一个，如果不想使用此功能，把它设置为空即可");
 $win->AddMsgItem($msg);
 $winform = $win->GetWindow('ok');
 $win->Display();
--- a/src/dede/article_test_same.php
+++ b/src/dede/article_test_same.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: article_test_same.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
@set_time_limit(0);
 CheckPurview('sys_ArcBatch');
 if (empty($dopost)) $dopost = '';
@@ -18,7 +18,7 @@ if ($dopost == 'analyse') {
    if (is_array($arr)) {
        $maintable = $arr['maintable'];
    } else {
        showmsg('频道id不正确，无法处理！', 'javascript:;');
        showmsg('频道id不正确，无法处理', 'javascript:;');
        exit();
    }
    $dsql->SetQuery("SELECT COUNT(title) AS dd,title FROM `$maintable` WHERE channel='$channelid' GROUP BY title ORDER BY dd DESC LIMIT 0, $pagesize");
@@ -29,13 +29,13 @@ if ($dopost == 'analyse') {
 }
 //删除选中的内容（只保留一条）
 else if ($dopost == 'delsel') {
    require_once(dirname(__FILE__) . "/../include/typelink.class.php");
    require_once(dirname(__FILE__) . "/inc/inc_batchup.php");
    require_once(dirname(__FILE__)."/../include/typelink.class.php");
    require_once(dirname(__FILE__)."/inc/inc_batchup.php");

    if (empty($titles)) {
        header("Content-Type: text/html; charset={$cfg_ver_lang}");
        echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset={$cfg_ver_lang}\">\r\n";
        echo "没有指定删除的文档！";
        echo "没有指定删除的文档";
        exit();
    }

@@ -72,7 +72,7 @@ else if ($dopost == 'delsel') {
        }
    }
    $dsql->ExecuteNoneQuery(" OPTIMIZE TABLE `$maintable`; ");
    ShowMsg("一共删除了[{$totalarc}]篇重复的文档！", "javascript:;");
    ShowMsg("一共删除了[{$totalarc}]篇重复的文档", "javascript:;");
    exit();
 }

--- a/src/dede/article_test_title.php
+++ b/src/dede/article_test_title.php
@@ -5,15 +5,15 @@
 *
 * @version        $Id: article_test_same.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 AjaxHead();
 if (empty($t) || $cfg_check_title == 'N') exit;

 $row = $dsql->GetOne("SELECT id FROM `#@__archives` WHERE title LIKE '$t' ");
 if (is_array($row)) {
    echo "提示：系统已经存在标题为 '<a href='../plus/view.php?aid={$row['id']}' style='color:red' target='_blank'><u>$t</u></a>' 的文档。[<a href='#' onclick='javascript:HideObj(\"mytitle\")'>关闭</a>]";
    echo "提示：系统已经存在标题为 '<a href='../plus/view.php?aid={$row['id']}' style='color:red' target='_blank'>$t</a>' 的文档。[<a href='#' onclick='javascript:HideObj(\"mytitle\")'>关闭</a>]";
 }
--- a/src/dede/article_writer_edit.php
+++ b/src/dede/article_writer_edit.php
@@ -5,19 +5,19 @@
 *
 * @version        $Id: article_writer_edit.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(DEDEINC . '/oxwindow.class.php');
 require_once(dirname(__FILE__).'/config.php');
 require_once(DEDEINC.'/oxwindow.class.php');
 CheckPurview('sys_Writer');
 if (empty($dopost)) $dopost = '';

 if (empty($allwriter)) $allwriter = '';
 else $allwriter = stripslashes($allwriter);

 $m_file = DEDEDATA . "/admin/writer.txt";
 $m_file = DEDEDATA."/admin/writer.txt";

 //保存
 if ($dopost == "save") {
--- a/src/dede/baidunews.php
+++ b/src/dede/baidunews.php
@@ -5,16 +5,16 @@
 *
 * @version        $Id: baidunews.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");

 if (empty($do)) {
    include DEDEADMIN . '/templets/baidunews.htm';
    include DEDEADMIN.'/templets/baidunews.htm';
 } else {
    $baidunews = "<?xml version=\"1.0\" encoding=\"" . $cfg_soft_lang . "\" ?>\n";
    $baidunews = "<?xml version=\"1.0\" encoding=\"".$cfg_soft_lang."\" ?>\n";
    $baidunews .= "<document>\n";
    $baidunews .= "<webSite>$cfg_webname </webSite>\n";
    $baidunews .= "<webMaster>$cfg_adminemail </webMaster>\n";
@@ -37,7 +37,7 @@ if (empty($do)) {
        $title = dede_htmlspecialchars($row['title']);
        $row1 = GetOneArchive($row['id']);
        if (strpos($row1['arcurl'], 'http://') === false) {
            $link = ($cfg_basehost == '' ? 'http://' . $_SERVER["HTTP_HOST"] . $cfg_cmspath : $cfg_basehost) . $row1['arcurl'];
            $link = ($cfg_basehost == '' ? 'http://'.$_SERVER["HTTP_HOST"].$cfg_cmspath : $cfg_basehost).$row1['arcurl'];
        } else {
            $link = $row1['arcurl'];
        }
@@ -46,7 +46,7 @@ if (empty($do)) {
        $text = dede_htmlspecialchars(strip_tags($row['body']));
        $image = $row['litpic'] == '' ? '' : $row['litpic'];
        if ($image != '' && strpos($image, 'http://') === false) {
            $image = ($cfg_basehost == '' ? 'http://' . $_SERVER["HTTP_HOST"] . $cfg_cmspath : $cfg_basehost) . $image;
            $image = ($cfg_basehost == '' ? 'http://'.$_SERVER["HTTP_HOST"].$cfg_cmspath : $cfg_basehost).$image;
        }
        //$headlineimg = '';
        $keywords = dede_htmlspecialchars($row['keywords']);
@@ -71,7 +71,7 @@ if (empty($do)) {
    }
    $baidunews .= "</document>\n";

    $fp = fopen(dirname(__FILE__) . '/' . $filename, 'w');
    $fp = fopen(dirname(__FILE__).'/'.$filename, 'w');
    fwrite($fp, $baidunews);
    fclose($fp);
    showmsg("<a href='{$filename}' target=\"_blank\">{$filename} make success</a>", 'javascript:;');
--- a/src/dede/cards_make.php
+++ b/src/dede/cards_make.php
@@ -5,14 +5,14 @@
 *
 * @version        $Id: cards_make.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('member_Card');
 if (empty($dopost)) $dopost = '';
 if ($dopost == '') include(DEDEADMIN . "/templets/cards_make.htm");
 if ($dopost == '') include(DEDEADMIN."/templets/cards_make.htm");

 //生成点卡
 elseif ($dopost == 'make') {
@@ -30,7 +30,7 @@ elseif ($dopost == 'make') {
    header("Content-Type: text/html; charset={$cfg_soft_lang}");

    for (; $startid < $endid; $startid++) {
        $cardid = $snprefix . $startid . '-';
        $cardid = $snprefix.$startid.'-';
        for ($p = 0; $p < $pwdgr; $p++) {
            for ($i = 0; $i < $pwdlen; $i++) {
                if ($ctype == 1) {
@@ -55,5 +55,5 @@ elseif ($dopost == 'make') {
        $dsql->ExecuteNoneQuery($inquery);
        echo "成功生成点卡：{$cardid}<br/>";
    }
    echo "成功生成 {$mnum} 个点卡！";
    echo "成功生成 {$mnum} 个点卡";
 }
--- a/src/dede/cards_manage.php
+++ b/src/dede/cards_manage.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: cards_manage.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(DEDEINC . '/datalistcp.class.php');
 require_once(dirname(__FILE__)."/config.php");
 require_once(DEDEINC.'/datalistcp.class.php');
 $dopost = empty($dopost) ? "" : $dopost;
 if ($dopost == "delete") {
    $ids = explode('`', $aids);
@@ -19,9 +19,9 @@ if ($dopost == "delete") {
        if ($dquery == "") $dquery .= "aid='$id' ";
        else $dquery .= " OR aid='$id' ";
    }
    if ($dquery != "") $dquery = " WHERE " . $dquery;
    if ($dquery != "") $dquery = " WHERE ".$dquery;
    $dsql->ExecuteNoneQuery("DELETE FROM #@__moneycard_record $dquery");
    ShowMsg("成功删除指定的记录！", "cards_manage.php");
    ShowMsg("成功删除指定的记录", "cards_manage.php");
    exit();
 } else {
    $addsql = '';
@@ -37,7 +37,7 @@ if ($dopost == "delete") {
    while ($rw = $dlist->dsql->GetArray('ts')) {
        $TypeNames[$rw['tid']] = $rw['pname'];
    }
    $tplfile = DEDEADMIN . "/templets/cards_manmage.htm";
    $tplfile = DEDEADMIN."/templets/cards_manmage.htm";

    //这两句的顺序不能更换
    $dlist->SetTemplate($tplfile);      //载入模板
@@ -50,7 +50,7 @@ function GetMemberID($mid)
    global $dsql;
    if ($mid == 0) return '0';
    $row = $dsql->GetOne("SELECT userid FROM #@__member WHERE mid='$mid' ");
    if (is_array($row)) return "<a href='member_view.php?mid={$mid}'>" . $row['userid'] . "</a>";
    if (is_array($row)) return "<a href='member_view.php?mid={$mid}'>".$row['userid']."</a>";
    else return '0';
 }

--- a/src/dede/cards_type.php
+++ b/src/dede/cards_type.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: cards_type.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(dirname(__FILE__).'/config.php');
 CheckPurview('member_Type');
 if (empty($dopost)) $dopost = "";

@@ -19,11 +19,11 @@ if ($dopost == "save") {
    $endID = $idend;
    for (; $startID <= $endID; $startID++) {
        $query = '';
        $tid = ${'ID_' . $startID};
        $pname =   ${'pname_' . $startID};
        $money =    ${'money_' . $startID};
        $num =   ${'num_' . $startID};
        if (isset(${'check_' . $startID})) {
        $tid = ${'ID_'.$startID};
        $pname =   ${'pname_'.$startID};
        $money =    ${'money_'.$startID};
        $num =   ${'num_'.$startID};
        if (isset(${'check_'.$startID})) {
            if ($pname != '') {
                $query = "UPDATE #@__moneycard_type SET pname='$pname',money='$money',num='$num' WHERE tid='$tid'";
                $dsql->ExecuteNoneQuery($query);
@@ -44,6 +44,6 @@ if ($dopost == "save") {
        $dsql->ExecuteNoneQuery($query);
    }
    header("Content-Type: text/html; charset={$cfg_soft_lang}");
    echo "<script> alert('成功更新点卡产品分类表！'); </script>";
    echo "<script> alert('成功更新点卡产品分类表'); </script>";
 }
 require_once(DEDEADMIN . "/templets/cards_type.htm");
 require_once(DEDEADMIN."/templets/cards_type.htm");
--- a/src/dede/catalog_add.php
+++ b/src/dede/catalog_add.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: catalog_add.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(DEDEINC . "/typelink.class.php");
 require_once(dirname(__FILE__)."/config.php");
 require_once(DEDEINC."/typelink.class.php");

 if (empty($listtype)) $listtype = '';
 if (empty($dopost)) $dopost = '';
@@ -27,7 +27,7 @@ if ($id == 0 && $reid == 0) {
 } else {
    $checkID = empty($id) ? $reid : $id;
    CheckPurview('t_AccNew');
    CheckCatalog($checkID, '你无权在本栏目下创建子类！');
    CheckCatalog($checkID, '您无权在本栏目下创建子类');
 }

 if (empty($myrow)) $myrow = array();
@@ -67,11 +67,11 @@ function action_savequick(){ }
            } else {
                continue;
            }
            $rank = ${'rank' . $k};
            $toptypename = trim(${'toptype' . $k});
            $sontype = trim(${'sontype' . $k});
            $rank = ${'rank'.$k};
            $toptypename = trim(${'toptype'.$k});
            $sontype = trim(${'sontype'.$k});
            $toptypedir = GetPinyin(stripslashes($toptypename));
            $toptypedir = $referpath == 'parent' ? $nextdir . '/' . $toptypedir : '/' . $toptypedir;
            $toptypedir = $referpath == 'parent' ? $nextdir.'/'.$toptypedir : '/'.$toptypedir;
            if (empty($toptypename)) {
                continue;
            }
@@ -89,7 +89,7 @@ function action_savequick(){ }
                    if ($v == '') {
                        continue;
                    }
                    $typedir = $toptypedir . '/' . GetPinyin(stripslashes($v));
                    $typedir = $toptypedir.'/'.GetPinyin(stripslashes($v));
                    $sql = str_replace('~reid~', $tid, $queryTemplate);
                    $sql = str_replace('~topid~', $tid, $sql);
                    $sql = str_replace('~rank~', $k, $sql);
@@ -109,18 +109,18 @@ function action_savequick(){ }
            } else {
                continue;
            }
            $rank = ${'rank' . $k};
            $toptypename = trim(${'reltype' . $k});
            $rank = ${'rank'.$k};
            $toptypename = trim(${'reltype'.$k});
            $toptypedir = GetPinyin(stripslashes($toptypename));
            switch ($referpath) {
                case 'parent':
                    $toptypedir = $nextdir . '/' . $toptypedir;
                    $toptypedir = $nextdir.'/'.$toptypedir;
                    break;
                case 'typepath':
                    $toptypedir = isset($row['typedir']) ? $row['typedir'] . '/' . $toptypedir : '/' . $toptypedir;
                    $toptypedir = isset($row['typedir']) ? $row['typedir'].'/'.$toptypedir : '/'.$toptypedir;
                    break;
                default:
                    $toptypedir = '/' . $toptypedir;
                    $toptypedir = '/'.$toptypedir;
                    break;
            }

@@ -136,7 +136,7 @@ function action_savequick(){ }
        }
    }
    UpDateCatCache();
    ShowMsg('成功增加指定栏目！', 'catalog_main.php');
    ShowMsg('成功增加指定栏目', 'catalog_main.php');
    exit();
 }
 /*---------------------
@@ -161,7 +161,7 @@ function action_save(){ }
        if ($upinyin == 1 || $typedir == '') {
            $typedir = GetPinyin(stripslashes($typename));
        }
        $typedir = $nextdir . '/' . $typedir;
        $typedir = $nextdir.'/'.$typedir;
        $typedir = preg_replace("#\/{1,}#", "/", $typedir);
    }

@@ -173,11 +173,11 @@ function action_save(){ }
        if ($siteurl != '') {
            $siteurl = preg_replace("#\/$#", "", $siteurl);
            if (!preg_match("#http:\/\/#i", $siteurl)) {
                ShowMsg("你绑定的二级域名无效，请用(http://host)的形式！", "-1");
                ShowMsg("您绑定的二级域名无效，请用(http://host)的形式", "-1");
                exit();
            }
            if (preg_match("#" . $cfg_basehost . "#i", $siteurl)) {
                ShowMsg("你绑定的二级域名与当前站点是同一个域，不需要绑定！", "-1");
            if (preg_match("#".$cfg_basehost."#i", $siteurl)) {
                ShowMsg("您绑定的二级域名与当前站点是同一个域，不需要绑定", "-1");
                exit();
            }
        }
@@ -188,7 +188,7 @@ function action_save(){ }
        $true_typedir = str_replace("{cmspath}", $cfg_cmspath, $typedir);
        $true_typedir = preg_replace("#\/{1,}#", "/", $true_typedir);
        if (!CreateDir($true_typedir)) {
            ShowMsg("创建目录 {$true_typedir} 失败，请检查你的路径是否存在问题！", "-1");
            ShowMsg("创建目录 {$true_typedir} 失败，请检查您的路径是否存在问题", "-1");
            exit();
        }
    }
@@ -201,14 +201,14 @@ function action_save(){ }
    '$ispart','$corank','$description','$keywords','$seotitle','$moresite','$siteurl','$sitepath','$ishidden','$cross','$crossid','$content','$smalltypes')";

    if (!$dsql->ExecuteNoneQuery($in_query)) {
        ShowMsg("保存目录数据时失败，请检查你的输入资料是否存在问题！", "-1");
        ShowMsg("保存目录数据时失败，请检查您的输入资料是否存在问题", "-1");
        exit();
    }
    UpDateCatCache();
    if ($reid > 0) {
        PutCookie('lastCid', GetTopid($reid), 3600 * 24, '/');
    }
    ShowMsg("成功创建一个分类！", "catalog_main.php");
    ShowMsg("成功创建一个分类", "catalog_main.php");
    exit();
 } //End dopost==save

--- a/src/dede/catalog_del.php
+++ b/src/dede/catalog_del.php
@@ -5,29 +5,29 @@
 *
 * @version        $Id: catalog_del.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(dirname(__FILE__).'/config.php');

 //检查权限许可
 CheckPurview('t_Del,t_AccDel');
 require_once(DEDEINC . '/typeunit.class.admin.php');
 require_once(DEDEINC . '/oxwindow.class.php');
 require_once(DEDEINC.'/typeunit.class.admin.php');
 require_once(DEDEINC.'/oxwindow.class.php');
 $id = trim(preg_replace("#[^0-9]#", '', $id));

 //检查栏目操作许可
 CheckCatalog($id, "你无权删除本栏目！");
 CheckCatalog($id, "您无权删除本栏目");
 if (empty($dopost)) $dopost = '';
 if ($dopost == 'ok') {
    $ut = new TypeUnit();
    $ut->DelType($id, $delfile);
    UpDateCatCache();
    ShowMsg("成功删除一个栏目！", "catalog_main.php");
    ShowMsg("成功删除一个栏目", "catalog_main.php");
    exit();
 }
 $dsql->SetQuery("SELECT typename,typedir FROM #@__arctype WHERE id=" . $id);
 $dsql->SetQuery("SELECT typename,typedir FROM #@__arctype WHERE id=".$id);
 $row = $dsql->GetOne();
 $wintitle = "删除栏目确认";
 $wecome_info = "<a href='catalog_main.php'>栏目管理</a> &gt;&gt; 删除栏目确认";
@@ -35,7 +35,7 @@ $win = new OxWindow();
 $win->Init('catalog_del.php', 'js/blank.js', 'POST');
 $win->AddHidden('id', $id);
 $win->AddHidden('dopost', 'ok');
 $win->AddTitle("你要确实要删除栏目： [{$row['typename']}] 吗？");
 $win->AddTitle("您要确实要删除栏目： [{$row['typename']}] 吗？");
 $win->AddItem('栏目的文件保存目录：', $row['typedir']);
 $win->AddItem('是否删除文件：', "<label><input type='radio' name='delfile' class='np' value='no' checked='1' /> 否</label> <label>&nbsp;<input type='radio' name='delfile' class='np' value='yes' /> 是</label>");
 $winform = $win->GetWindow('ok');
--- a/src/dede/catalog_do.php
+++ b/src/dede/catalog_do.php
@@ -5,13 +5,13 @@
 *
 * @version        $Id: catalog_do.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(dirname(__FILE__).'/config.php');
 if (empty($dopost)) {
    ShowMsg("对不起，请指定栏目参数！", "catalog_main.php");
    ShowMsg("对不起，请指定栏目参数", "catalog_main.php");
    exit();
 }
 $cid = empty($cid) ? 0 : intval($cid);
@@ -37,7 +37,7 @@ if ($dopost == "addArchives") {
    }
    $gurl = $row["addcon"];
    if ($gurl == "") {
        ShowMsg("对不起，你指的栏目可能有误！", "catalog_main.php");
        ShowMsg("对不起，您指的栏目可能有误", "catalog_main.php");
        exit();
    }

@@ -64,7 +64,7 @@ function listArchives();
        $typename = $row["typename"];
        $channelname = $row["channelname"];
        if ($gurl == "") {
            ShowMsg("对不起，你指的栏目可能有误！", "catalog_main.php");
            ShowMsg("对不起，您指的栏目可能有误", "catalog_main.php");
            exit();
        }
    } else if ($channelid > 0) {
@@ -83,14 +83,14 @@ function listArchives();
 //浏览通用模板目录
 function viewTempletDir();
 ---------------------------*/ else if ($dopost == "viewTemplet") {
    header("location:tpl.php?path=/" . $cfg_df_style);
    header("location:tpl.php?path=/".$cfg_df_style);
    exit();
 }
 /*------------------------
 浏览单个页面的栏目
 function ViewSgPage()
 ------------------------*/ else if ($dopost == "viewSgPage") {
    require_once(DEDEINC . "/arc.listview.class.php");
    require_once(DEDEINC."/arc.listview.class.php");
    $lv = new ListView($cid);
    $pageurl = $lv->MakeHtml();
    ShowMsg("更新缓冲，请稍后...", $pageurl);
@@ -104,7 +104,7 @@ function upRank()
    CheckPurview('t_Edit,t_AccEdit');

    //检查栏目操作许可
    CheckCatalog($cid, "你无权更改本栏目！");
    CheckCatalog($cid, "您无权更改本栏目");
    $row = $dsql->GetOne("SELECT reid,sortrank FROM #@__arctype WHERE id='$cid'");
    $reid = $row['reid'];
    $sortrank = $row['sortrank'];
@@ -123,8 +123,8 @@ function upRank()
    if (is_array($row)) {
        $maxID = $row['id'];
        for ($i = 1; $i <= $maxID; $i++) {
            if (isset(${'sortrank' . $i})) {
                $dsql->ExecuteNoneQuery("UPDATE #@__arctype SET sortrank='" . (${'sortrank' . $i}) . "' WHERE id='{$i}';");
            if (isset(${'sortrank'.$i})) {
                $dsql->ExecuteNoneQuery("UPDATE #@__arctype SET sortrank='".(${'sortrank'.$i})."' WHERE id='{$i}';");
            }
        }
    }
@@ -175,7 +175,7 @@ function GetJs
 function GetSunListsMenu();
 -----------*/ else if ($dopost == "GetSunListsMenu") {
    $userChannel = $cuserLogin->getUserChannel();
    require_once(DEDEINC . "/typeunit.class.menu.php");
    require_once(DEDEINC."/typeunit.class.menu.php");
    AjaxHead();
    PutCookie('lastCidMenu', $cid, 3600 * 24, "/");
    $tu = new TypeUnit($userChannel);
@@ -185,7 +185,7 @@ function GetSunListsMenu();
 获得子类的内容
 function GetSunLists();
 -----------*/ else if ($dopost == "GetSunLists") {
    require_once(DEDEINC . "/typeunit.class.admin.php");
    require_once(DEDEINC."/typeunit.class.admin.php");
    AjaxHead();
    PutCookie('lastCid', $cid, 3600 * 24, "/");
    $tu = new TypeUnit();
@@ -200,9 +200,9 @@ function GetSunLists();
 function unitCatalog() { }
 -----------------*/ else if ($dopost == 'unitCatalog') {
    CheckPurview('t_Move');
    require_once(DEDEINC . '/oxwindow.class.php');
    require_once(DEDEINC . '/typelink.class.php');
    require_once(DEDEINC . '/channelunit.func.php');
    require_once(DEDEINC.'/oxwindow.class.php');
    require_once(DEDEINC.'/typelink.class.php');
    require_once(DEDEINC.'/channelunit.func.php');
    if (empty($nextjob)) {
        $typeid = isset($typeid) ? intval($typeid) : 0;
        $row = $dsql->GetOne("SELECT COUNT(*) AS dd FROM `#@__arctype` WHERE reid='$typeid' ");
@@ -211,7 +211,7 @@ function unitCatalog() { }
        $reid = $tl->TypeInfos['reid'];
        $channelid = $tl->TypeInfos['channeltype'];
        if (!empty($row['dd'])) {
            ShowMsg("栏目： $typename($typeid) 有子栏目，不能进行合并操作！", '-1');
            ShowMsg("栏目： $typename($typeid) 有子栏目，不能进行合并操作", '-1');
            exit();
        }
        $typeOptions = $tl->GetOptionArray(0, 0, $channelid);
@@ -224,19 +224,19 @@ function unitCatalog() { }
        $win->AddHidden('channelid', $channelid);
        $win->AddHidden('nextjob', 'unitok');
        $win->AddTitle("合并目录时不会删除原来的栏目目录，合并后需手动更新目标栏目的文档HTML和列表HTML。");
        $win->AddItem('你选择的栏目是：', "<font color='red'>$typename($typeid)</font>");
        $win->AddItem('你希望合并到那个栏目？', "<select name='unittype'>\r\n{$typeOptions}\r\n</select>");
        $win->AddItem('您选择的栏目是：', "<font color='red'>$typename($typeid)</font>");
        $win->AddItem('您希望合并到那个栏目？', "<select name='unittype'>\r\n{$typeOptions}\r\n</select>");
        $win->AddItem('注意事项：', '栏目不能有下级子栏目，只允许子级到更高级或同级或不同父级的情况。');
        $winform = $win->GetWindow('ok');
        $win->Display();
        exit();
    } else {
        if ($typeid == $unittype) {
            ShowMsg("同一栏目无法合并,请后退重试！", '-1');
            ShowMsg("同一栏目无法合并,请后退重试", '-1');
            exit();
        }
        if (IsParent($unittype, $typeid)) {
            ShowMsg('不能从父类合并到子类！', 'catalog_main.php');
            ShowMsg('不能从父类合并到子类', 'catalog_main.php');
            exit();
        }
        $row = $dsql->GetOne("SELECT addtable FROM `#@__channeltype` WHERE id='$channelid' ");
@@ -249,7 +249,7 @@ function unitCatalog() { }
        $dsql->ExecuteNoneQuery("UPDATE `$addtable` SET typeid='$unittype' WHERE typeid='$typeid' ");
        $dsql->ExecuteNoneQuery("DELETE FROM `#@__arctype` WHERE id='$typeid' ");
        UpDateCatCache();
        ShowMsg('成功合并指定栏目！', 'catalog_main.php');
        ShowMsg('成功合并指定栏目', 'catalog_main.php');
        exit();
    }
 }
@@ -258,9 +258,9 @@ function unitCatalog() { }
 function moveCatalog() { }
 -----------------*/ else if ($dopost == 'moveCatalog') {
    CheckPurview('t_Move');
    require_once(DEDEINC . '/oxwindow.class.php');
    require_once(DEDEINC . '/typelink.class.php');
    require_once(DEDEINC . '/channelunit.func.php');
    require_once(DEDEINC.'/oxwindow.class.php');
    require_once(DEDEINC.'/typelink.class.php');
    require_once(DEDEINC.'/channelunit.func.php');
    if (empty($nextjob)) {
        $tl = new TypeLink($typeid);
        $typename = $tl->TypeInfos['typename'];
@@ -276,24 +276,24 @@ function moveCatalog() { }
        $win->AddHidden('channelid', $channelid);
        $win->AddHidden('nextjob', 'unitok');
        $win->AddTitle("移动目录时不会删除原来已创建的列表，移动后需重新对栏目创建HTML。");
        $win->AddItem('你选择的栏目是：', "$typename($typeid)");
        $win->AddItem('你希望移动到那个栏目？', "<select name='movetype'>\r\n<option value='0'>移动为顶级栏目</option>\r\n$typeOptions\r\n</select>");
        $win->AddItem('您选择的栏目是：', "$typename($typeid)");
        $win->AddItem('您希望移动到那个栏目？', "<select name='movetype'>\r\n<option value='0'>移动为顶级栏目</option>\r\n$typeOptions\r\n</select>");
        $win->AddItem('注意事项：', '不允许从父级移动到子级目录，只允许子级到更高级或同级或不同父级的情况。');
        $winform = $win->GetWindow('ok');
        $win->Display();
        exit();
    } else {
        if ($typeid == $movetype) {
            ShowMsg('移对对象和目标位置相同！', 'catalog_main.php');
            ShowMsg('移对对象和目标位置相同', 'catalog_main.php');
            exit();
        }
        if (IsParent($movetype, $typeid)) {
            ShowMsg('不能从父类移动到子类！', 'catalog_main.php');
            ShowMsg('不能从父类移动到子类', 'catalog_main.php');
            exit();
        }
        $dsql->ExecuteNoneQuery(" UPDATE `#@__arctype` SET reid='$movetype' WHERE id='$typeid' ");
        UpDateCatCache();
        ShowMsg('成功移动目录！', 'catalog_main.php');
        ShowMsg('成功移动目录', 'catalog_main.php');
        exit();
    }
 }
--- a/src/dede/catalog_edit.php
+++ b/src/dede/catalog_edit.php
@@ -1,25 +1,21 @@
 <?php

 /**
 * 栏目编辑
 *
 * @version        $Id: catalog_edit.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(DEDEINC . "/typelink.class.php");
 require_once(dirname(__FILE__)."/config.php");
 require_once(DEDEINC."/typelink.class.php");
 if (empty($dopost)) $dopost = '';
 $id = isset($id) ? intval($id) : 0;

 //检查权限许可
 CheckPurview('t_Edit,t_AccEdit');

 //检查栏目操作许可
 CheckCatalog($id, '你无权更改本栏目！');

 CheckCatalog($id, '您无权更改本栏目');
 /*-----------------------
 function action_save()
 ----------------------*/
@@ -33,78 +29,72 @@ if ($dopost == "save") {
        $uptopsql = " ,siteurl='$siteurl',sitepath='$sitepath',ishidden='$ishidden' ";
    }
    if ($ispart != 0) $cross = 0;

    $upquery = "UPDATE `#@__arctype` SET
     issend='$issend',
     sortrank='$sortrank',
     typename='$typename',
     typedir='$typedir',
     isdefault='$isdefault',
     defaultname='$defaultname',
     issend='$issend',
     ishidden='$ishidden',
     channeltype='$channeltype',
     tempindex='$tempindex',
     templist='$templist',
     temparticle='$temparticle',
     namerule='$namerule',
     namerule2='$namerule2',
     ispart='$ispart',
     corank='$corank',
     description='$description',
     keywords='$keywords',
     seotitle='$seotitle',
     moresite='$moresite',
     `cross`='$cross',
     `content`='$content',
     `crossid`='$crossid',
     `smalltypes`='$smalltypes'
     $uptopsql
    issend='$issend',
    sortrank='$sortrank',
    typename='$typename',
    typedir='$typedir',
    isdefault='$isdefault',
    defaultname='$defaultname',
    issend='$issend',
    ishidden='$ishidden',
    channeltype='$channeltype',
    tempindex='$tempindex',
    templist='$templist',
    temparticle='$temparticle',
    namerule='$namerule',
    namerule2='$namerule2',
    ispart='$ispart',
    corank='$corank',
    description='$description',
    keywords='$keywords',
    seotitle='$seotitle',
    moresite='$moresite',
    `cross`='$cross',
    `content`='$content',
    `crossid`='$crossid',
    `smalltypes`='$smalltypes'
    $uptopsql
    WHERE id='$id' ";

    if (!$dsql->ExecuteNoneQuery($upquery)) {
        ShowMsg("保存当前栏目更改时失败，请检查你的输入资料是否存在问题！", "-1");
        ShowMsg("保存当前栏目更改时失败，请检查您的输入资料是否存在问题", "-1");
        exit();
    }

    //如果选择子栏目可投稿，更新顶级栏目为可投稿
    if ($topid > 0 && $issend == 1) {
        $dsql->ExecuteNoneQuery("UPDATE `#@__arctype` SET issend='$issend' WHERE id='$topid'; ");
    }
    $slinks = " id IN (" . GetSonIds($id) . ")";

    $slinks = " id IN (".GetSonIds($id).")";
    //修改顶级栏目时强制修改下级的多站点支持属性
    if ($topid == 0 && preg_match("#,#", $slinks)) {
        $upquery = "UPDATE `#@__arctype` SET moresite='$moresite', siteurl='$siteurl',sitepath='$sitepath',ishidden='$ishidden' WHERE 1=1 AND $slinks";
        $dsql->ExecuteNoneQuery($upquery);
    }

    //更改子栏目属性
    if (!empty($upnext)) {
        $upquery = "UPDATE `#@__arctype` SET
       issend='$issend',
       defaultname='$defaultname',
       channeltype='$channeltype',
       tempindex='$tempindex',
       templist='$templist',
       temparticle='$temparticle',
       namerule='$namerule',
       namerule2='$namerule2',
       ishidden='$ishidden'
     WHERE 1=1 AND $slinks";
    $upquery = "UPDATE `#@__arctype` SET
    issend='$issend',
    defaultname='$defaultname',
    channeltype='$channeltype',
    tempindex='$tempindex',
    templist='$templist',
    temparticle='$temparticle',
    namerule='$namerule',
    namerule2='$namerule2',
    ishidden='$ishidden'
    WHERE 1=1 AND $slinks";
        if (!$dsql->ExecuteNoneQuery($upquery)) {
            ShowMsg("更改当前栏目成功，但更改下级栏目属性时失败！", "-1");
            ShowMsg("更改当前栏目成功，但更改下级栏目属性时失败", "-1");
            exit();
        }
    }
    UpDateCatCache();
    ShowMsg("成功更改一个分类！", "catalog_main.php");
    ShowMsg("成功更改一个分类", "catalog_main.php");
    exit();
 } //End Save Action
 else if ($dopost == "savetime") {
    $uptopsql = '';
    $slinks = " id IN (" . GetSonIds($id) . ")";

    $slinks = " id IN (".GetSonIds($id).")";
    //顶级栏目二级域名根目录处理
    if ($topid == 0 && $moresite == 1) {
        $sitepath = $typedir;
@@ -118,27 +108,24 @@ else if ($dopost == "savetime") {
    if ($topid > 0 && $issend == 1) {
        $dsql->ExecuteNoneQuery("UPDATE `#@__arctype` SET issend='$issend' WHERE id='$topid'; ");
    }

    $upquery = "UPDATE `#@__arctype` SET
     issend='$issend',
     sortrank='$sortrank',
     typedir='$typedir',
     typename='$typename',
        isdefault='$isdefault',
     defaultname='$defaultname',
     ispart='$ispart',
     corank='$corank' $uptopsql
    issend='$issend',
    sortrank='$sortrank',
    typedir='$typedir',
    typename='$typename',
    isdefault='$isdefault',
    defaultname='$defaultname',
    ispart='$ispart',
    corank='$corank' $uptopsql
    WHERE id='$id' ";

    if (!$dsql->ExecuteNoneQuery($upquery)) {
        ShowMsg("保存当前栏目更改时失败，请检查你的输入资料是否存在问题！", "-1");
        ShowMsg("保存当前栏目更改时失败，请检查您的输入资料是否存在问题", "-1");
        exit();
    }
    UpDateCatCache();
    ShowMsg("成功更改一个分类！", "catalog_main.php");
    ShowMsg("成功更改一个分类", "catalog_main.php");
    exit();
 }

 //读取栏目信息
 $dsql->SetQuery("SELECT tp.*,ch.typename as ctypename FROM `#@__arctype` tp LEFT JOIN `#@__channeltype` ch ON ch.id=tp.channeltype WHERE tp.id=$id");
 $myrow = $dsql->GetOne();
@@ -152,7 +139,6 @@ if ($topid > 0) {
    }
 }
 $myrow['content'] = empty($myrow['content']) ? "&nbsp;" : $myrow['content'];

 //读取频道模型信息
 $channelid = $myrow['channeltype'];
 $dsql->SetQuery("SELECT id,typename,nid FROM `#@__channeltype` WHERE id<>-1 AND isshow=1 ORDER BY id");
@@ -168,105 +154,92 @@ PutCookie('lastCid', GetTopid($id), 3600 * 24, "/");
 if ($dopost == 'time') {
 ?>
    <form name="form1" action="catalog_edit.php" method="post" onSubmit="return checkSubmit();">
        <input type="hidden" name="dopost" value="savetime" />
        <input type="hidden" name="id" value="<?php echo $id; ?>" />
        <input type="hidden" name="topid" value="<?php echo $myrow['topid']; ?>" />
        <input type="hidden" name="moresite" value="<?php echo $myrow['moresite']; ?>" />
        <input type="hidden" name="dopost" value="savetime">
        <input type="hidden" name="id" value="<?php echo $id; ?>">
        <input type="hidden" name="topid" value="<?php echo $myrow['topid']; ?>">
        <input type="hidden" name="moresite" value="<?php echo $myrow['moresite']; ?>">
        <table width="100%" border="0" cellpadding="0" cellspacing="0">
            <tr>
                <td class='bline' height="26" align="center" colspan="2">
                    <a href='catalog_edit.php?id=<?php echo $id; ?>'><u>当前是快捷编辑模式，如果您要修改更详细的参数，请使用高级模式&gt;&gt;</u></a>
                    <a href='catalog_edit.php?id=<?php echo $id; ?>'>当前是快捷编辑模式，您要修改更详细的参数，请使用高级模式</a>
                </td>
            </tr>
            <tr>
                <td width="150" class='bline' height="26" align="center">是否支持投稿：</td>
                <td class='bline'>
                    <label><input type='radio' name='issend' value='0' class='np' <?php if ($myrow['issend'] == "0") echo " checked='1' "; ?> />
                        不支持</label>&nbsp;
                    <label><input type='radio' name='issend' value='1' class='np' <?php if ($myrow['issend'] == "1") echo " checked='1' "; ?> />
                        支持</label></td>
                    <label><input type='radio' name='issend' value='0' class='np' <?php if ($myrow['issend'] == "0") echo " checked='1' "; ?>>&nbsp;不支持</label>
                    <label><input type='radio' name='issend' value='1' class='np' <?php if ($myrow['issend'] == "1") echo " checked='1' "; ?>>&nbsp;支持</label>
                </td>
            </tr>
            <!-- 在快速修改更改内容模型后，因为模板没改变，会导致错误，因此去除些选择框。 -->
            <tr>
                <td class='bline' height="26" align="center">
                    <font color='red'>内容模型：</font>
                </td>
                <td class='bline' height="26" align="center">内容模型：</td>
                <td class='bline'>
                    <?php
                    foreach ($channelArray as $k => $arr) {
                        if ($k == $channelid) echo "{$arr['typename']} | {$arr['nid']}";
                    }
                    ?>
                    <a href='catalog_edit.php?id=<?php echo $id; ?>'><u>[修改]</u></a>
                    <a href='catalog_edit.php?id=<?php echo $id; ?>' class='btn btn-success btn-sm'>修改</a>
                </td>
            </tr>
            <tr>
                <td class='bline' height="26" align="center">
                    <font color='red'>栏目名称：</font>
                </td>
                <td class='bline'><input name="typename" type="text" id="typename" size="30" value="<?php echo $myrow['typename'] ?>" class="iptxt" /></td>
                <td class='bline' height="26" align="center">栏目名称：</td>
                <td class='bline'><input name="typename" type="text" id="typename" value="<?php echo $myrow['typename'] ?>" style="width:260px" class="iptxt"></td>
            </tr>
            <tr>
                <td class='bline' height="26" align="center"> 排列顺序： </td>
                <td class='bline'> <input name="sortrank" size="6" type="text" value="<?php echo $myrow['sortrank'] ?>" class="iptxt" />
                    （由低 -&gt; 高） </td>
                <td class='bline'> <input name="sortrank" type="text" value="<?php echo $myrow['sortrank'] ?>" style="width:100" class="iptxt">（由低 -&gt; 高）</td>
            </tr>
            <tr>
                <td class='bline' height="26" align="center">浏览权限：</td>
                <td class='bline'> <select name="corank" id="corank" style="width:100">
                        <?php
                        $dsql->SetQuery("SELECT * FROM #@__arcrank WHERE rank >= 0");
                        $dsql->Execute();
                        while ($row = $dsql->GetObject()) {
                            if ($myrow['corank'] == $row->rank)
                                echo "<option value='" . $row->rank . "' selected>" . $row->membername . "</option>\r\n";
                <td class='bline'>
                    <select name="corank" id="corank" style="width:100">
                    <?php
                    $dsql->SetQuery("SELECT * FROM #@__arcrank WHERE rank >= 0");
                    $dsql->Execute();
                    while ($row = $dsql->GetObject()) {
                        if ($myrow['corank'] == $row->rank)
                            echo "<option value='".$row->rank."' selected>".$row->membername."</option>\r\n";
                            else
                                echo "<option value='" . $row->rank . "'>" . $row->membername . "</option>\r\n";
                        }
                        ?>
                    </select>
                    (仅限制栏目里的文档浏览权限) </td>
                            echo "<option value='".$row->rank."'>".$row->membername."</option>\r\n";
                    }
                    ?>
                    </select>（仅限制栏目里的文档浏览权限）
                </td>
            </tr>
            <tr>
                <td class='bline' height="26" align="center">文件保存目录：</td>
                <td class='bline'><input name="typedir" type="text" id="typedir" value="<?php echo $myrow['typedir'] ?>" style="width:300px" class="iptxt" /></td>
                <td class='bline'><input name="typedir" type="text" id="typedir" value="<?php echo $myrow['typedir'] ?>" style="width:260px"class="iptxt"></td>
            </tr>
            <tr>
                <td height="26" align="center" class='bline'>栏目列表选项：</td>
                <td class='bline'>
                    <label><input type='radio' name='isdefault' value='1' class='np' <?php if ($myrow['isdefault'] == 1) echo " checked='1' "; ?> />
                        链接到默认页</label>
                    <label><input type='radio' name='isdefault' value='0' class='np' <?php if ($myrow['isdefault'] == 0) echo " checked='1' "; ?> />
                        链接到列表第一页</label>
                    <label><input type='radio' name='isdefault' value='-1' class='np' <?php if ($myrow['isdefault'] == -1) echo " checked='1' "; ?> />
                        使用动态页</label> </td>
                    <label><input type='radio' name='isdefault' value='1' class='np' <?php if ($myrow['isdefault'] == 1) echo " checked='1' "; ?>>&nbsp;链接到默认页</label>
                    <label><input type='radio' name='isdefault' value='0' class='np' <?php if ($myrow['isdefault'] == 0) echo " checked='1' "; ?>>&nbsp;链接到列表第一页</label>
                    <label><input type='radio' name='isdefault' value='-1' class='np' <?php if ($myrow['isdefault'] == -1) echo " checked='1' "; ?>>&nbsp;使用动态页</label></td>
            </tr>
            <tr>
                <td class='bline' height="26" align="center">默认页的名称： </td>
                <td class='bline'><input name="defaultname" type="text" value="<?php echo $myrow['defaultname'] ?>" class="iptxt" /></td>
                <td class='bline' height="26" align="center">默认页的名称：</td>
                <td class='bline'><input name="defaultname" type="text" value="<?php echo $myrow['defaultname'] ?>" style="width:260px" class="iptxt"></td>
            </tr>
            <tr>
                <td height="26" class='bline' align="center">栏目属性：</td>
                <td class='bline'>
                    <label><input name="ispart" type="radio" id="radio" value="0" class='np' <?php if ($myrow['ispart'] == 0) echo " checked='1' "; ?> />
                        最终列表栏目（允许在本栏目发布文档，并生成文档列表）</label><br>
                    <label><input name="ispart" type="radio" id="radio2" value="1" class='np' <?php if ($myrow['ispart'] == 1) echo " checked='1' "; ?> />

                        频道封面（栏目本身不允许发布文档）</label><br>
                    <label><input name="ispart" type="radio" id="radio3" value="2" class='np' <?php if ($myrow['ispart'] == 2) echo " checked='1' "; ?> />
                        外部连接（在"文件保存目录"处填写网址） </label> </td>
                    <label><input name="ispart" type="radio" id="radio" value="0" class='np' <?php if ($myrow['ispart'] == 0) echo " checked='1' "; ?>>&nbsp;最终列表栏目（允许在本栏目发布文档，并生成文档列表）</label><br>
                    <label><input name="ispart" type="radio" id="radio2" value="1" class='np' <?php if ($myrow['ispart'] == 1) echo " checked='1' "; ?>>&nbsp;频道封面（栏目本身不允许发布文档）</label><br>
                    <label><input name="ispart" type="radio" id="radio3" value="2" class='np' <?php if ($myrow['ispart'] == 2) echo " checked='1' "; ?>>&nbsp;外部连接（在"文件保存目录"处填写网址）</label>
                </td>
            </tr>
            <tr>
                <td align="center" colspan="2" height="54" bgcolor='#FAFEE0'>
                    <input name="imageField" type="image" src="images/button_ok.gif" width="60" height="22" border="0" class="np" />
                    &nbsp;&nbsp;&nbsp;
                    <a title='关闭' onclick='CloseMsg()'><img src="images/button_back.gif" width="60" height="22" border="0"></a>
                <td align="center" colspan="2" height="50" bgcolor='#FAFEE0'>
                    <button onclick='getSelCat("<?php echo $targetid; ?>");' class='btn btn-success'>保存</button>
                    <button type='button' onclick='CloseMsg()' class='btn btn-success'>关闭</button>
                </td>
            </tr>
        </table>
    </form>
 <?php
    exit();
 exit();
 } else {
    include DedeInclude('templets/catalog_edit.htm');
 }
--- a/src/dede/catalog_main.php
+++ b/src/dede/catalog_main.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: catalog_main.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(DEDEINC . "/typeunit.class.admin.php");
 require_once(dirname(__FILE__)."/config.php");
 require_once(DEDEINC."/typeunit.class.admin.php");
 $userChannel = $cuserLogin->getUserChannel();
 include DedeInclude('templets/catalog_main.htm');
--- a/src/dede/catalog_menu.php
+++ b/src/dede/catalog_menu.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: catalog_menu.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(DEDEINC . "/typeunit.class.menu.php");
 require_once(dirname(__FILE__)."/config.php");
 require_once(DEDEINC."/typeunit.class.menu.php");
 $userChannel = $cuserLogin->getUserChannel();
 if (empty($opendir)) $opendir = -1;
 if ($userChannel > 0) $opendir = $userChannel;
--- a/src/dede/config.php
+++ b/src/dede/config.php
@@ -1,11 +1,10 @@
 <?php

 /**
 * 管理目录配置文件
 *
 * @version        $Id: config.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
@@ -15,30 +14,18 @@ require_once(DEDEINC . '/userlogin.class.php');
 header('Cache-Control:private');
 $dsql->safeCheck = FALSE;
 $dsql->SetLongLink();
 $cfg_admin_skin = 1; // 后台管理风格

 $cfg_admin_skin = 1;//后台管理风格
 if (file_exists(DEDEDATA . '/admin/skin.txt')) {
    $skin = file_get_contents(DEDEDATA . '/admin/skin.txt');
    $cfg_admin_skin = !in_array($skin, array(1, 2, 3, 4)) ? 1 : $skin;
 }

 // 检查CSRF
 //检查CSRF
 function CheckCSRF()
 {
    $cc_csrf_token_check = GetCookie("dede_csrf_token");
    if (
        !(isset($_POST['_csrf_token'], $cc_csrf_token_check)
            && is_string($_POST['_csrf_token']) && is_string($cc_csrf_token_check)
            && hash_equals($_POST['_csrf_token'], $cc_csrf_token_check))
    ) {
        ShowMsg('CSRF校验失败，请刷新页面重新提交', '-1');
        exit();
    }

    DropCookie("dede_csrf_token");
 }

 // 生成CSRF校验token，在比较重要的表单中应该要加上这个token校验
 //生成CSRF校验token，在比较重要的表单中应该要加上这个token校验
 $cc_csrf_token = GetCookie("dede_csrf_token");
 if (!isset($GLOBALS['csrf_token']) || $GLOBALS['csrf_token'] === null) {
    if (
@@ -50,22 +37,17 @@ if (!isset($GLOBALS['csrf_token']) || $GLOBALS['csrf_token'] === null) {
        $GLOBALS['csrf_token'] = md5(uniqid(mt_rand(), TRUE));
    }
 }

 if (strtoupper($_SERVER['REQUEST_METHOD']) !== 'POST') {
    PutCookie('dede_csrf_token', $GLOBALS['csrf_token'], 7200, '/');
 }


 //获得当前脚本名称，如果你的系统被禁用了$_SERVER变量，请自行更改这个选项
 //获得当前脚本名称，如果您的系统被禁用了$_SERVER变量，请自行更改这个选项
 $dedeNowurl = $s_scriptName = '';
 $isUrlOpen = @ini_get('allow_url_fopen');
 $dedeNowurl = GetCurUrl();
 $dedeNowurls = explode('?', $dedeNowurl);
 $s_scriptName = $dedeNowurls[0];

 //检验用户登录状态
 $cuserLogin = new userLogin();

 if ($cuserLogin->getUserID() == -1) {
    if (preg_match("#PHP (.*) Development Server#", $_SERVER['SERVER_SOFTWARE'])) {
        $dirname = dirname($_SERVER['SCRIPT_NAME']);
@@ -75,7 +57,6 @@ if ($cuserLogin->getUserID() == -1) {
    }
    exit();
 }

 function XSSClean($val)
 {
    if (is_array($val)) {
@@ -87,7 +68,6 @@ function XSSClean($val)
    }
    return RemoveXss($val);
 }

 if ($cfg_dede_log == 'Y') {
    $s_nologfile = '_main|_list';
    $s_needlogfile = 'sys_|file_';
@@ -102,16 +82,13 @@ if ($cfg_dede_log == 'Y') {
        $dsql->ExecuteNoneQuery($inquery);
    }
 }

 //管理缓存、管理员频道缓存
 //管理缓存管理员频道缓存
 $cache1 = DEDEDATA . '/cache/inc_catalog_base.inc';
 if (!file_exists($cache1)) UpDateCatCache();
 $cacheFile = DEDEDATA . '/cache/admincat_' . $cuserLogin->userID . '.inc';
 if (file_exists($cacheFile)) require_once($cacheFile);

 //更新服务器
 require_once(DEDEDATA . '/admin/config_update.php');

 if (strlen($cfg_cookie_encode) <= 10) {
    $chars = 'abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789';
    $hash = '';
@@ -123,7 +100,7 @@ if (strlen($cfg_cookie_encode) <= 10) {
    $dsql->ExecuteNoneQuery("UPDATE `#@__sysconfig` SET `value`='{$hash}' WHERE varname='cfg_cookie_encode' ");
    $configfile = DEDEDATA . '/config.cache.inc.php';
    if (!is_writeable($configfile)) {
        echo "配置文件'{$configfile}'不支持写入，无法修改系统配置参数！";
        echo "配置文件'{$configfile}'不支持写入，无法修改系统配置参数";
        exit();
    }
    $fp = fopen($configfile, 'w');
@@ -142,7 +119,6 @@ if (strlen($cfg_cookie_encode) <= 10) {
    fwrite($fp, "?" . ">");
    fclose($fp);
 }

 /**
 *  更新栏目缓存
 *
@@ -161,7 +137,7 @@ function UpDateCatCache()
    $fp1Header = "<{$phph}php\r\nglobal \$cfg_Cs;\r\n\$cfg_Cs=array();\r\n";
    fwrite($fp1, $fp1Header);
    while ($row = $dsql->GetObject()) {
        // 将typename缓存起来
        //将typename缓存起来
        $row->typename = base64_encode($row->typename);
        fwrite($fp1, "\$cfg_Cs[{$row->id}]=array({$row->reid},{$row->channeltype},{$row->issend},'{$row->typename}');\r\n");
    }
@@ -171,8 +147,7 @@ function UpDateCatCache()
    @unlink($cache2);
    @unlink($cache3);
 }

 // 清空选项缓存
 //清空选项缓存
 function ClearOptCache()
 {
    $tplCache = DEDEDATA . '/tplcache/';
@@ -186,7 +161,6 @@ function ClearOptCache()
    }
    return FALSE;
 }

 /**
 *  引入模板文件
 *
@@ -199,7 +173,6 @@ function DedeInclude($filename, $isabs = FALSE)
 {
    return $isabs ? $filename : DEDEADMIN . '/' . $filename;
 }

 /**
 *  根据用户mid获取用户名称
 *
@@ -217,4 +190,4 @@ if (!function_exists('GetMemberName')) {
        $rs = $dsql->GetOne("SELECT * FROM `#@__member` WHERE mid='{$mid}' ");
        return $rs['uname'];
    }
 }
 }
--- a/src/dede/content_att.php
+++ b/src/dede/content_att.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: content_att.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('sys_Att');
 if (empty($dopost)) $dopost = '';

@@ -18,13 +18,13 @@ if ($dopost == "save") {
    $startID = 1;
    $endID = $idend;
    for (; $startID <= $endID; $startID++) {
        $att = ${'att_' . $startID};
        $attname = ${'attname_' . $startID};
        $sortid = ${'sortid_' . $startID};
        $att = ${'att_'.$startID};
        $attname = ${'attname_'.$startID};
        $sortid = ${'sortid_'.$startID};
        $query = "UPDATE `#@__arcatt` SET `attname`='$attname',`sortid`='$sortid' WHERE att='$att' ";
        $dsql->ExecuteNoneQuery($query);
    }
    echo "<script> alert('成功更新自定文档义属性表！'); </script>";
    echo "<script> alert('成功更新自定文档义属性表'); </script>";
 }

 include DedeInclude('templets/content_att.htm');
--- a/src/dede/content_batch_up.php
+++ b/src/dede/content_batch_up.php
@@ -5,10 +5,10 @@
 *
 * @version        $Id: content_batch_up.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(DEDEINC . '/typelink.class.php');
 require_once(dirname(__FILE__).'/config.php');
 require_once(DEDEINC.'/typelink.class.php');
 include DedeInclude('templets/content_batch_up.htm');
--- a/src/dede/content_batchup_action.php
+++ b/src/dede/content_batchup_action.php
@@ -5,14 +5,14 @@
 *
 * @version        $Id: content_batch_up.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('sys_ArcBatch');
 require_once(DEDEINC . "/typelink.class.php");
 require_once(DEDEADMIN . "/inc/inc_batchup.php");
 require_once(DEDEINC."/typelink.class.php");
 require_once(DEDEADMIN."/inc/inc_batchup.php");
@set_time_limit(0);

 //typeid,startid,endid,seltime,starttime,endtime,action,newtypeid
@@ -29,7 +29,7 @@ if (empty($userid)) $userid = '';
 if ($action == "makehtml") {
    $jumpurl  = "makehtml_archives_action.php?endid=$endid&startid=$startid";
    $jumpurl .= "&typeid=$typeid&pagesize=20&seltime=$seltime";
    $jumpurl .= "&stime=" . urlencode($starttime) . "&etime=" . urlencode($endtime);
    $jumpurl .= "&stime=".urlencode($starttime)."&etime=".urlencode($endtime);
    header("Location: $jumpurl");
    exit();
 }
@@ -60,12 +60,12 @@ if (!empty($heightdone)) $action = $heightdone;
 //指量审核
 if ($action == 'check') {
    if (empty($startid) || empty($endid) || $endid < $startid) {
        ShowMsg('该操作必须指定起始ID！', 'javascript:;');
        ShowMsg('该操作必须指定起始ID', 'javascript:;');
        exit();
    }
    $jumpurl  = "makehtml_archives_action.php?endid=$endid&startid=$startid";
    $jumpurl .= "&typeid=$typeid&pagesize=20&seltime=$seltime";
    $jumpurl .= "&stime=" . urlencode($starttime) . "&etime=" . urlencode($endtime);
    $jumpurl .= "&stime=".urlencode($starttime)."&etime=".urlencode($endtime);
    $dsql->SetQuery("SELECT id,arcrank FROM `#@__arctiny` $gwhere");
    $dsql->Execute('c');
    while ($row = $dsql->GetObject('c')) {
@@ -80,7 +80,7 @@ if ($action == 'check') {
 //批量删除
 else if ($action == 'del') {
    if (empty($startid) || empty($endid) || $endid < $startid) {
        ShowMsg('该操作必须指定起始ID！', 'javascript:;');
        ShowMsg('该操作必须指定起始ID', 'javascript:;');
        exit();
    }
    $dsql->SetQuery("SELECT id FROM `#@__archives` $gwhere");
@@ -89,7 +89,7 @@ else if ($action == 'del') {
    while ($row = $dsql->GetObject('x')) {
        if (DelArc($row->id)) $tdd++;
    }
    ShowMsg("成功删除 $tdd 条记录！", "javascript:;");
    ShowMsg("成功删除 $tdd 条记录", "javascript:;");
    exit();
 }
 //删除空标题文档
@@ -100,7 +100,7 @@ else if ($action == 'delnulltitle') {
    while ($row = $dsql->GetObject('x')) {
        if (DelArc($row->id)) $tdd++;
    }
    ShowMsg("成功删除 $tdd 条记录！", "javascript:;");
    ShowMsg("成功删除 $tdd 条记录", "javascript:;");
    exit();
 }
 //删除空内容文章
@@ -111,36 +111,36 @@ else if ($action == 'delnullbody') {
    while ($row = $dsql->GetObject('x')) {
        if (DelArc($row->aid)) $tdd++;
    }
    ShowMsg("成功删除 $tdd 条记录！", "javascript:;");
    ShowMsg("成功删除 $tdd 条记录", "javascript:;");
    exit();
 }
 //修正缩略图错误
 else if ($action == 'modddpic') {
    $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET litpic='' WHERE trim(litpic)='litpic' ");
    ShowMsg("成功修正缩略图错误！", "javascript:;");
    ShowMsg("成功修正缩略图错误", "javascript:;");
    exit();
 }
 //批量移动
 else if ($action == 'move') {
    if (empty($typeid)) {
        ShowMsg('该操作必须指定栏目！', 'javascript:;');
        ShowMsg('该操作必须指定栏目', 'javascript:;');
        exit();
    }
    $typeold = $dsql->GetOne("SELECT * FROM #@__arctype WHERE id='$typeid'; ");
    $typenew = $dsql->GetOne("SELECT * FROM #@__arctype WHERE id='$newtypeid'; ");
    if (!is_array($typenew)) {
        ShowMsg("无法检测移动到的新栏目的信息，不能完成操作！", "javascript:;");
        ShowMsg("无法检测移动到的新栏目的信息，不能完成操作", "javascript:;");
        exit();
    }
    if ($typenew['ispart'] != 0) {
        ShowMsg("你不能把数据移动到非最终列表的栏目！", "javascript:;");
        ShowMsg("您不能把数据移动到非最终列表的栏目", "javascript:;");
        exit();
    }
    if ($typenew['channeltype'] != $typeold['channeltype']) {
        ShowMsg("不能把数据移动到内容类型不同的栏目！", "javascript:;");
        ShowMsg("不能把数据移动到内容类型不同的栏目", "javascript:;");
        exit();
    }
    $gwhere .= " And channel='" . $typenew['channeltype'] . "' And title like '%$keyword%'";
    $gwhere .= " And channel='".$typenew['channeltype']."' And title like '%$keyword%'";

    $ch = $dsql->GetOne("SELECT addtable FROM `#@__channeltype` WHERE id={$typenew['channeltype']} ");
    $addtable = $ch['addtable'];
@@ -161,7 +161,7 @@ else if ($action == 'move') {
    if ($tdd > 0) {
        $jumpurl  = "makehtml_archives_action.php?endid=$endid&startid=$startid";
        $jumpurl .= "&typeid=$newtypeid&pagesize=20&seltime=$seltime";
        $jumpurl .= "&stime=" . urlencode($starttime) . "&etime=" . urlencode($endtime);
        $jumpurl .= "&stime=".urlencode($starttime)."&etime=".urlencode($endtime);
        ShowMsg("成功移动 $tdd 条记录，准备重新生成HTML...", $jumpurl);
    } else {
        ShowMsg("完成操作，没移动任何数据...", "javascript:;");
@@ -175,12 +175,12 @@ else if ($action == 'delnulltitle') {
    while ($row = $dsql->GetObject('x')) {
        if (DelArc($row->id)) $tdd++;
    }
    ShowMsg("成功删除 $tdd 条记录！", "javascript:;");
    ShowMsg("成功删除 $tdd 条记录", "javascript:;");
    exit();
 }
 //修正缩略图错误
 else if ($action == 'modddpic') {
    $dsql->ExecuteNoneQuery("UPDATE #@__archives SET litpic='' WHERE trim(litpic)='litpic' ");
    ShowMsg("成功修正缩略图错误！", "javascript:;");
    ShowMsg("成功修正缩略图错误", "javascript:;");
    exit();
 }
--- a/src/dede/content_i_list.php
+++ b/src/dede/content_i_list.php
@@ -5,9 +5,9 @@
 *
 * @version        $Id: content_i_list.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 $s_tmplets = "templets/content_i_list.htm";
 include(dirname(__FILE__) . "/content_list.php");
 include(dirname(__FILE__)."/content_list.php");
--- a/src/dede/content_list.php
+++ b/src/dede/content_list.php
@@ -7,14 +7,14 @@
 *
 * @version        $Id: content_list.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(DEDEINC . '/typelink.class.php');
 require_once(DEDEINC . '/datalistcp.class.php');
 require_once(DEDEADMIN . '/inc/inc_list_functions.php');
 require_once(dirname(__FILE__).'/config.php');
 require_once(DEDEINC.'/typelink.class.php');
 require_once(DEDEINC.'/datalistcp.class.php');
 require_once(DEDEADMIN.'/inc/inc_list_functions.php');

 $cid = isset($cid) ? intval($cid) : 0;
 $channelid = isset($channelid) ? intval($channelid) : 0;
@@ -39,7 +39,7 @@ if (TestPurview('a_List')) {;
        $admin_catalog = join(',', $admin_catalogs);
        $userCatalogSql = " arc.typeid IN($admin_catalog) ";
    } else {
        CheckCatalog($cid, '你无权浏览非指定栏目的内容！');
        CheckCatalog($cid, '您无权浏览非指定栏目的内容');
    }
    if (TestPurview('a_MyList')) $mid =  $cuserLogin->getUserID();
 }
@@ -76,11 +76,11 @@ if (empty($totalresult) && empty($keyword) && empty($orderby) && empty($flag)) {
    }

    if (!empty($cid)) {
        $tinyQuerys[] = " typeid in(" . GetSonIds($cid) . ") ";
        $tinyQuerys[] = " typeid in(".GetSonIds($cid).") ";
    }

    if (count($tinyQuerys) > 0) {
        $tinyQuery = "WHERE " . join(' AND ', $tinyQuerys);
        $tinyQuery = "WHERE ".join(' AND ', $tinyQuerys);
    }
    // 缓存处理
    $sql = "SELECT COUNT(*) AS dd FROM `#@__arctiny` $tinyQuery ";
@@ -93,12 +93,12 @@ if ($cid == 0) {
        $positionname = '所有栏目&gt;';
    } else {
        $row = $tl->dsql->GetOne("SELECT id,typename,maintable FROM `#@__channeltype` WHERE id='$channelid'");
        $positionname = $row['typename'] . " &gt; ";
        $positionname = $row['typename']." &gt; ";
        $maintable = $row['maintable'];
        $channelid = $row['id'];
    }
 } else {
    $positionname = str_replace($cfg_list_symbol, " &gt; ", $tl->GetPositionName()) . " &gt; ";
    $positionname = str_replace($cfg_list_symbol, " &gt; ", $tl->GetPositionName())." &gt; ";
 }

 //当选择的是单表模型栏目时，直接跳转到单表模型管理区
@@ -115,8 +115,8 @@ if ($channelid < -1) {


 // 栏目大于800则需要缓存数据
 $optHash = md5($cid . serialize($admin_catalogs) . $channelid);
 $optCache = DEDEDATA . "/tplcache/inc_option_$optHash.inc";
 $optHash = md5($cid.serialize($admin_catalogs).$channelid);
 $optCache = DEDEDATA."/tplcache/inc_option_$optHash.inc";

 $typeCount = 0;
 if (file_exists($cache1)) require_once($cache1);
@@ -143,7 +143,7 @@ while ($frow = $dsql->GetArray('f')) {


 if (!empty($userCatalogSql)) {
    $whereSql .= " AND " . $userCatalogSql;
    $whereSql .= " AND ".$userCatalogSql;
 }
 if (!empty($mid)) {
    $whereSql .= " AND arc.mid = '$mid' ";
@@ -155,17 +155,17 @@ if ($flag != '') {
    $whereSql .= " AND FIND_IN_SET('$flag', arc.flag) ";
 }
 if ($cid != 0) {
    $whereSql .= ' AND arc.typeid IN (' . GetSonIds($cid) . ')';
    $whereSql .= ' AND arc.typeid IN ('.GetSonIds($cid).')';
 }
 if ($arcrank != '') {
    $whereSql .= " AND arc.arcrank = '$arcrank' ";
    $CheckUserSend = "<button type='button' class='btn btn-success btn-sm' onClick=\"location='catalog_do.php?cid=" . $cid . "&dopost=listArchives&gurl=content_list.php';\">所有文档</button>";
    $CheckUserSend = "<button type='button' class='btn btn-success btn-sm' onClick=\"location='catalog_do.php?cid=".$cid."&dopost=listArchives&gurl=content_list.php';\">所有文档</button>";
 } else {
    $CheckUserSend = "<button type='button' class='btn btn-success btn-sm' onClick=\"location='catalog_do.php?cid=" . $cid . "&dopost=listArchives&arcrank=-1&gurl=content_list.php';\">稿件审核</button>";
    $CheckUserSend = "<button type='button' class='btn btn-success btn-sm' onClick=\"location='catalog_do.php?cid=".$cid."&dopost=listArchives&arcrank=-1&gurl=content_list.php';\">稿件审核</button>";
 }

 $orderby = empty($orderby) ? 'id' : preg_replace("#[^a-z0-9]#", "", $orderby);
 $orderbyField = 'arc.' . $orderby;
 $orderbyField = 'arc.'.$orderby;

 $query = "SELECT arc.id,arc.typeid,arc.senddate,arc.flag,arc.ismake,
 arc.channel,arc.arcrank,arc.click,arc.title,arc.color,arc.litpic,arc.pubdate,arc.mid
@@ -192,7 +192,7 @@ $dlist->SetParameter('f', $f);

 //模板
 if (empty($s_tmplets)) $s_tmplets = 'templets/content_list.htm';
 $dlist->SetTemplate(DEDEADMIN . '/' . $s_tmplets);
 $dlist->SetTemplate(DEDEADMIN.'/'.$s_tmplets);

 //查询
 $dlist->SetSource($query);
--- a/src/dede/content_s_list.php
+++ b/src/dede/content_s_list.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: content_s_list.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('spec_List');
 $s_tmplets = "templets/content_s_list.htm";
 $channelid = -1;
 include(dirname(__FILE__) . "/content_list.php");
 include(dirname(__FILE__)."/content_list.php");
--- a/src/dede/content_select_list.php
+++ b/src/dede/content_select_list.php
@@ -5,9 +5,9 @@
 *
 * @version        $Id: content_select_list.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 $s_tmplets = "templets/content_select_list.htm";
 include(dirname(__FILE__) . "/content_list.php");
 include(dirname(__FILE__)."/content_list.php");
--- a/src/dede/content_sg_list.php
+++ b/src/dede/content_sg_list.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: content_sg_list.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 $cid = isset($cid) ? intval($cid) : 0;
 $channelid = isset($channelid) ? intval($channelid) : 0;
 $mid = isset($mid) ? intval($mid) : 0;
@@ -17,7 +17,7 @@ if (!isset($keyword)) $keyword = '';
 if (!isset($arcrank)) $arcrank = '';

 if (empty($cid) && empty($channelid)) {
    ShowMsg("该页面必须指定栏目ID或内容模型ID才能浏览！", "javascript:;");
    ShowMsg("该页面必须指定栏目ID或内容模型ID才能浏览", "javascript:;");
    exit();
 }

@@ -30,29 +30,29 @@ if (TestPurview('a_List')) {
    if ($cid == 0) {
        $ucid = $cid = $cuserLogin->getUserChannel();
    } else {
        CheckCatalog($cid, "你无权浏览非指定栏目的内容！");
        CheckCatalog($cid, "您无权浏览非指定栏目的内容");
    }
 }

 $adminid = $cuserLogin->getUserID();
 $maintable = '#@__archives';
 require_once(DEDEINC . "/typelink.class.php");
 require_once(DEDEINC . "/datalistcp.class.php");
 require_once(DEDEADMIN . "/inc/inc_list_functions.php");
 require_once(DEDEINC."/typelink.class.php");
 require_once(DEDEINC."/datalistcp.class.php");
 require_once(DEDEADMIN."/inc/inc_list_functions.php");
 setcookie("ENV_GOBACK_URL", $dedeNowurl, time() + 3600, "/");
 $tl = new TypeLink($cid);
 $listtable = @trim($tl->TypeInfos['addtable']);
 if (!empty($channelid) && !empty($ucid) && $tl->TypeInfos['channeltype'] != $channelid) {
    ShowMsg('你没权限访问此页！', 'javascript:;');
    ShowMsg('您没权限访问此页', 'javascript:;');
    exit();
 }

 if ($cid == 0) {
    $row = $tl->dsql->GetOne("SELECT typename,addtable FROM `#@__channeltype` WHERE id='$channelid'");
    $positionname = $row['typename'] . " &gt; ";
    $positionname = $row['typename']." &gt; ";
    $listtable = $row['addtable'];
 } else {
    $positionname = str_replace($cfg_list_symbol, " &gt; ", $tl->GetPositionName()) . " &gt; ";
    $positionname = str_replace($cfg_list_symbol, " &gt; ", $tl->GetPositionName())." &gt; ";
 }

 $optionarr = $tl->GetOptionArray($cid, $admin_catalogs, $channelid);
@@ -60,7 +60,7 @@ $whereSql = $channelid == 0 ? " WHERE arc.channel < -1 " : " WHERE arc.channel =

 if (!empty($mid)) $whereSql .= " AND arc.mid = '$mid' ";
 if ($keyword != '') $whereSql .= " AND (arc.title like '%$keyword%') ";
 if ($cid != 0) $whereSql .= " AND arc.typeid in (" . GetSonIds($cid) . ")";
 if ($cid != 0) $whereSql .= " AND arc.typeid in (".GetSonIds($cid).")";

 if ($arcrank != '') {
    $whereSql .= " AND arc.arcrank = '$arcrank' ";
@@ -81,7 +81,7 @@ $dlist->SetParameter("dopost", "listArchives");
 $dlist->SetParameter("keyword", $keyword);
 $dlist->SetParameter("cid", $cid);
 $dlist->SetParameter("channelid", $channelid);
 $dlist->SetTemplate(DEDEADMIN . "/templets/content_sg_list.htm");
 $dlist->SetTemplate(DEDEADMIN."/templets/content_sg_list.htm");
 $dlist->SetSource($query);
 $dlist->Display();
 $dlist->Close();
--- a/src/dede/content_tj.php
+++ b/src/dede/content_tj.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: content_tj.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('sys_ArcTj');
 $row1 = $dsql->GetOne("SELECT COUNT(*) AS dd FROM `#@__arctiny` ");
 $row2 = $dsql->GetOne("SELECT COUNT(*) AS dd FROM `#@__feedback` ");
@@ -35,17 +35,17 @@ function GetArchives($dsql, $ordertype)
    } else {
        $ordersql = " ORDER BY click DESC ";
    }
    $query = "SELECT id,title,click,scores FROM #@__archives $swhere $ordersql LIMIT 0,20 ";
    $query = "SELECT id,title,click,scores FROM `#@__archives` $swhere $ordersql LIMIT 0,20 ";
    $dsql->SetQuery($query);
    $dsql->Execute('ga');
    while ($row = $dsql->GetObject('ga')) {
        if (preg_match("#feedback#i", $ordertype)) {
            $moreinfo = "[<a target='_blank' href='" . $GLOBALS['cfg_phpurl'] . "/feedback.php?aid={$row->id}'><u>评论：{$row->scores}</u></a>]";
            $moreinfo = "[<a target='_blank' href='".$GLOBALS['cfg_phpurl']."/feedback.php?aid={$row->id}'>评论：{$row->scores}</a>]";
        } else {
            $moreinfo = "[点击：{$row->click}]";
        }
        echo "·<a href='archives_do.php?aid={$row->id}&dopost=viewArchives' target='_blank'>";
        echo cn_substr($row->title, 30) . "</a>{$moreinfo}<br/>\r\n";
        echo cn_substr($row->title, 30)."</a>{$moreinfo}<br/>\r\n";
    }
 }
 include DedeInclude('templets/content_tj.htm');
--- a/src/dede/css/albumupload.css
+++ b/src/dede/css/albumupload.css
@@ -1,162 +1 @@
 div.flash
 {
 	width:375px;
 	-moz-border-radius-topleft:5px;
 	-webkit-border-top-left-radius:5px;
 	-moz-border-radius-topright:5px;
 	-webkit-border-top-right-radius:5px;
 	-moz-border-radius-bottomleft:5px;
 	-webkit-border-bottom-left-radius:5px;
 	-moz-border-radius-bottomright:5px;
 	-webkit-border-bottom-right-radius:5px;
 	border-color:#D9E4FF;
 	margin:10px 5px;
 }

 #btnSubmit
 {
 	margin:0 0 0 155px;
 }

 .progressWrapper
 {
 	width:357px;
 	overflow:hidden;
 }

 .progressContainer
 {
 	border:solid 1px #E8E8E8;
 	background-color:#F7F7F7;
 	overflow:hidden;
 	margin:5px;
 	padding:4px;
 }

 .message
 {
 	border:solid 1px #FD9;
 	background-color:#FFC;
 	overflow:hidden;
 	margin:1em 0;
 	padding:10px 20px;
 }

 .red
 {
 	border:solid 1px #B50000;
 	background-color:#FFEBEB;
 }

 .green
 {
 	border:solid 1px #DDF0DD;
 	background-color:#EBFFEB;
 }

 .blue
 {
 	border:solid 1px #CEE2F2;
 	background-color:#F0F5FF;
 }

 .progressName
 {
 	font-size:8pt;
 	font-weight:700;
 	color:#555;
 	width:323px;
 	height:14px;
 	text-align:left;
 	white-space:nowrap;
 	overflow:hidden;
 }

 .progressBarInProgress,.progressBarComplete,.progressBarError
 {
 	font-size:0;
 	width:0;
 	height:2px;
 	background-color:blue;
 	margin-top:2px;
 }

 .progressBarComplete
 {
 	width:100%;
 	background-color:green;
 	visibility:hidden;
 }

 .progressBarError
 {
 	width:100%;
 	background-color:red;
 	visibility:hidden;
 }

 .progressBarStatus
 {
 	margin-top:2px;
 	width:337px;
 	font-size:7pt;
 	font-family:Arial;
 	text-align:left;
 	white-space:nowrap;
 }

 a.progressCancel
 {
 	font-size:0;
 	display:block;
 	height:14px;
 	width:14px;
 	background-image:url(../images/cancelbutton.gif);
 	background-repeat:no-repeat;
 	background-position:-14px 0;
 	float:right;
 }

 a.progressCancel:hover
 {
 	background-position:0 0;
 }

 .swfupload
 {
 	vertical-align:top;
 }

 .albCt
 {
 	float:left;
 	width:244px;
 	height:150px;
 	margin-right:10px;
 	margin-bottom:10px;
 	border:1px dashed #AAD381;
 	background:#FAFFEE;
 	text-align:center;
 	padding:3px;
 }

 .albEdit
 {
 	height:180px;
 }

 .picinfo
 {
 	height:30px;
 	line-height:30px;
 	margin:10px 0;
 }

 .thumbnails img,.thumbnailsEdit img
 {
 	margin:5px;
 }

 .albCt img {
 	height: 100px!important;
 }
 div.flash{margin:10px 5px;width:375px;border-color:#D9E4FF;border-radius:.2rem}#btnSubmit{margin:0 0 0 155px}.progressWrapper{width:357px;overflow:hidden}.progressContainer{padding:4px;margin:5px;background-color:#f8f8f8;border:solid 1px #E8E8E8;overflow:hidden}.message{margin:10px 0;padding:10px 20px;background-color:#FFC;border:solid 1px #FD9;overflow:hidden}.red{background-color:#FFEBEB;border:solid 1px #B50000}.green{background-color:#EBFFEB;border:solid 1px #DDF0DD}.blue{background-color:#F0F5FF;border:solid 1px #CEE2F2}.progressName{width:320px;height:14px;text-align:left;white-space:nowrap;overflow:hidden}.progressBarInProgress,.progressBarComplete,.progressBarError{margin-top:2px;width:0;height:2px;font-size:0;background-color:blue}.progressBarComplete{width:100%;background-color:green;visibility:hidden}.progressBarError{width:100%;background-color:red;visibility:hidden}.progressBarStatus{margin-top:2px;width:340px;text-align:left;white-space:nowrap}a.progressCancel{font-size:0;display:block;height:14px;width:14px;background-image:url(../images/cancelbutton.gif);background-repeat:no-repeat;background-position:-14px 0;float:right}a.progressCancel:hover{background-position:0 0}.swfupload{vertical-align:top}.albCt{float:left;width:240px;height:180px;margin-right:10px;margin-bottom:10px;border:1px dashed #eee;background:#f8f8f8;text-align:center;padding:10px}.albEdit{height:180px}.picinfo{height:30px;line-height:30px;margin:10px 0}.thumbnails img,.thumbnailsEdit img{margin:5px}.albCt img{height:100px!important}
--- a/src/dede/css/base.css
+++ b/src/dede/css/base.css
--- a/src/dede/css/codemirror.css
+++ b/src/dede/css/codemirror.css
--- a/src/dede/css/frame.css
+++ b/src/dede/css/frame.css
--- a/src/dede/css/indexbody.css
+++ b/src/dede/css/indexbody.css
@@ -1,205 +1 @@
 td {
    padding: 3px 0px 0 3px;
 }

 .title {
    color: #666600;
    font-weight: bold;
 }

 .title span {
    padding-left: 3px;
 }

 #addTab {
    position: absolute;
    left: 455px;
    top: 150px;
    width: 360px;
    height: 200px;
    z-index: 2;
    background-color: #FFFFFF;
    border: 1px solid #889D8F;
    padding: 0px;
    display: none;
    overflow: hidden;
 }

 #editTab {
    position: absolute;
    left: 455px;
    top: 120px;
    width: 360px;
    height: 350px;
    z-index: 1;
    background-color: #FFFFFF;
    border: 1px solid #889D8F;
    padding: 0px;
    display: none;
 }

 .txt {
    float: left;
 }

 .updatedvt {
    line-height: 23px;
    padding-left: 3px;
    width: 98%;
    border-bottom: 1px dashed #dcdcdc;
 }

 .upinfotitle {
    border-bottom: 1px solid #cccccc;
    color: red;
    font-weight: bold;
    line-height: 26px;
 }

 .verline {
    border-bottom: 1px dashed #cccccc;
    line-height: 26px;
 }

 .itemTable {
    margin-top: 8px;
    background: #CBD8AC;
 }

 #loaddiv {
    top: 0;
    left: 0;
    background: #cccccc;
    filter: Alpha(opacity=70);
    -moz-opacity: 0.7;
    position: absolute;
    z-index: 10000;
    width: 100%;
    height: 100%;
 }

 #mainmsg {
    padding-right: 8px;
 }

 .rightside {
    width: 49%;
    float: left;
    margin-right: 1%;
    height: 670px;
    scrollbar-face-color: #ffffff;
    scrollbar-highlight-color: #919192;
    scrollbar-shadow-color: #919192;
    scrollbar-3dlight-color: #ffffff;
    scrollbar-arrow-color: #919192;
    scrollbar-track-color: #ffffff;
    scrollbar-darkshadow-color: #ffffff;
 }

 .column {
    width: 49%;
    float: left;
    margin-right: 0.5%;
 }

 .placeholder {
    width: 98%;
    margin-left: 1%;
    background: #f0f0f0;
    border: 1px dashed #ddd;
 }

 .dbox {
    border: 1px solid #DEEAB6;
    width: 98%;
    margin-left: 1%;
    margin-top: 8px;
 }

 .dbox dt {
    height: 28px;
    line-height: 28px;
    font-weight: bold;
    color: #4D6C2F;
    cursor: move;
 }

 .dbox dt .l {
    float: left;
    padding-left: 8px;
 }

 .dbox dt .r {
    float: right;
    padding-right: 8px;
 }

 .dbox dt.lside {
    border-bottom: 1px solid #CFD7C4;
    background-color: rgb(239, 248, 229);
 }

 .dbox dt.rside {
    border-bottom: 1px solid #DEEAB6;
    background: url(../images/wbg.gif) repeat-x;
 }

 .dbox dd {
    padding: 0px;
 }

 .dbox dd.intable {
    padding-top: 3px;
 }

 #updatetest {
    padding: 6px;
    padding-left: 110px;
    background: url("../images/ico_spider.gif") no-repeat scroll 10px 15px transparent;
 }

 #quickmenu {
    width: 100%;
    height: 46px;
    overflow: hidden;
 }

 #quickmenu .icoitem {
    float: left;
    height: 24px;
    line-height: 24px;
    margin-top: 12px;
    padding-left: 30px;
    overflow: hidden;
 }

 .dboxtable td.nline {
    border-bottom: 1px dashed #CFD7C4;
    height: 26px;
 }

 .dboxtable1 ul li {
    float: left;
    border-bottom: 1px dashed #CFD7C4;
    height: 26px;
    line-height: 26px;
    display: inline;
    width: 48%;
    text-align: center;
 }

 .biz p {
    padding: 0 15px;
    line-height: 23px;
 }

 .biz img {
    float: right;
    margin: 40px 15px 0 15px;
 }

 .footer {
    line-height: 36px;
    margin-top: 8px;
    font-family: Verdana, Geneva, sans-serif;
 }
 .title{color:#666600;font-weight:bold}.title span{padding-left:3px}#addTab{position:absolute;left:455px;top:150px;width:360px;height:200px;z-index:2;background-color:#FFFFFF;border:1px solid #889D8F;padding:0px;display:none;overflow:hidden}#editTab{position:absolute;left:455px;top:120px;width:360px;height:350px;z-index:1;background-color:#FFFFFF;border:1px solid #889D8F;padding:0px;display:none}.txt{float:left}.updatedvt{width:98%;border-bottom:1px dashed #dcdcdc}.upinfotitle{border-bottom:1px solid #cccccc;color:red;font-weight:bold}.verline{border-bottom:1px dashed #cccccc}.itemTable{background:#CBD8AC}#loaddiv{top:0;left:0;background:#cccccc;filter:Alpha(opacity=70);-moz-opacity:0.7;position:absolute;z-index:10000;width:100%;height:100%}#mainmsg{padding-right:8px}.rightside{width:49%;float:left;margin-right:1%;height:670px}.column{width:49%;float:left;margin-right:0.5%}.placeholder{width:98%;margin-left:1%;background:#f0f0f0;border:1px dashed #ddd}.dbox{border:1px solid #DEEAB6;width:98%;margin-left:1%;margin-top:8px}.dbox dt{height:28px;line-height:28px;font-weight:bold;color:#4D6C2F;cursor:move}.dbox dt .l{float:left;padding-left:8px}.dbox dt .r{float:right;padding-right:8px}.dbox dt.lside{border-bottom:1px solid #CFD7C4;background-color:rgb(239,248,229)}.dbox dt.rside{border-bottom:1px solid #DEEAB6;background:url(../images/wbg.gif)repeat-x}.dbox dd{padding:0px}.dbox dd.intable{padding-top:0}#updatetest{padding:6px;padding-left:110px;background:url(../images/ico_spider.gif)no-repeat scroll 10px 15px transparent}#quickmenu{width:100%;height:46px;overflow:hidden}#quickmenu .icoitem{float:left;height:24px;line-height:24px;margin-top:10px;padding-left:30px;overflow:hidden}.dboxtable td.nline{border-bottom:1px dashed #CFD7C4;height:26px}.dboxtable1 ul li{float:left;border-bottom:1px dashed #CFD7C4;height:26px;line-height:26px;display:inline;width:48%;text-align:center}.biz p{padding:0 15px}.biz img{float:right;margin:40px 15px 0 15px}
--- a/src/dede/dialog/config.php
+++ b/src/dede/dialog/config.php
@@ -5,14 +5,14 @@
 *
 * @version        $Id: config.php 1 9:43 2010年7月8日Z tianya $
 * @package        DedeBIZ.Dialog
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/../../include/common.inc.php");
 require_once(DEDEINC . "/userlogin.class.php");
 require_once(dirname(__FILE__)."/../../include/common.inc.php");
 require_once(DEDEINC."/userlogin.class.php");

 //获得当前脚本名称，如果你的系统被禁用了$_SERVER变量，请自行更改这个选项
 //获得当前脚本名称，如果您的系统被禁用了$_SERVER变量，请自行更改这个选项
 $dedeNowurl   =  '';
 $s_scriptName = '';
 $isUrlOpen = @ini_get('allow_url_fopen');
@@ -27,11 +27,11 @@ $cuserLogin = new userLogin();

 if ($cuserLogin->getUserID() <= 0) {
    if (empty($adminDirHand)) {
        ShowMsg("<b>提示：需输入后台管理目录才能登录</b><br /><form>请输入后台管理目录名：<input type='hidden' name='gotopage' value='" . urlencode($dedeNowurl) . "' /><input type='text' name='adminDirHand' value='dede' style='width:120px;' /><input style='width:80px;' type='submit' name='sbt' value='转入登录' /></form>", "javascript:;");
        ShowMsg("<b>提示：需输入后台管理目录才能登录</b><br /><form>请输入后台管理目录名：<input type='hidden' name='gotopage' value='".urlencode($dedeNowurl)."' /><input type='text' name='adminDirHand' value='dede' style='width:120px;' /><input style='width:80px;' type='submit' name='sbt' value='转入登录' /></form>", "javascript:;");
        exit();
    }
    $adminDirHand = HtmlReplace($adminDirHand, 1);
    $gurl = "../../{$adminDirHand}/login.php?gotopage=" . urlencode($dedeNowurl);
    $gurl = "../../{$adminDirHand}/login.php?gotopage=".urlencode($dedeNowurl);
    echo "<script language='javascript'>location='$gurl';</script>";
    exit();
 }
--- a/src/dede/dialog/select_images.php
+++ b/src/dede/dialog/select_images.php
@@ -4,12 +4,12 @@
 *
 * @version        $Id: select_images.php 1 9:43 2010年7月8日Z tianya $
 * @package        DedeBIZ.Dialog
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 include(DEDEDATA . '/mark/inc_photowatermark_config.php');
 require_once(dirname(__FILE__)."/config.php");
 include(DEDEDATA.'/mark/inc_photowatermark_config.php');
 if (empty($activepath)) {
    $activepath = '';
 }
@@ -22,8 +22,8 @@ $activepath = preg_replace("#\/{1,}#", '/', $activepath);
 if (strlen($activepath) < strlen($cfg_medias_dir)) {
    $activepath = $cfg_medias_dir;
 }
 $inpath = $cfg_basedir . $activepath;
 $activeurl = '..' . $activepath;
 $inpath = $cfg_basedir.$activepath;
 $activeurl = '..'.$activepath;
 if (empty($f)) {
    $f = 'form1.picname';
 }
@@ -36,11 +36,11 @@ if (empty($comeback)) {
 }
 $addparm = '';
 if (!empty($CKEditor)) {
    $addparm = '&CKEditor=' . $CKEditor;
    $addparm = '&CKEditor='.$CKEditor;
    $f = $CKEditor;
 }
 if (!empty($CKEditorFuncNum)) {
    $addparm .= '&CKEditorFuncNum=' . $CKEditorFuncNum;
    $addparm .= '&CKEditorFuncNum='.$CKEditorFuncNum;
 }
 if (!empty($noeditor)) {
    $addparm .= '&noeditor=yes';
@@ -55,10 +55,10 @@ if (!empty($noeditor)) {
    <link rel="stylesheet" href="../css/base.css">
    <style>
 html{background:#f2f2f2}
 body{margin:0;line-height:22px;font:12px Helvetica Neue,Helvetica,PingFang SC,Tahoma,Arial,sans-serif}
 body{margin:0;line-height:1.5;font:12px Helvetica Neue,Helvetica,PingFang SC,Tahoma,Arial,sans-serif}
 a{text-decoration:none!important}
 table{background:#fff}
 .bg{margin:10px;border-radius:2px;box-shadow:0 1px 2px 0 rgba(0,0,0,.05)}
 .bg{margin:10px;border-radius:.2rem;box-shadow:0 1px 2px 0 rgba(0,0,0,.05)}
 .linerow{border-bottom:1px solid #eee!important}
 .napisdiv{left:40;top:10;width:150px;height:100px;position:absolute;z-index:3;display:none}
    </style>
@@ -73,7 +73,7 @@ table{background:#fff}
 </head>
 <body class="bg">
    <div id="floater" class="napisdiv">
        <a href="javascript:nullLink();" onClick="document.getElementById('floater').style.display='none';"><img src='img/picviewnone.gif' id='picview' border='0' alt='关闭预览'></a>
        <a href="javascript:nullLink();" onClick="document.getElementById('floater').style.display='none';"><img src="img/picviewnone.gif" id='picview' alt="关闭预览"></a>
    </div>
    <script src="../js/float.js"></script>
    <script>
@@ -148,10 +148,10 @@ table{background:#fff}
                            if ($filesize != "")
                                if ($filesize < 0.1) {
                                    @list($ty1, $ty2) = split("\.", $filesize);
                                    $filesize = $ty1 . "." . substr($ty2, 0, 2);
                                    $filesize = $ty1.".".substr($ty2, 0, 2);
                                } else {
                                    @list($ty1, $ty2) = split("\.", $filesize);
                                    $filesize = $ty1 . "." . substr($ty2, 0, 1);
                                    $filesize = $ty1.".".substr($ty2, 0, 1);
                                }
                            $filetime = filemtime("$inpath/$file");
                            $filetime = MyDate("Y-m-d H:i", $filetime);
@@ -162,7 +162,7 @@ table{background:#fff}
                            $tmp = preg_replace("#[\/][^\/]*$#i", "", $activepath);
                            $line = "\n<tr>
                            <td class='linerow' colspan='2'>
                            <a href='select_images.php?imgstick=$imgstick&v=$v&f=$f&activepath=" . urlencode($tmp) . $addparm . "'><img src='img/dir2.gif'>上级目录</a></td>
                            <a href='select_images.php?imgstick=$imgstick&v=$v&f=$f&activepath=".urlencode($tmp).$addparm."'><img src='img/dir2.gif'>上级目录</a></td>
                            <td colspan='2' class='linerow'>当前目录:$activepath</td>
                            </tr>";
                            echo $line;
@@ -171,12 +171,12 @@ table{background:#fff}
                            if (preg_match("#^\.(.*)$#i", $file)) continue;
                            $line = "\n<tr>
                            <td class='linerow' colspan='2'>
                            <a href='select_images.php?imgstick=$imgstick&v=$v&f=$f&activepath=" . urlencode("$activepath/$file") . $addparm . "'><img src='img/dir.gif'>$file</a></td>
                            <a href='select_images.php?imgstick=$imgstick&v=$v&f=$f&activepath=".urlencode("$activepath/$file").$addparm."'><img src='img/dir.gif'>$file</a></td>
                            <td class='linerow'></td>
                            <td class='linerow'></td>
                            </tr>";
                            echo "$line";
                        } else if (preg_match("#\.(" . $cfg_imgtype . ")#i", $file)) {
                        } else if (preg_match("#\.(".$cfg_imgtype.")#i", $file)) {
                            $reurl = "$activeurl/$file";
                            $reurl = preg_replace("#^\.\.#", "", $reurl);
                            $reurl = $reurl;
@@ -221,7 +221,7 @@ table{background:#fff}
                                    <input type="hidden" name="job" value="upload">
                                    <tr>
                                        <td>
                                            上传：<input type="file" name="imgfile" style="width:160px">
                                            上传：<input type="file" name="imgfile" style="width:160px;border:none">
                                            <label><input type="checkbox" name="needwatermark" value="1" class="np" <?php if ($photo_markup == '1') echo "checked"; ?> /> 水印 </label>
                                            <label><input type="checkbox" name="resize" value="1" class="np"> 缩小 </label>
                                            宽：<input type="text" name="iwidth" value="<?php echo $cfg_ddimg_width ?>" style="width:46px">
--- a/src/dede/dialog/select_images_post.php
+++ b/src/dede/dialog/select_images_post.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: select_images_post.php 1 9:43 2010年7月8日Z tianya $
 * @package        DedeBIZ.Dialog
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(DEDEINC . "/image.func.php");
 require_once(dirname(__FILE__)."/config.php");
 require_once(DEDEINC."/image.func.php");


 if (empty($activepath)) {
@@ -27,35 +27,35 @@ if (empty($imgfile)) {
    $imgfile = '';
 }
 if (!is_uploaded_file($imgfile)) {
    ShowMsg("你没有选择上传的文件!" . $imgfile, "-1");
    ShowMsg("您没有选择上传的文件!".$imgfile, "-1");
    exit();
 }
 $CKEditorFuncNum = (isset($CKEditorFuncNum)) ? $CKEditorFuncNum : 1;
 $imgfile_name = trim(preg_replace("#[ \r\n\t\*\%\\\/\?><\|\":]{1,}#", '', $imgfile_name));

 if (!preg_match("#\.(" . $cfg_imgtype . ")#i", $imgfile_name)) {
    ShowMsg("你所上传的图片类型不在许可列表，请更改系统对扩展名限定的配置！", "-1");
 if (!preg_match("#\.(".$cfg_imgtype.")#i", $imgfile_name)) {
    ShowMsg("您所上传的图片类型不在许可列表，请更改系统对扩展名限定的配置", "-1");
    exit();
 }
 $nowtme = time();
 $sparr = array("image/pjpeg", "image/jpeg", "image/gif", "image/png", "image/xpng", "image/wbmp");
 $imgfile_type = strtolower(trim($imgfile_type));
 if (!in_array($imgfile_type, $sparr)) {
    ShowMsg("上传的图片格式错误，请使用JPEG、GIF、PNG、WBMP格式的其中一种！", "-1");
    ShowMsg("上传的图片格式错误，请使用JPEG、GIF、PNG、WBMP格式的其中一种", "-1");
    exit();
 }
 $mdir = MyDate($cfg_addon_savetype, $nowtme);
 if (!is_dir($cfg_basedir . $activepath . "/$mdir")) {
    MkdirAll($cfg_basedir . $activepath . "/$mdir", $cfg_dir_purview);
 if (!is_dir($cfg_basedir.$activepath."/$mdir")) {
    MkdirAll($cfg_basedir.$activepath."/$mdir", $cfg_dir_purview);
    CloseFtp();
 }
 $filename_name = $cuserLogin->getUserID() . '-' . dd2char(MyDate("ymdHis", $nowtme) . mt_rand(100, 999));
 $filename = $mdir . '/' . $filename_name;
 $filename_name = $cuserLogin->getUserID().'-'.dd2char(MyDate("ymdHis", $nowtme).mt_rand(100, 999));
 $filename = $mdir.'/'.$filename_name;
 $fs = explode('.', $imgfile_name);
 $filename = $filename . '.' . $fs[count($fs) - 1];
 $filename_name = $filename_name . '.' . $fs[count($fs) - 1];
 $fullfilename = $cfg_basedir . $activepath . "/" . $filename;
 move_uploaded_file($imgfile, $fullfilename) or die("上传文件到 $fullfilename 失败！");
 $filename = $filename.'.'.$fs[count($fs) - 1];
 $filename_name = $filename_name.'.'.$fs[count($fs) - 1];
 $fullfilename = $cfg_basedir.$activepath."/".$filename;
 move_uploaded_file($imgfile, $fullfilename) or die("上传文件到 $fullfilename 失败");

@unlink($imgfile);
 if (empty($resize)) {
@@ -79,13 +79,13 @@ $imgwidthValue = $sizes[0];
 $imgheightValue = $sizes[1];
 $imgsize = filesize($fullfilename);
 $inquery = "INSERT INTO `#@__uploads`(arcid,title,url,mediatype,width,height,playtime,filesize,uptime,mid)
  VALUES ('0','$filename','" . $activepath . "/" . $filename . "','1','$imgwidthValue','$imgheightValue','0','{$imgsize}','{$nowtme}','" . $cuserLogin->getUserID() . "'); ";
  VALUES ('0','$filename','".$activepath."/".$filename."','1','$imgwidthValue','$imgheightValue','0','{$imgsize}','{$nowtme}','".$cuserLogin->getUserID()."'); ";
 $dsql->ExecuteNoneQuery($inquery);
 $fid = $dsql->GetLastID();
 AddMyAddon($fid, $activepath . '/' . $filename);
 AddMyAddon($fid, $activepath.'/'.$filename);
 $CKUpload = isset($CKUpload) ? $CKUpload : FALSE;
 if ($GLOBALS['cfg_html_editor'] == 'ckeditor' && $CKUpload) {
    $fileurl = $activepath . '/' . $filename;
    $fileurl = $activepath.'/'.$filename;
    $result = array('url' => $fileurl, "uploaded" => 1, 'fileName' => $filename);
    echo json_encode($result);
    exit;
@@ -93,8 +93,8 @@ if ($GLOBALS['cfg_html_editor'] == 'ckeditor' && $CKUpload) {


 if (!empty($noeditor)) {
    ShowMsg("成功上传一幅图片！", "select_images.php?imgstick=$imgstick&comeback=" . urlencode($filename_name) . "&v=$v&f=$f&CKEditorFuncNum=$CKEditorFuncNum&noeditor=yes&activepath=" . urlencode($activepath) . "/$mdir&d=" . time());
    ShowMsg("成功上传一幅图片", "select_images.php?imgstick=$imgstick&comeback=".urlencode($filename_name)."&v=$v&f=$f&CKEditorFuncNum=$CKEditorFuncNum&noeditor=yes&activepath=".urlencode($activepath)."/$mdir&d=".time());
 } else {
    ShowMsg("成功上传一幅图片！", "select_images.php?imgstick=$imgstick&comeback=" . urlencode($filename_name) . "&v=$v&f=$f&CKEditorFuncNum=$CKEditorFuncNum&activepath=" . urlencode($activepath) . "/$mdir&d=" . time());
    ShowMsg("成功上传一幅图片", "select_images.php?imgstick=$imgstick&comeback=".urlencode($filename_name)."&v=$v&f=$f&CKEditorFuncNum=$CKEditorFuncNum&activepath=".urlencode($activepath)."/$mdir&d=".time());
 }
 exit();
--- a/src/dede/dialog/select_media.php
+++ b/src/dede/dialog/select_media.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: select_media.php 1 9:43 2010年7月8日Z tianya $
 * @package        DedeBIZ.Dialog
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */

 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 if (empty($activepath)) {
    $activepath = '';
 }
@@ -20,8 +20,8 @@ $activepath = preg_replace("#\/{1,}#", '/', $activepath);
 if (strlen($activepath) < strlen($cfg_other_medias)) {
    $activepath = $cfg_other_medias;
 }
 $inpath = $cfg_basedir . $activepath;
 $activeurl = '..' . $activepath;
 $inpath = $cfg_basedir.$activepath;
 $activeurl = '..'.$activepath;
 if (!is_dir($inpath)) {
    die('No Exsits Path');
 }
@@ -34,10 +34,10 @@ if (empty($comeback)) {
 }
 $addparm = '';
 if (!empty($CKEditor)) {
    $addparm = '&CKEditor=' . $CKEditor;
    $addparm = '&CKEditor='.$CKEditor;
 }
 if (!empty($CKEditorFuncNum)) {
    $addparm .= '&CKEditorFuncNum=' . $CKEditorFuncNum;
    $addparm .= '&CKEditorFuncNum='.$CKEditorFuncNum;
 }
 if (!empty($noeditor)) {
    $addparm .= '&noeditor=yes';
@@ -96,10 +96,10 @@ if (!empty($noeditor)) {
                if ($filesize != "")
                    if ($filesize < 0.1) {
                        @list($ty1, $ty2) = split("\.", $filesize);
                        $filesize = $ty1 . "." . substr($ty2, 0, 2);
                        $filesize = $ty1.".".substr($ty2, 0, 2);
                    } else {
                        @list($ty1, $ty2) = split("\.", $filesize);
                        $filesize = $ty1 . "." . substr($ty2, 0, 1);
                        $filesize = $ty1.".".substr($ty2, 0, 1);
                    }
                $filetime = filemtime("$inpath/$file");
                $filetime = MyDate("Y-m-d H:i:s", $filetime);
@@ -111,7 +111,7 @@ if (!empty($noeditor)) {
                if ($activepath == "") continue;
                $tmp = preg_replace("#[\/][^\/]*$#i", "", $activepath);
                $line = "\n<tr>
    <td class='linerow'> <a href=select_media.php?f=$f&activepath=" . urlencode($tmp) . $addparm . "><img src=img/dir2.gif border=0 width=16 height=16 align=absmiddle>上级目录</a></td>
    <td class='linerow'> <a href=select_media.php?f=$f&activepath=".urlencode($tmp).$addparm."><img src=img/dir2.gif border=0 width=16 height=16 align=absmiddle>上级目录</a></td>
    <td colspan='2' class='linerow'> 当前目录:$activepath</td>
    </tr>\r\n";
                echo $line;
@@ -120,7 +120,7 @@ if (!empty($noeditor)) {
                if (preg_match("#^\.(.*)$#i", $file)) continue;
                $line = "\n<tr>
   <td bgcolor='#F9FBF0' class='linerow'>
    <a href=select_media.php?f=$f&activepath=" . urlencode("$activepath/$file") . $addparm . "><img src=img/dir.gif border=0 width=16 height=16 align=absmiddle>$file</a>
    <a href=select_media.php?f=$f&activepath=".urlencode("$activepath/$file").$addparm."><img src=img/dir.gif border=0 width=16 height=16 align=absmiddle>$file</a>
   </td>
   <td class='linerow'>-</td>
   <td bgcolor='#F9FBF0' class='linerow'>-</td>
--- a/src/dede/dialog/select_media_post.php
+++ b/src/dede/dialog/select_media_post.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: select_media_post.php 1 9:43 2010年7月8日Z tianya $
 * @package        DedeBIZ.Dialog
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 include_once(dirname(__FILE__) . '/config.php');
 $cfg_softtype = $cfg_mediatype . "|mp4";
 include_once(dirname(__FILE__).'/config.php');
 $cfg_softtype = $cfg_mediatype."|mp4";
 $cfg_soft_dir = $cfg_other_medias;
 $bkurl = 'select_media.php';
 $uploadmbtype = "多媒体文件类型";
@@ -24,4 +24,4 @@ if (empty($activepath)) {
    }
 }

 require_once(dirname(__FILE__) . "/select_soft_post.php");
 require_once(dirname(__FILE__)."/select_soft_post.php");
--- a/src/dede/dialog/select_soft.php
+++ b/src/dede/dialog/select_soft.php
@@ -4,11 +4,11 @@
 *
 * @version        $Id: select_soft.php 1 9:43 2010年7月8日Z tianya $
 * @package        DedeBIZ.Dialog
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 if (empty($activepath)) {
    $activepath = '';
 }
@@ -17,8 +17,8 @@ $activepath = preg_replace("#\/{1,}#", '/', $activepath);
 if (strlen($activepath) < strlen($cfg_soft_dir)) {
    $activepath = $cfg_soft_dir;
 }
 $inpath = $cfg_basedir . $activepath;
 $activeurl = '..' . $activepath;
 $inpath = $cfg_basedir.$activepath;
 $activeurl = '..'.$activepath;
 if (empty($f)) {
    $f = 'form1.enclosure';
 }
@@ -30,10 +30,10 @@ if (empty($comeback)) {
 }
 $addparm = '';
 if (!empty($CKEditor)) {
    $addparm = '&CKEditor=' . $CKEditor;
    $addparm = '&CKEditor='.$CKEditor;
 }
 if (!empty($CKEditorFuncNum)) {
    $addparm .= '&CKEditorFuncNum=' . $CKEditorFuncNum;
    $addparm .= '&CKEditorFuncNum='.$CKEditorFuncNum;
 }
 if (!empty($noeditor)) {
    $addparm .= '&noeditor=yes';
@@ -48,10 +48,10 @@ if (!empty($noeditor)) {
    <link rel="stylesheet" href="../css/base.css">
    <style>
 html{background:#f2f2f2}
 body{margin:0;line-height:22px;font:12px Helvetica Neue,Helvetica,PingFang SC,Tahoma,Arial,sans-serif}
 body{margin:0;line-height:1.5;font:12px Helvetica Neue,Helvetica,PingFang SC,Tahoma,Arial,sans-serif}
 a{text-decoration:none!important}
 table{background:#fff}
 .bg{margin:10px;border-radius:2px;box-shadow:0 1px 2px 0 rgba(0,0,0,.05)}
 .bg{margin:10px;border-radius:.2rem;box-shadow:0 1px 2px 0 rgba(0,0,0,.05)}
 .linerow{border-bottom:1px solid #eee!important}
    </style>
 </head>
@@ -82,7 +82,7 @@ table{background:#fff}
                    <input type="hidden" name="activepath" value="<?php echo $activepath ?>">
                    <input type="hidden" name="f" value="<?php echo $f ?>">
                    <input type="hidden" name="job" value="upload">
                    &nbsp;上传：<input type="file" name="uploadfile" size="24">
                    &nbsp;上传：<input type="file" name="uploadfile" size="24" style="border:none">
                    &nbsp;
                    改名：<input type="text" name="newname" style="width:160px">
                    &nbsp;
@@ -109,10 +109,10 @@ table{background:#fff}
                            if ($filesize != "")
                                if ($filesize < 0.1) {
                                    @list($ty1, $ty2) = split("\.", $filesize);
                                    $filesize = $ty1 . "." . substr($ty2, 0, 2);
                                    $filesize = $ty1.".".substr($ty2, 0, 2);
                                } else {
                                    @list($ty1, $ty2) = split("\.", $filesize);
                                    $filesize = $ty1 . "." . substr($ty2, 0, 1);
                                    $filesize = $ty1.".".substr($ty2, 0, 1);
                                }
                            $filetime = filemtime("$inpath/$file");
                            $filetime = MyDate("Y-m-d H:i", $filetime);
@@ -122,16 +122,16 @@ table{background:#fff}
                        else if ($file == "..") {
                            if ($activepath == "") continue;
                            $tmp = preg_replace("#[\/][^\/]*$#i", "", $activepath);
                            $line = "\n<tr height='28'>
                            <td class='linerow'><a href='select_soft.php?f=$f&activepath=" . urlencode($tmp) . $addparm . "'><img src='img/dir2.gif'>上级目录</a></td>
                            $line = "\n<tr height='26'>
                            <td class='linerow'><a href='select_soft.php?f=$f&activepath=".urlencode($tmp).$addparm."'><img src='img/dir2.gif'>上级目录</a></td>
                            <td colspan='2' class='linerow'>当前目录:$activepath</td>
                            </tr>\r\n";
                            echo $line;
                        } else if (is_dir("$inpath/$file")) {
                            if (preg_match("#^_(.*)$#i", $file)) continue; #屏蔽FrontPage扩展目录和linux隐蔽目录
                            if (preg_match("#^_(.*)$#i", $file)) continue;
                            if (preg_match("#^\.(.*)$#i", $file)) continue;
                            $line = "\n<tr height='28'>
                            <td class='linerow'><a href=select_soft.php?f=$f&activepath=" . urlencode("$activepath/$file") . $addparm . "><img src='img/dir.gif'>$file</a></td>
                            $line = "\n<tr height='26'>
                            <td class='linerow'><a href=select_soft.php?f=$f&activepath=".urlencode("$activepath/$file").$addparm."><img src='img/dir.gif'>$file</a></td>
                            <td class='linerow'></td>
                            <td class='linerow'></td>
                            </tr>";
@@ -142,7 +142,7 @@ table{background:#fff}
                            $reurl = "$activeurl/$file";
                            $reurl = preg_replace("#^\.\.#", "", $reurl);
                            $reurl = $reurl;
                            $line = "\n<tr height='28'>
                            $line = "\n<tr height='26'>
                            <td class='linerow'><a href=\"javascript:ReturnValue('$reurl');\" $lstyle><img src='img/zip.gif'>$file</a></td>
                            <td class='linerow'>$filesize KB</td>
                            <td class='linerow'>$filetime</td>
@@ -154,7 +154,7 @@ table{background:#fff}
                            $reurl = "$activeurl/$file";
                            $reurl = preg_replace("#^\.\.#", "", $reurl);
                            $reurl = $reurl;
                            $line = "\n<tr height='28'>
                            $line = "\n<tr height='26'>
                            <td class='linerow'><a href=\"javascript:ReturnValue('$reurl');\" $lstyle><img src='img/exe.gif'>$file</a></td>
                            <td class='linerow'>$filesize KB</td>
                            <td class='linerow'>$filetime</td>
@@ -168,7 +168,7 @@ table{background:#fff}
            </td>
        </tr>
        <tr>
            <td colspan="3" height="30">请点击要选择的文件，红色字样的为刚上传的文件</td>
            <td colspan="3" height="30">点击选择的文件，红色字样的为刚上传的文件</td>
        </tr>
    </table>
 </body>
--- a/src/dede/dialog/select_soft_post.php
+++ b/src/dede/dialog/select_soft_post.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: select_soft_post.php 1 9:43 2010年7月8日Z tianya $
 * @package        DedeBIZ.Dialog
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 if (!isset($cfg_basedir)) {
    include_once(dirname(__FILE__) . '/config.php');
    include_once(dirname(__FILE__).'/config.php');
 }
 if (empty($uploadfile)) $uploadfile = '';
 if (empty($uploadmbtype)) $uploadmbtype = '软件类型';
@@ -22,7 +22,7 @@ $uploadfile = isset($imgfile) && empty($uploadfile) ? $imgfile : $uploadfile;
 $uploadfile_name = isset($imgfile_name) && empty($uploadfile_name) ? $imgfile_name : $uploadfile_name;

 if (!is_uploaded_file($uploadfile)) {
    ShowMsg("你没有选择上传的文件或选择的文件大小超出限制!", "-1");
    ShowMsg("您没有选择上传的文件或选择的文件大小超出限制!", "-1");
    exit();
 }

@@ -31,17 +31,17 @@ $cfg_softtype = $cfg_softtype;

 $cfg_softtype = str_replace('||', '|', $cfg_softtype);
 $uploadfile_name = trim(preg_replace("#[ \r\n\t\*\%\\\/\?><\|\":]{1,}#", '', $uploadfile_name));
 if (!preg_match("#\.(" . $cfg_softtype . ")#i", $uploadfile_name)) {
    ShowMsg("你所上传的{$uploadmbtype}不在许可列表，请更改系统对扩展名限定的配置！", "");
 if (!preg_match("#\.(".$cfg_softtype.")#i", $uploadfile_name)) {
    ShowMsg("您所上传的{$uploadmbtype}不在许可列表，请更改系统对扩展名限定的配置", "-1");
    exit();
 }

 $nowtme = time();
 if ($activepath == $cfg_soft_dir) {
    $newdir = MyDate($cfg_addon_savetype, $nowtme);
    $activepath = $activepath . '/' . $newdir;
    if (!is_dir($cfg_basedir . $activepath)) {
        MkdirAll($cfg_basedir . $activepath, $cfg_dir_purview);
    $activepath = $activepath.'/'.$newdir;
    if (!is_dir($cfg_basedir.$activepath)) {
        MkdirAll($cfg_basedir.$activepath, $cfg_dir_purview);
        CloseFtp();
    }
 }
@@ -51,24 +51,24 @@ if (!empty($newname)) {
    $filename = $newname;
    if (!preg_match("#\.#", $filename)) $fs = explode('.', $uploadfile_name);
    else $fs = explode('.', $filename);
    if (preg_match("#" . $cfg_not_allowall . "#", $fs[count($fs) - 1])) {
        ShowMsg("你指定的文件名被系统禁止！", 'javascript:;');
    if (preg_match("#".$cfg_not_allowall."#", $fs[count($fs) - 1])) {
        ShowMsg("您指定的文件名被系统禁止", 'javascript:;');
        exit();
    }
    if (!preg_match("#\.#", $filename)) $filename = $filename . '.' . $fs[count($fs) - 1];
    if (!preg_match("#\.#", $filename)) $filename = $filename.'.'.$fs[count($fs) - 1];
 } else {
    $filename = $cuserLogin->getUserID() . '-' . dd2char(MyDate('ymdHis', $nowtme));
    $filename = $cuserLogin->getUserID().'-'.dd2char(MyDate('ymdHis', $nowtme));
    $fs = explode('.', $uploadfile_name);
    if (preg_match("#" . $cfg_not_allowall . "#", $fs[count($fs) - 1])) {
        ShowMsg("你上传了某些可能存在不安全因素的文件，系统拒绝操作！", 'javascript:;');
    if (preg_match("#".$cfg_not_allowall."#", $fs[count($fs) - 1])) {
        ShowMsg("您上传了某些可能存在不安全因素的文件，系统拒绝操作", 'javascript:;');
        exit();
    }
    $filename = $filename . '.' . $fs[count($fs) - 1];
    $filename = $filename.'.'.$fs[count($fs) - 1];
 }

 $fullfilename = $cfg_basedir . $activepath . '/' . $filename;
 $fullfileurl = $activepath . '/' . $filename;
 move_uploaded_file($uploadfile, $fullfilename) or die("上传文件到 $fullfilename 失败！");
 $fullfilename = $cfg_basedir.$activepath.'/'.$filename;
 $fullfileurl = $activepath.'/'.$filename;
 move_uploaded_file($uploadfile, $fullfilename) or die("上传文件到 $fullfilename 失败");
@unlink($uploadfile);

 if ($uploadfile_type == 'application/x-shockwave-flash') {
@@ -83,7 +83,7 @@ if ($uploadfile_type == 'application/x-shockwave-flash') {


 $inquery = "INSERT INTO `#@__uploads`(arcid,title,url,mediatype,width,height,playtime,filesize,uptime,mid)
   VALUES ('0','$filename','$fullfileurl','$mediatype','0','0','0','{$uploadfile_size}','{$nowtme}','" . $cuserLogin->getUserID() . "'); ";
   VALUES ('0','$filename','$fullfileurl','$mediatype','0','0','0','{$uploadfile_size}','{$nowtme}','".$cuserLogin->getUserID()."'); ";

 $dsql->ExecuteNoneQuery($inquery);
 $fid = $dsql->GetLastID();
@@ -99,6 +99,6 @@ if ($ck == 1) {
    );
    echo json_encode($arr);
 } else {
    ShowMsg("成功上传文件！", $bkurl . "?comeback=" . urlencode($filename) . "&f=$f&CKEditorFuncNum=$CKEditorFuncNum&activepath=" . urlencode($activepath) . "&d=" . time());
    ShowMsg("成功上传文件", $bkurl."?comeback=".urlencode($filename)."&f=$f&CKEditorFuncNum=$CKEditorFuncNum&activepath=".urlencode($activepath)."&d=".time());
    exit();
 }
--- a/src/dede/dialog/select_templets.php
+++ b/src/dede/dialog/select_templets.php
@@ -4,11 +4,11 @@
 *
 * @version        $Id: select_templets.php 1 9:43 2010年7月8日Z tianya $
 * @package        DedeBIZ.Dialog
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 if (empty($activepath)) {
    $activepath = '';
 }
@@ -19,8 +19,8 @@ $templetdir  = $cfg_templets_dir;
 if (strlen($activepath) < strlen($templetdir)) {
    $activepath = $templetdir;
 }
 $inpath = $cfg_basedir . $activepath;
 $activeurl = '..' . $activepath;
 $inpath = $cfg_basedir.$activepath;
 $activeurl = '..'.$activepath;
 if (!is_dir($inpath)) {
    die('No Exsits Path');
 }
@@ -40,10 +40,10 @@ if (empty($comeback)) {
    <link rel="stylesheet" href="../css/base.css">
    <style>
 html{background:#f2f2f2}
 body{margin:0;line-height:22px;font:12px Helvetica Neue,Helvetica,PingFang SC,Tahoma,Arial,sans-serif}
 body{margin:0;line-height:1.5;font:12px Helvetica Neue,Helvetica,PingFang SC,Tahoma,Arial,sans-serif}
 a{text-decoration:none!important}
 table{background:#fff}
 .bg{margin:10px;border-radius:2px;box-shadow:0 1px 2px 0 rgba(0,0,0,.05)}
 .bg{margin:10px;border-radius:.2rem;box-shadow:0 1px 2px 0 rgba(0,0,0,.05)}
 .linerow{border-bottom:1px solid #eee!important}
    </style>
 </head>
@@ -76,10 +76,10 @@ table{background:#fff}
                if ($filesize != "")
                    if ($filesize < 0.1) {
                        @list($ty1, $ty2) = split("\.", $filesize);
                        $filesize = $ty1 . "." . substr($ty2, 0, 2);
                        $filesize = $ty1.".".substr($ty2, 0, 2);
                    } else {
                        @list($ty1, $ty2) = split("\.", $filesize);
                        $filesize = $ty1 . "." . substr($ty2, 0, 1);
                        $filesize = $ty1.".".substr($ty2, 0, 1);
                    }
                    $filetime = filemtime("$inpath/$file");
                    $filetime = MyDate("Y-m-d H:i", $filetime);
@@ -90,7 +90,7 @@ table{background:#fff}
                    if ($activepath == "") continue;
                    $tmp = preg_replace("#[\/][^\/]*$#", "", $activepath);
                    $line = "\n<tr>
                    <td class='linerow'><a href='select_templets.php?f=$f&activepath=" . urlencode($tmp) . "'><img src='img/dir2.gif'>上级目录</a></td>
                    <td class='linerow'><a href='select_templets.php?f=$f&activepath=".urlencode($tmp)."'><img src='img/dir2.gif'>上级目录</a></td>
                    <td colspan='2' class='linerow'>当前目录:$activepath</td>
                    </tr>\r\n";
                      echo $line;
@@ -98,7 +98,7 @@ table{background:#fff}
                    if (preg_match("#^_(.*)$#i", $file)) continue;
                    if (preg_match("#^\.(.*)$#i", $file)) continue;
                    $line = "\n<tr>
                    <td class='linerow'><a href=select_templets.php?f=$f&activepath=" . urlencode("$activepath/$file") . "><img src='img/dir.gif'>$file</a></td>
                    <td class='linerow'><a href=select_templets.php?f=$f&activepath=".urlencode("$activepath/$file")."><img src='img/dir.gif'>$file</a></td>
                    <td class='linerow'></td>
                    <td class='linerow'></td>
                    </tr>";
@@ -108,7 +108,7 @@ table{background:#fff}
                    else  $lstyle = "";
                    $reurl = "$activeurl/$file";
                    $reurl = preg_replace("#\.\.#", "", $reurl);
                    $reurl = preg_replace("#" . $templetdir . "\/#", "", $reurl);
                    $reurl = preg_replace("#".$templetdir."\/#", "", $reurl);
                    $line = "\n<tr>
                    <td class='linerow'><a href=\"javascript:ReturnValue('$reurl');\" $lstyle><img src='img/htm.gif'>$file</a></td>
                    <td class='linerow'>$filesize KB</td>
@@ -120,7 +120,7 @@ table{background:#fff}
                    else  $lstyle = "";
                    $reurl = "$activeurl/$file";
                    $reurl = preg_replace("#\.\.#", "", $reurl);
                    $reurl = preg_replace("#" . $templetdir . "/#", "", $reurl);
                    $reurl = preg_replace("#".$templetdir."/#", "", $reurl);
                    $line = "\n<tr>
                    <td class='linerow'><a href=\"javascript:ReturnValue('$reurl');\" $lstyle><img src='img/css.gif'>$file</a></td>
                    <td class='linerow'>$filesize KB</td>
@@ -132,7 +132,7 @@ table{background:#fff}
                    else  $lstyle = "";
                    $reurl = "$activeurl/$file";
                    $reurl = preg_replace("#\.\.#", "", $reurl);
                    $reurl = preg_replace("#" . $templetdir . "\/#", "", $reurl);
                    $reurl = preg_replace("#".$templetdir."\/#", "", $reurl);
                    $line = "\n<tr>
                    <td class='linerow'><a href=\"javascript:ReturnValue('$reurl');\" $lstyle><img src='img/js.gif'>$file</a></td>
                    <td class='linerow'>$filesize KB</td>
@@ -144,7 +144,7 @@ table{background:#fff}
                    else  $lstyle = "";
                    $reurl = "$activeurl/$file";
                    $reurl = preg_replace("#\.\.#", "", $reurl);
                    $reurl = preg_replace("#" . $templetdir . "\/#", "", $reurl);
                    $reurl = preg_replace("#".$templetdir."\/#", "", $reurl);
                    $line = "\n<tr>
                    <td class='linerow'><a href=\"javascript:ReturnValue('$reurl');\" $lstyle><img src='img/jpg.gif'>$file</a></td>
                    <td class='linerow'>$filesize KB</td>
@@ -156,7 +156,7 @@ table{background:#fff}
                    else  $lstyle = "";
                    $reurl = "$activeurl/$file";
                    $reurl = preg_replace("#\.\.#", "", $reurl);
                    $reurl = preg_replace("#" . $templetdir . "\/#", "", $reurl);
                    $reurl = preg_replace("#".$templetdir."\/#", "", $reurl);
                    $line = "\n<tr>
                    <td class='linerow'><a href=\"javascript:ReturnValue('$reurl');\" $lstyle><img src='img/gif.gif'>$file</a></td>
                    <td class='linerow'>$filesize KB</td>
@@ -168,7 +168,7 @@ table{background:#fff}
                    else  $lstyle = "";
                    $reurl = "$activeurl/$file";
                    $reurl = preg_replace("#\.\.#", "", $reurl);
                    $reurl = preg_replace("#" . $templetdir . "\/#", "", $reurl);
                    $reurl = preg_replace("#".$templetdir."\/#", "", $reurl);
                    $line = "\n<tr>
                    <td class='linerow'><a href=\"javascript:ReturnValue('$reurl');\" $lstyle><img src='img/txt.gif'>$file</a></td>
                    <td class='linerow'>$filesize KB</td>
@@ -183,11 +183,11 @@ table{background:#fff}
                    <table width="100%">
                        <form action="select_templets_post.php" method="POST" enctype="multipart/form-data" name="myform">
                        <input type="hidden" name="activepath" value="<?php echo $activepath ?>">
                        <input type="hidden" name="f" value='<?php echo $f ?>'>
                        <input type="hidden" name="f" value="<?php echo $f ?>">
                        <input type="hidden" name="job" value="upload">
                            <tr>
                                <td>
                                    &nbsp;上传：<input type="file" name="uploadfile" style="width:260px">
                                    上传：<input type="file" name="uploadfile" style="width:260px;border:none">
                                    改名：<input type="text" name="filename" style="width:160px">
                                    <button type="submit" name="sb1" class="btn btn-success btn-sm">确定</button>
                                </td>
--- a/src/dede/dialog/select_templets_post.php
+++ b/src/dede/dialog/select_templets_post.php
@@ -5,26 +5,26 @@
 *
 * @version        $Id: select_templets_post.php 1 9:43 2010年7月8日Z tianya $
 * @package        DedeBIZ.Dialog
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */

 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 $cfg_txttype = "htm|html|tpl|txt";
 if (empty($uploadfile)) {
    $uploadfile = "";
 }
 if (!is_uploaded_file($uploadfile)) {
    ShowMsg("你没有选择上传的文件!", "-1");
    ShowMsg("您没有选择上传的文件!", "-1");
    exit();
 }
 if (!preg_match("#^text#", $uploadfile_type)) {
    ShowMsg("你上传的不是文本类型附件!", "-1");
    ShowMsg("您上传的不是文本类型附件!", "-1");
    exit();
 }
 if (!preg_match("#\.(" . $cfg_txttype . ")#i", $uploadfile_name)) {
    ShowMsg("你所上传的模板文件类型不能被识别，只允许htm、html、tpl、txt扩展名！", "-1");
 if (!preg_match("#\.(".$cfg_txttype.")#i", $uploadfile_name)) {
    ShowMsg("您所上传的模板文件类型不能被识别，只允许htm、html、tpl、txt扩展名", "-1");
    exit();
 }
 if ($filename != '') {
@@ -32,13 +32,13 @@ if ($filename != '') {
 } else {
    $uploadfile_name = trim(preg_replace("#[ \r\n\t\*\%\\\/\?><\|\":]{1,}#", '', $uploadfile_name));
    $filename = $uploadfile_name;
    if ($filename == '' || !preg_match("#\.(" . $cfg_txttype . ")#i", $filename)) {
        ShowMsg("你所上传的文件存在问题，请检查文件类型是否适合！", "-1");
    if ($filename == '' || !preg_match("#\.(".$cfg_txttype.")#i", $filename)) {
        ShowMsg("您所上传的文件存在问题，请检查文件类型是否适合", "-1");
        exit();
    }
 }
 $fullfilename = $cfg_basedir . $activepath . "/" . $filename;
 move_uploaded_file($uploadfile, $fullfilename) or die("上传文件到 $fullfilename 失败！");
 $fullfilename = $cfg_basedir.$activepath."/".$filename;
 move_uploaded_file($uploadfile, $fullfilename) or die("上传文件到 $fullfilename 失败");
@unlink($uploadfile);
 ShowMsg("成功上传文件！", "select_templets.php?comeback=" . urlencode($filename) . "&f=$f&activepath=" . urlencode($activepath) . "&d=" . time());
 ShowMsg("成功上传文件", "select_templets.php?comeback=".urlencode($filename)."&f=$f&activepath=".urlencode($activepath)."&d=".time());
 exit();
--- a/src/dede/diy_add.php
+++ b/src/dede/diy_add.php
@@ -5,34 +5,34 @@
 *
 * @version        $Id: diy_add.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('c_New');
 $mysql_version = $dsql->GetVersion();
 $mysql_versions = explode(".", trim($mysql_version));
 $mysql_version = $mysql_versions[0] . "." . $mysql_versions[1];
 $mysql_version = $mysql_versions[0].".".$mysql_versions[1];
 if (empty($action)) {
    $row = $dsql->GetOne("SELECT diyid FROM #@__diyforms ORDER BY diyid DESC LIMIT 0,1 ");
    if (is_array($row)) $newdiyid = $row['diyid'] + 1;
    else $newdiyid = 1;
    include(DEDEADMIN . "/templets/diy_add.htm");
    include(DEDEADMIN."/templets/diy_add.htm");
 } else {
    if (preg_match("#[^0-9-]#", $diyid) || empty($diyid)) {
        ShowMsg("<font color=red>'自定义表单diyid'</font>必须为数字！", "-1");
        ShowMsg("<font color=red>'自定义表单diyid'</font>必须为数字", "-1");
        exit();
    }
    if ($table == "") {
        ShowMsg("表名不能为空！", "-1");
        ShowMsg("表名不能为空", "-1");
        exit();
    }
    $public = isset($public) && is_numeric($public) ? $public : 0;
    $name = dede_htmlspecialchars($name);
    $row = $dsql->GetOne("SELECT * FROM #@__diyforms WHERE diyid='$diyid' OR `table` LIKE '$table' OR name LIKE '$name' ");
    if (is_array($row)) {
        ShowMsg("可能自定义表单的‘diyid’、‘名称’在数据库中已存在，不能重复使用！", "-1");
        ShowMsg("可能自定义表单的‘diyid’、‘名称’在数据库中已存在，不能重复使用", "-1");
        exit();
    }
    $query = "SHOW TABLES FROM {$dsql->dbName} ";
@@ -52,7 +52,7 @@ if (empty($action)) {
    if ($mysql_version < 4.1) {
        $sql .= " PRIMARY KEY  (`id`)\r\n) TYPE=MyISAM; ";
    } else {
        $sql .= " PRIMARY KEY  (`id`)\r\n) ENGINE=MyISAM DEFAULT CHARSET=" . $cfg_db_language . "; ";
        $sql .= " PRIMARY KEY  (`id`)\r\n) ENGINE=MyISAM DEFAULT CHARSET=".$cfg_db_language."; ";
    }
    if ($dsql->ExecuteNoneQuery($sql)) {
        $query = "INSERT INTO #@__diyforms (`diyid`, `name`, `table`, `info`, `listtemplate`, `viewtemplate`, `posttemplate`, `public` ) VALUES ('$diyid', '$name', '$table', '', '$listtemplate', '$viewtemplate', '$posttemplate', '$public')";
--- a/src/dede/diy_edit.php
+++ b/src/dede/diy_edit.php
@@ -5,14 +5,14 @@
 *
 * @version        $Id: diy_add.php 1 14:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('c_Edit');
 require_once(DEDEINC . "/dedetag.class.php");
 require_once(DEDEINC . "/oxwindow.class.php");
 require_once(DEDEINC."/dedetag.class.php");
 require_once(DEDEINC."/oxwindow.class.php");

 if (empty($dopost)) $dopost = "";
 $diyid = (empty($diyid) ? 0 : intval($diyid));
@@ -25,7 +25,7 @@ if ($dopost == "save") {
    $name = dede_htmlspecialchars($name);
    $query = "UPDATE `#@__diyforms` SET name = '$name', listtemplate='$listtemplate', viewtemplate='$viewtemplate', posttemplate='$posttemplate', public='$public' WHERE diyid='$diyid' ";
    $dsql->ExecuteNoneQuery($query);
    ShowMsg("成功更改一个自定义表单！", "diy_main.php");
    ShowMsg("成功更改一个自定义表单", "diy_main.php");
    exit();
 }
 /*----------------
@@ -45,7 +45,7 @@ function __Delete()
        $win->AddHidden("job", "yes");
        $win->AddHidden("dopost", $dopost);
        $win->AddHidden("diyid", $diyid);
        $win->AddTitle("！将删除所有与该自定义表单相关的文件和数据<br />你确实要删除 \"" . $row['name'] . "\" 这个自定义表单？");
        $win->AddTitle("将删除所有与该自定义表单相关的文件和数据<br />您确实要删除 \"".$row['name']."\" 这个自定义表单？");
        $winform = $win->GetWindow("ok");
        $win->Display();
        exit();
@@ -55,7 +55,7 @@ function __Delete()
    else if ($job == "yes") {
        $row = $dsql->GetOne("SELECT `table` FROM `#@__diyforms` WHERE diyid='$diyid'", MYSQL_ASSOC);
        if (!is_array($row)) {
            ShowMsg("你所指定的自定义表单信息不存在!", "-1");
            ShowMsg("您所指定的自定义表单信息不存在!", "-1");
            exit();
        }

@@ -64,7 +64,7 @@ function __Delete()

        //删除频道配置信息
        $dsql->ExecuteNoneQuery("DELETE FROM `#@__diyforms` WHERE diyid='$diyid'");
        ShowMsg("成功删除一个自定义表单！", "diy_main.php");
        ShowMsg("成功删除一个自定义表单", "diy_main.php");
        exit();
    }
 }
@@ -73,4 +73,4 @@ function __Delete()
 function edit()
 -----------------*/
 $row = $dsql->GetOne("Select * From #@__diyforms where diyid='$diyid'");
 include DEDEADMIN . "/templets/diy_edit.htm";
 include DEDEADMIN."/templets/diy_edit.htm";
--- a/src/dede/diy_field_add.php
+++ b/src/dede/diy_field_add.php
@@ -5,19 +5,19 @@
 *
 * @version        $Id: diy_field_add.php 1 18:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");

 //增加权限检查
 require_once(DEDEADMIN . '/inc/inc_admin_channel.php');
 require_once(DEDEADMIN.'/inc/inc_admin_channel.php');
 if (empty($action)) $action = '';

 $mysql_version = $dsql->GetVersion();
 $mysql_versions = explode(".", trim($mysql_version));
 $mysql_version = $mysql_versions[0] . "." . $mysql_versions[1];
 $mysql_version = $mysql_versions[0].".".$mysql_versions[1];
 /*----------------------
 function Save()
 ---------------------*/
@@ -26,7 +26,7 @@ if ($action == 'save') {
    $fieldname = strtolower($fieldname);
    $row = $dsql->GetOne("SELECT `table`,`info` FROM #@__diyforms WHERE diyid='$diyid'");
    $fieldset = $row['info'];
    require_once(DEDEINC . "/dedetag.class.php");
    require_once(DEDEINC."/dedetag.class.php");
    $dtp = new DedeTagParse();
    $dtp->SetNameSpace("field", "<", ">");
    $dtp->LoadSource($fieldset);
@@ -46,7 +46,7 @@ if ($action == 'save') {

    if (!$rs) {
        $gerr = $dsql->GetError();
        ShowMsg("增加字段失败，错误提示为：" . $gerr, "javascript:;");
        ShowMsg("增加字段失败，错误提示为：".$gerr, "javascript:;");
        exit();
    }
    $ok = FALSE;
@@ -61,20 +61,20 @@ if ($action == 'save') {
                break;
            }
        }
        $oksetting = $ok ? $dtp->GetResultNP() : $fieldset . "\n" . stripslashes($fieldstring);
        $oksetting = $ok ? $dtp->GetResultNP() : $fieldset."\n".stripslashes($fieldstring);
    } else {
        //原来的配置为空
        $oksetting = $fieldset . "\n" . stripslashes($fieldstring);
        $oksetting = $fieldset."\n".stripslashes($fieldstring);
    }
    $addlist = GetAddFieldList($dtp, $oksetting);
    $oksetting = addslashes($oksetting);
    $rs = $dsql->ExecuteNoneQuery("Update #@__diyforms set `info`='$oksetting' where diyid='$diyid' ");
    if (!$rs) {
        $grr = $dsql->GetError();
        ShowMsg("保存节点配置出错！" . $grr, "javascript:;");
        ShowMsg("保存节点配置出错".$grr, "javascript:;");
        exit();
    }
    ShowMsg("成功增加一个字段！", "diy_edit.php?diyid=$diyid");
    ShowMsg("成功增加一个字段", "diy_edit.php?diyid=$diyid");
    exit();
 }

@@ -91,7 +91,7 @@ $tabsql = "CREATE TABLE IF NOT EXISTS  `$trueTable`(
 if ($mysql_version < 4.1) {
    $tabsql .= " PRIMARY KEY  (`id`)\r\n) TYPE=MyISAM; ";
 } else {
    $tabsql .= " PRIMARY KEY  (`id`)\r\n) ENGINE=MyISAM DEFAULT CHARSET=" . $cfg_db_language . "; ";
    $tabsql .= " PRIMARY KEY  (`id`)\r\n) ENGINE=MyISAM DEFAULT CHARSET=".$cfg_db_language."; ";
 }
 $dsql->ExecuteNoneQuery($tabsql);

@@ -104,6 +104,6 @@ while ($nrow = $dsql->GetArray('a', MYSQL_ASSOC)) {
 }
 $f = '';
 foreach ($fields as $k => $v) {
    $f .= ($f == '' ? $k : ' ' . $k);
    $f .= ($f == '' ? $k : ' '.$k);
 }
 require_once(DEDEADMIN . "/templets/diy_field_add.htm");
 require_once(DEDEADMIN."/templets/diy_field_add.htm");
--- a/src/dede/diy_field_edit.php
+++ b/src/dede/diy_field_edit.php
@@ -5,22 +5,22 @@
 *
 * @version        $Id: diy_field_edit.php 1 18:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");

 //增加权限检查

 require_once(DEDEINC . "/dedetag.class.php");
 require_once(DEDEADMIN . "/inc/inc_admin_channel.php");
 require_once(DEDEINC."/dedetag.class.php");
 require_once(DEDEADMIN."/inc/inc_admin_channel.php");
 if (empty($action)) $action = '';

 //获取模型信息
 $mysql_version = $dsql->GetVersion();
 $mysql_versions = explode(".", trim($mysql_version));
 $mysql_version = $mysql_versions[0] . "." . $mysql_versions[1];
 $mysql_version = $mysql_versions[0].".".$mysql_versions[1];
 $row = $dsql->GetOne("SELECT `table`,`info` FROM #@__diyforms WHERE diyid='$diyid'");
 $fieldset = $row['info'];
 $trueTable = $row['table'];
@@ -32,7 +32,7 @@ foreach ($dtp->CTags as $ctag) {
 }

 //字段类型信息
 $ds = file(DEDEADMIN . "/inc/fieldtype.txt");
 $ds = file(DEDEADMIN."/inc/fieldtype.txt");
 foreach ($ds as $d) {
    $dds = explode(',', trim($d));
    $fieldtypes[$dds[0]] = $dds[1];
@@ -45,7 +45,7 @@ function _SAVE()
 if ($action == 'save') {

    if (!isset($fieldtypes[$dtype])) {
        ShowMsg("你修改的是系统专用类型的数据，禁止操作！", "-1");
        ShowMsg("您修改的是系统专用类型的数据，禁止操作", "-1");
        exit();
    }

@@ -57,7 +57,7 @@ if ($action == 'save') {
    if ($mysql_version < 4.1) {
        $tabsql .= " PRIMARY KEY  (`id`)\r\n) TYPE=MyISAM; ";
    } else {
        $tabsql .= " PRIMARY KEY  (`id`)\r\n) ENGINE=MyISAM DEFAULT CHARSET=" . $cfg_db_language . "; ";
        $tabsql .= " PRIMARY KEY  (`id`)\r\n) ENGINE=MyISAM DEFAULT CHARSET=".$cfg_db_language."; ";
    }
    $dsql->ExecuteNoneQuery($tabsql);

@@ -86,10 +86,10 @@ if ($action == 'save') {
        if (trim($fieldname) == trim(strtolower($ctag->GetName()))) {

            if (isset($fields[$fieldname]) && $fields[$fieldname] != $buideType) {
                $tabsql = "ALTER TABLE `$trueTable` CHANGE `$fieldname` " . $ntabsql;
                $tabsql = "ALTER TABLE `$trueTable` CHANGE `$fieldname` ".$ntabsql;
                $dsql->ExecuteNoneQuery($tabsql);
            } else if (!isset($fields[$fieldname])) {
                $tabsql = "ALTER TABLE `$trueTable` ADD " . $ntabsql;
                $tabsql = "ALTER TABLE `$trueTable` ADD ".$ntabsql;
                $dsql->ExecuteNoneQuery($tabsql);
            } else {
                $tabsql = '';
@@ -101,7 +101,7 @@ if ($action == 'save') {
    $oksetting = $dtp->GetResultNP();
    $oksetting = addslashes($oksetting);
    $dsql->ExecuteNoneQuery("UPDATE #@__diyforms SET info='$oksetting' WHERE diyid='$diyid' ");
    ShowMsg("成功更改一个字段的配置！", "diy_edit.php?diyid={$diyid}");
    ShowMsg("成功更改一个字段的配置", "diy_edit.php?diyid={$diyid}");
    exit();
 }
 /*------------------
@@ -117,7 +117,7 @@ function _DELETE()
    $oksetting = addslashes($dtp->GetResultNP());
    $dsql->ExecuteNoneQuery("UPDATE #@__diyforms SET info='$oksetting' WHERE diyid='$diyid' ");
    $dsql->ExecuteNoneQuery("ALTER TABLE `$trueTable` DROP `$fname` ");
    ShowMsg("成功删除一个字段！", "diy_edit.php?diyid=$diyid");
    ShowMsg("成功删除一个字段", "diy_edit.php?diyid=$diyid");
    exit();
 }
 require_once(DEDEADMIN . "/templets/diy_field_edit.htm");
 require_once(DEDEADMIN."/templets/diy_field_edit.htm");
--- a/src/dede/diy_list.php
+++ b/src/dede/diy_list.php
@@ -1,33 +1,32 @@
 <?php

 /**
 * 自定义表单列表
 *
 * @version        $Id: diy_list.php 1 18:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('c_New');
 $diyid = isset($diyid) && is_numeric($diyid) ? $diyid : 0;
 $action = isset($action) && in_array($action, array('post', 'list', 'edit', 'check', 'delete')) ? $action : '';
 $action = isset($action) && in_array($action, array('post', 'list', 'edit', 'check', 'delete','excel')) ? $action : '';
 if (empty($diyid)) {
    showMsg("非法操作!", 'javascript:;');
    exit();
 }
 require_once DEDEINC . '/diyform.cls.php';
 require_once DEDEINC.'/diyform.cls.php';
 $diy = new diyform($diyid);
 if ($action == 'post') {
    if (empty($do)) {
        $postform = $diy->getForm('post', '', 'admin');
        include DEDEADMIN . '/templets/diy_post.htm';
        include DEDEADMIN.'/templets/diy_post.htm';
    } else if ($do == 2) {
        $dede_fields = empty($dede_fields) ? '' : trim($dede_fields);
        $dede_fieldshash = empty($dede_fieldshash) ? '' : trim($dede_fieldshash);
        if (!empty($dede_fields)) {
            if ($dede_fieldshash != md5($dede_fields . $cfg_cookie_encode)) {
            if ($dede_fieldshash != md5($dede_fields.$cfg_cookie_encode)) {
                showMsg("数据校验不对，程序返回", '-1');
                exit();
            }
@@ -53,8 +52,8 @@ if ($action == 'post') {
                    } else {
                        ${$fieldinfo[0]} = getFieldValue(${$fieldinfo[0]}, $fieldinfo[1], 0, 'add', '', 'member');
                    }
                    $addvar .= ', `' . $fieldinfo[0] . '`';
                    $addvalue .= ", '" . ${$fieldinfo[0]} . "'";
                    $addvar .= ', `'.$fieldinfo[0].'`';
                    $addvalue .= ", '".${$fieldinfo[0]}."'";
                }
            }
        }
@@ -67,13 +66,13 @@ if ($action == 'post') {
        }
    }
 } else if ($action == 'list') {
    include_once DEDEINC . '/datalistcp.class.php';
    include_once DEDEINC.'/datalistcp.class.php';
    $query = "SELECT * FROM {$diy->table} ORDER BY id DESC";
    $datalist = new DataListCP();
    $datalist->pageSize = 10;
    $datalist->SetParameter('action', 'list');
    $datalist->SetParameter('diyid', $diyid);
    $datalist->SetTemplate(DEDEADMIN . '/templets/diy_list.htm');
    $datalist->SetTemplate(DEDEADMIN.'/templets/diy_list.htm');
    $datalist->SetSource($query);
    $fieldlist = $diy->getFieldList();
    $datalist->Display();
@@ -81,20 +80,20 @@ if ($action == 'post') {
    if (empty($do)) {
        $id = isset($id) && is_numeric($id) ? $id : 0;
        if (empty($id)) {
            showMsg('非法操作！未指定id', 'javascript:;');
            showMsg('非法操作未指定id', 'javascript:;');
            exit();
        }
        $query = "SELECT * FROM {$diy->table} WHERE id=$id";
        $row = $dsql->GetOne($query);
        if (!is_array($row)) {
            showmsg("你访问的记录不存在或未经审核", '-1');
            showmsg("您访问的记录不存在或未经审核", '-1');
            exit();
        }
        $postform = $diy->getForm('edit', $row, 'admin');
        $fieldlist = $diy->getFieldList();
        $c1 = $row['ifcheck'] == 1 ? 'checked' : '';
        $c2 = $row['ifcheck'] == 0 ? 'checked' : '';
        include DEDEADMIN . '/templets/diy_edit_content.htm';
        include DEDEADMIN.'/templets/diy_edit_content.htm';
    } else if ($do == 2) {
        $dede_fields = empty($dede_fields) ? '' : trim($dede_fields);
        $diyform = $dsql->GetOne("SELECT * FROM #@__diyforms WHERE diyid=$diyid");
@@ -122,7 +121,7 @@ if ($action == 'post') {
                        ${$fieldinfo[0]} = GetFieldValue(${$fieldinfo[0]}, $fieldinfo[1], 0, 'add', '', 'diy', $fieldinfo[0]);
                        ${$fieldinfo[0]} = empty(${$fieldinfo[0]}) ? $diyco[$fieldinfo[0]] : ${$fieldinfo[0]};
                    }
                    $addsql .= !empty($addsql) ? ',`' . $fieldinfo[0] . "`='" . ${$fieldinfo[0]} . "'" : '`' . $fieldinfo[0] . "`='" . ${$fieldinfo[0]} . "'";
                    $addsql .= !empty($addsql) ? ',`'.$fieldinfo[0]."`='".${$fieldinfo[0]}."'" : '`'.$fieldinfo[0]."`='".${$fieldinfo[0]}."'";
                }
            }
        }
@@ -163,14 +162,43 @@ if ($action == 'post') {
        }
    } else if ($do = 1) {
        $row = $dsql->GetOne("SELECT * FROM `$diy->table` WHERE id='$id'");
        if (file_exists($cfg_basedir . $row[$name])) {
            unlink($cfg_basedir . $row[$name]);
        if (file_exists($cfg_basedir.$row[$name])) {
            unlink($cfg_basedir.$row[$name]);
            $dsql->ExecuteNoneQuery("UPDATE `$diy->table` SET $name='' WHERE id='$id'");
            showmsg('文件删除成功', "diy_list.php?action=list&diyid={$diy->diyid}");
        } else {
            showmsg('文件不存在', '-1');
        }
    }
 } 
 elseif($action == 'excel') {
    ob_end_clean();//清除缓冲区,避免乱码
    header("Content-type:application/vnd.ms-excel");
    header("Content-Disposition:attachment;filename={$diy->name}_".date("Y-m-d").".xls");
    print(chr(0xEF).chr(0xBB).chr(0xBF));//清除bom
    $fieldlist = $diy->getFieldList();
    echo "<table><tr>";
    foreach($fieldlist as $field=>$fielddata)
    {
        echo "<th>{$fielddata[0]}</th>";
    }
    echo "<th>状态</th>";
    echo "</tr>";
    $sql = "SELECT * FROM {$diy->table} ORDER BY id DESC";
    $dsql->SetQuery($sql);
    $dsql->Execute('t');
    while($arr = $dsql->GetArray('t'))
    {
        echo "<tr>";
        foreach($fieldlist as $key => $field)
        {
            echo "<td>".$arr[$key]."</td>";
        }
    $status = $arr['ifcheck'] == 1 ? '已审核' : '未审核';
    echo "<td>".$status."</td>";
    echo "</tr>";
    }
    echo "</table>";
 } else {
    showmsg('未定义操作', "-1");
 }
 }
--- a/src/dede/diy_main.php
+++ b/src/dede/diy_main.php
@@ -5,18 +5,18 @@
 *
 * @version        $Id: diy_main.php 1 18:31 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('c_List');
 require_once(DEDEINC . "/datalistcp.class.php");
 require_once(DEDEINC . "/common.func.php");
 require_once(DEDEINC."/datalistcp.class.php");
 require_once(DEDEINC."/common.func.php");
 setcookie("ENV_GOBACK_URL", $dedeNowurl, time() + 3600, "/");
 $sql = "Select `diyid`,`name`,`table` From #@__diyforms order by diyid asc";
 $dlist = new DataListCP();
 $dlist->SetTemplet(DEDEADMIN . "/templets/diy_main.htm");
 $dlist->SetTemplet(DEDEADMIN."/templets/diy_main.htm");
 $dlist->SetSource($sql);
 $dlist->display();
 $dlist->Close();
--- a/src/dede/erraddsave.php
+++ b/src/dede/erraddsave.php
@@ -5,13 +5,13 @@
 *
 * @version        $Id: erraddsave.php 1 19:09 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(DEDEINC . '/datalistcp.class.php');
 require_once(DEDEINC . '/common.func.php');
 require_once(dirname(__FILE__).'/config.php');
 require_once(DEDEINC.'/datalistcp.class.php');
 require_once(DEDEINC.'/common.func.php');

 if (empty($dopost)) $dopost = '';
 if (empty($fmdo)) $fmdo = '';
@@ -63,7 +63,7 @@ function typename($me)

 if ($dopost == "delete") {
    if ($id == '') {
        ShowMsg("参数无效！", "-1");
        ShowMsg("参数无效", "-1");
        exit();
    }

@@ -74,10 +74,10 @@ if ($dopost == "delete") {
            $query = "DELETE FROM `#@__erradd` WHERE `id` = '$var'";
            $dsql->ExecuteNoneQuery($query);
        }
        ShowMsg("成功删除指定的文档！", "erraddsave.php");
        ShowMsg("成功删除指定的文档", "erraddsave.php");
        exit();
    } else {
        require_once(DEDEINC . "/oxwindow.class.php");
        require_once(DEDEINC."/oxwindow.class.php");
        $wintitle = "删除";
        $wecome_info = "<a href='erraddsave.php'>错误管理</a>::删除错误";
        $win = new OxWindow();
@@ -85,7 +85,7 @@ if ($dopost == "delete") {
        $win->AddHidden("fmdo", "yes");
        $win->AddHidden("dopost", $dopost);
        $win->AddHidden("id", $id);
        $win->AddTitle("你确实要删除“ $id ”这些错误提示？");
        $win->AddTitle("您确实要删除“ $id ”这些错误提示？");
        $winform = $win->GetWindow("ok");
        $win->Display();
        exit();
@@ -95,6 +95,6 @@ if ($dopost == "delete") {

 $sql = "SELECT * FROM `#@__erradd` ORDER BY id desc";
 $dlist = new DataListCP();
 $dlist->SetTemplet(DEDEADMIN . "/templets/erradd.htm");
 $dlist->SetTemplet(DEDEADMIN."/templets/erradd.htm");
 $dlist->SetSource($sql);
 $dlist->display();
--- a/src/dede/exit.php
+++ b/src/dede/exit.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: exit.php 1 19:09 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/../include/common.inc.php');
 require_once(DEDEINC . '/userlogin.class.php');
 require_once(dirname(__FILE__).'/../include/common.inc.php');
 require_once(DEDEINC.'/userlogin.class.php');
 $cuserLogin = new userLogin();
 $cuserLogin->exitUser();
 if (empty($needclose)) {
--- a/src/dede/feedback_edit.php
+++ b/src/dede/feedback_edit.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: feedback_edit.php 1 19:09 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('sys_Feedback');
 $id = isset($id) && is_numeric($id) ? $id : 0;
 $ENV_GOBACK_URL = empty($_COOKIE['ENV_GOBACK_URL']) ? "feedback_main.php" : $_COOKIE['ENV_GOBACK_URL'];
@@ -24,14 +24,14 @@ if ($dopost == 'edit') {
        $adminmsg = str_replace(">", "&gt;", $adminmsg);
        $adminmsg = str_replace("  ", "&nbsp;&nbsp;", $adminmsg);
        $adminmsg = str_replace("\r\n", "<br/>\n", $adminmsg);
        $msg = $msg . "<br/>\n" . "<font color=red>管理员回复： $adminmsg</font>\n";
        $msg = $msg."<br/>\n"."<font color=red>管理员回复： $adminmsg</font>\n";
    }
    $query = "UPDATE `#@__feedback` SET username='$username',msg='$msg',ischeck=1 WHERE id=$id";
    $dsql->ExecuteNoneQuery($query);
    ShowMsg("成功回复一则留言！", $ENV_GOBACK_URL);
    ShowMsg("成功回复一则留言", $ENV_GOBACK_URL);
    exit();
 } elseif ($dopost === 'makehtml') {
    require_once(DEDEADMIN . '/inc/inc_archives_functions.php');
    require_once(DEDEADMIN.'/inc/inc_archives_functions.php');
    $query = "SELECT * FROM `#@__feedback` WHERE id=$id";
    $row = $dsql->GetOne($query);
    MakeArt($row['aid']);
--- a/src/dede/feedback_main.php
+++ b/src/dede/feedback_main.php
@@ -5,16 +5,16 @@
 *
 * @version        $Id: feedback_main.php 1 19:09 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");

 //权限检查
 CheckPurview('sys_Feedback');
 require_once(DEDEINC . "/datalistcp.class.php");
 require_once(DEDEINC . "/typelink.class.php");
 require_once(DEDEINC."/datalistcp.class.php");
 require_once(DEDEINC."/typelink.class.php");
 setcookie("ENV_GOBACK_URL", $dedeNowurl, time() + 3600, "/");

 function IsCheck($st)
@@ -36,7 +36,7 @@ function jsTrimjajx($str, $len)
 if (!empty($job)) {
    $ids = preg_replace("#[^0-9,]#", '', $fid);
    if (empty($ids)) {
        ShowMsg("你没选中任何选项！", $_COOKIE['ENV_GOBACK_URL'], 0, 500);
        ShowMsg("您没选中任何选项", $_COOKIE['ENV_GOBACK_URL'], 0, 500);
        exit;
    }
 } else {
@@ -101,7 +101,7 @@ else {
    $tl = new TypeLink($typeid);
    $openarray = $tl->GetOptionArray($typeid, $admin_catalogs, 0);

    $addsql = ($typeid != 0  ? " And typeid IN (" . GetSonIds($typeid) . ")" : '');
    $addsql = ($typeid != 0  ? " And typeid IN (".GetSonIds($typeid).")" : '');
    $addsql .= ($aid != 0  ? " And aid=$aid " : '');
    $addsql .= ($ip != ''  ? " And ip LIKE '$ip' " : '');

@@ -117,7 +117,7 @@ else {
    $dlist->SetParameter('ip', $ip);
    $dlist->SetParameter('typeid', $typeid);
    $dlist->SetParameter('keyword', $keyword);
    $dlist->SetTemplate(DEDEADMIN . '/templets/feedback_main.htm');
    $dlist->SetTemplate(DEDEADMIN.'/templets/feedback_main.htm');
    $dlist->SetSource($querystring);
    $dlist->Display();
 }
--- a/src/dede/file_class.php
+++ b/src/dede/file_class.php
@@ -4,7 +4,7 @@
 *
 * @version        $Id: file_class.php 1 19:09 2010年7月12日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
@@ -28,12 +28,12 @@ class FileManagement
    //更改文件名
    function RenameFile($oldname, $newname)
    {
        $oldname = $this->baseDir . $this->activeDir . "/" . $oldname;
        $newname = $this->baseDir . $this->activeDir . "/" . $newname;
        $oldname = $this->baseDir.$this->activeDir."/".$oldname;
        $newname = $this->baseDir.$this->activeDir."/".$newname;
        if (($newname != $oldname) && is_writable($oldname)) {
            rename($oldname, $newname);
        }
        ShowMsg("成功更改一个文件名！", "file_manage_main.php?activepath=" . $this->activeDir);
        ShowMsg("成功更改一个文件名", "file_manage_main.php?activepath=".$this->activeDir);
        return 0;
    }

@@ -41,14 +41,14 @@ class FileManagement
    function NewDir($dirname)
    {
        $newdir = $dirname;
        $dirname = $this->baseDir . $this->activeDir . "/" . $dirname;
        if (is_writable($this->baseDir . $this->activeDir)) {
        $dirname = $this->baseDir.$this->activeDir."/".$dirname;
        if (is_writable($this->baseDir.$this->activeDir)) {
            MkdirAll($dirname, $GLOBALS['cfg_dir_purview']);
            CloseFtp();
            ShowMsg("成功创建一个新目录！", "file_manage_main.php?activepath=" . $this->activeDir . "/" . $newdir);
            ShowMsg("成功创建一个新目录", "file_manage_main.php?activepath=".$this->activeDir."/".$newdir);
            return 1;
        } else {
            ShowMsg("创建新目录失败，因为这个位置不允许写入！", "file_manage_main.php?activepath=" . $this->activeDir);
            ShowMsg("创建新目录失败，因为这个位置不允许写入", "file_manage_main.php?activepath=".$this->activeDir);
            return 0;
        }
    }
@@ -64,30 +64,30 @@ class FileManagement
    function MoveFile($mfile, $mpath)
    {
        if ($mpath != "" && !preg_match("#\.\.#", $mpath)) {
            $oldfile = $this->baseDir . $this->activeDir . "/$mfile";
            $oldfile = $this->baseDir.$this->activeDir."/$mfile";
            $mpath = str_replace("\\", "/", $mpath);
            $mpath = preg_replace("#\/{1,}#", "/", $mpath);
            if (!preg_match("#^/#", $mpath)) {
                $mpath = $this->activeDir . "/" . $mpath;
                $mpath = $this->activeDir."/".$mpath;
            }
            $truepath = $this->baseDir . $mpath;
            $truepath = $this->baseDir.$mpath;
            if (is_readable($oldfile) && is_readable($truepath) && is_writable($truepath)) {
                if (is_dir($truepath)) {
                    copy($oldfile, $truepath . "/$mfile");
                    copy($oldfile, $truepath."/$mfile");
                } else {
                    MkdirAll($truepath, $GLOBALS['cfg_dir_purview']);
                    CloseFtp();
                    copy($oldfile, $truepath . "/$mfile");
                    copy($oldfile, $truepath."/$mfile");
                }
                unlink($oldfile);
                ShowMsg("成功移动文件！", "file_manage_main.php?activepath=$mpath", 0, 1000);
                ShowMsg("成功移动文件", "file_manage_main.php?activepath=$mpath", 0, 1000);
                return 1;
            } else {
                ShowMsg("移动文件 $oldfile -&gt; $truepath/$mfile 失败，可能是某个位置权限不足！", "file_manage_main.php?activepath=$mpath", 0, 1000);
                ShowMsg("移动文件 $oldfile -&gt; $truepath/$mfile 失败，可能是某个位置权限不足", "file_manage_main.php?activepath=$mpath", 0, 1000);
                return 0;
            }
        } else {
            ShowMsg("对不起，你移动的路径不合法！", "-1", 0, 5000);
            ShowMsg("对不起，您移动的路径不合法", "-1", 0, 5000);
            return 0;
        }
    }
@@ -127,7 +127,7 @@ class FileManagement
    {
        $dh = dir($indir);
        while ($filename = $dh->read()) {
            $truefile = $indir . '/' . $filename;
            $truefile = $indir.'/'.$filename;
            if ($filename == "." || $filename == "..") {
                continue;
            } else if (is_dir($truefile)) {
@@ -147,7 +147,7 @@ class FileManagement
     */
    function DeleteFile($filename)
    {
        $filename = $this->baseDir . $this->activeDir . "/$filename";
        $filename = $this->baseDir.$this->activeDir."/$filename";
        if (is_file($filename)) {
            @unlink($filename);
            $t = "文件";
@@ -157,11 +157,11 @@ class FileManagement
                $this->RmDirFiles($filename);
            } else {
                // 完善用户体验，by:sumic
                ShowMsg("系统禁止删除" . $t . "！", "file_manage_main.php?activepath=" . $this->activeDir);
                ShowMsg("系统禁止删除".$t."", "file_manage_main.php?activepath=".$this->activeDir);
                exit;
            }
        }
        ShowMsg("成功删除一个" . $t . "！", "file_manage_main.php?activepath=" . $this->activeDir);
        ShowMsg("成功删除一个".$t."", "file_manage_main.php?activepath=".$this->activeDir);
        return 0;
    }
 }
@@ -191,7 +191,7 @@ class SpaceUse

        if ($size > 0) {
            list($t1, $t2) = explode(".", $size);
            $size = $t1 . "." . substr($t2, 0, 1);
            $size = $t1.".".substr($t2, 0, 1);
        }
        return $size;
    }
@@ -201,7 +201,7 @@ class SpaceUse
        $size = $size / 1024 / 1024;
        if ($size > 0) {
            list($t1, $t2) = explode(".", $size);
            $size = $t1 . "." . substr($t2, 0, 2);
            $size = $t1.".".substr($t2, 0, 2);
        }
        return $size;
    }
--- a/src/dede/file_manage_control.php
+++ b/src/dede/file_manage_control.php
@@ -5,19 +5,19 @@
 *
 * @version        $Id: file_manage_control.php 1 8:48 2010年7月13日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require(dirname(__FILE__) . "/config.php");
 require(dirname(__FILE__)."/config.php");
 CheckPurview('plus_文件管理器');
 require(DEDEINC . "/oxwindow.class.php");
 require_once(DEDEADMIN . '/file_class.php');
 require(DEDEINC."/oxwindow.class.php");
 require_once(DEDEADMIN.'/file_class.php');
 $activepath = str_replace("..", "", $activepath);
 $activepath = preg_replace("#^\/{1,}#", "/", $activepath);
 if ($activepath == "/") $activepath = "";
 if ($activepath == "") $inpath = $cfg_basedir;
 else $inpath = $cfg_basedir . $activepath;
 else $inpath = $cfg_basedir.$activepath;

 //文件管理器交互与逻辑控制文件
 $fmm = new FileManagement();
@@ -68,9 +68,9 @@ function __saveEdit();
    fputs($fp, $str);
    fclose($fp);
    if (empty($backurl)) {
        ShowMsg("成功保存一个文件！", "file_manage_main.php?activepath=$activepath");
        ShowMsg("成功保存一个文件", "file_manage_main.php?activepath=$activepath");
    } else {
        ShowMsg("成功保存文件！", $backurl);
        ShowMsg("成功保存文件", $backurl);
    }
    exit();
 }
@@ -90,7 +90,7 @@ else if($fmdo=="editview")
    {
        $backurl = "file_manage_main.php?activepath=$activepath";
    }
    ShowMsg("成功保存文件！",$backurl);
    ShowMsg("成功保存文件",$backurl);
    exit();
 }
 */
@@ -100,16 +100,16 @@ function __upload();
 ----------------*/ else if ($fmdo == "upload") {
    $j = 0;
    for ($i = 1; $i <= 50; $i++) {
        $upfile = "upfile" . $i;
        $upfile_name = "upfile" . $i . "_name";
        $upfile = "upfile".$i;
        $upfile_name = "upfile".$i."_name";
        if (!isset(${$upfile}) || !isset(${$upfile_name})) {
            continue;
        }
        $upfile = ${$upfile};
        $upfile_name = ${$upfile_name};
        if (is_uploaded_file($upfile)) {
            if (!file_exists($cfg_basedir . $activepath . "/" . $upfile_name)) {
                move_uploaded_file($upfile, $cfg_basedir . $activepath . "/" . $upfile_name);
            if (!file_exists($cfg_basedir.$activepath."/".$upfile_name)) {
                move_uploaded_file($upfile, $cfg_basedir.$activepath."/".$upfile_name);
            }
            @unlink($upfile);
            $j++;
@@ -126,10 +126,10 @@ else if ($fmdo == "space") {
    } else {
        $ecpath = $activepath;
    }
    $titleinfo = "目录 <a href='file_manage_main.php?activepath=$activepath'><b><u>$ecpath</u></b></a> 空间使用状况：<br/>";
    $titleinfo = "目录 <a href='file_manage_main.php?activepath=$activepath'><b>$ecpath</b></a> 空间使用状况：<br/>";
    $wintitle = "文件管理";
    $wecome_info = "文件管理::空间大小检查 [<a href='file_manage_main.php?activepath=$activepath'>文件浏览器</a>]</a>";
    $activepath = $cfg_basedir . $activepath;
    $activepath = $cfg_basedir.$activepath;
    $space = new SpaceUse;
    $space->checksize($activepath);
    $total = $space->totalsize;
--- a/src/dede/file_manage_main.php
+++ b/src/dede/file_manage_main.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: file_manage_main.php 1 8:48 2010年7月13日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require(dirname(__FILE__) . "/config.php");
 require(dirname(__FILE__)."/config.php");
 CheckPurview('plus_文件管理器');
 if (!isset($activepath)) $activepath = $cfg_cmspath;

@@ -19,10 +19,10 @@ $activepath = preg_replace("#^\/{1,}#", "/", $activepath);
 if ($activepath == "/") $activepath = "";

 if ($activepath == "") $inpath = $cfg_basedir;
 else $inpath = $cfg_basedir . $activepath;
 else $inpath = $cfg_basedir.$activepath;

 $activeurl = $activepath;
 if (preg_match("#" . $cfg_templets_dir . "#i", $activepath)) {
 if (preg_match("#".$cfg_templets_dir."#i", $activepath)) {
    $istemplets = TRUE;
 } else {
    $istemplets = FALSE;
--- a/src/dede/file_manage_view.php
+++ b/src/dede/file_manage_view.php
@@ -5,18 +5,18 @@
 *
 * @version        $Id: file_manage_view.php 1 8:48 2010年7月13日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('plus_文件管理器');
 require_once(DEDEINC . "/oxwindow.class.php");
 require_once(DEDEINC."/oxwindow.class.php");
 $activepath = str_replace("..", "", $activepath);
 $activepath = preg_replace("#^\/{1,}#", "/", $activepath);
 if ($activepath == "/") $activepath = "";
 if ($activepath == "") $inpath = $cfg_basedir;
 else $inpath = $cfg_basedir . $activepath;
 else $inpath = $cfg_basedir.$activepath;

 //显示控制层
 //更改文件名
@@ -80,10 +80,10 @@ else if ($fmdo == "del") {
    $win->AddHidden("fmdo", $fmdo);
    $win->AddHidden("activepath", $activepath);
    $win->AddHidden("filename", $filename);
    if (@is_dir($cfg_basedir . $activepath . "/$filename")) {
        $wmsg = "你确信要删除目录：$filename 吗？";
    if (@is_dir($cfg_basedir.$activepath."/$filename")) {
        $wmsg = "您确信要删除目录：$filename 吗？";
    } else {
        $wmsg = "你确信要删除文件：$filename 吗？";
        $wmsg = "您确信要删除文件：$filename 吗？";
    }
    $win->AddTitle("删除文件确认");
    $win->AddMsgItem($wmsg, "50");
@@ -120,7 +120,7 @@ else if ($fmdo == "edit") {
        $GLOBALS['extension'] = 'text/html';
    }
    $ctp = new DedeTagParse();
    $ctp->LoadTemplate(DEDEADMIN . "/templets/file_edit.htm");
    $ctp->LoadTemplate(DEDEADMIN."/templets/file_edit.htm");
    $ctp->display();
 }
 /*编辑文件，可视化模式
@@ -162,13 +162,13 @@ else if ($fmdo == "newfile") {
    $contentView = "<textarea id='str' name='str' style='width:99%;height:400'></textarea>\r\n";
    $GLOBALS['token'] = make_hash();
    $ctp = new DedeTagParse();
    $ctp->LoadTemplate(DEDEADMIN . "/templets/file_edit.htm");
    $ctp->LoadTemplate(DEDEADMIN."/templets/file_edit.htm");
    $ctp->display();
 }

 //上传文件
 else if ($fmdo == "upload") {
    $ctp = new DedeTagParse();
    $ctp->LoadTemplate(DEDEADMIN . "/templets/file_upload.htm");
    $ctp->LoadTemplate(DEDEADMIN."/templets/file_upload.htm");
    $ctp->display();
 }
--- a/src/dede/freelist_add.php
+++ b/src/dede/freelist_add.php
@@ -5,14 +5,14 @@
 *
 * @version        $Id: freelist_add.php 1 8:48 2010年7月13日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('c_FreeList');
 if (empty($dopost)) {
    require_once DEDEINC . '/typelink.class.php';
    require_once DEDEINC.'/typelink.class.php';
    include DedeInclude('templets/freelist_add.htm');
    exit();
 } else if ($dopost == 'save') {
@@ -26,10 +26,10 @@ if (empty($dopost)) {
        exit();
    }
    if (is_array($types)) {
        foreach ($types as $v) $ntype .= $v . ' ';
        foreach ($types as $v) $ntype .= $v.' ';
    }

    if ($ntype != '') $atts .= " type='" . trim($ntype) . "' ";
    if ($ntype != '') $atts .= " type='".trim($ntype)."' ";
    if (!empty($typeid)) $atts .= " typeid='$typeid' ";
    if (!empty($channel)) $atts .= " channel='$channel' ";
    if (!empty($subday)) $atts .= " subday='$subday' ";
--- a/src/dede/freelist_edit.php
+++ b/src/dede/freelist_edit.php
@@ -5,19 +5,19 @@
 *
 * @version        $Id: freelist_edit.php 1 8:48 2010年7月13日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 if (empty($dopost)) {
    require_once DEDEINC . '/typelink.class.php';
    require_once DEDEINC . '/dedetag.class.php';
    require_once DEDEINC.'/typelink.class.php';
    require_once DEDEINC.'/dedetag.class.php';
    $aid = isset($aid) && is_numeric($aid) ? $aid : 0;
    $row = $dsql->GetOne("Select * From `#@__freelist` where aid='$aid' ");
    $dtp = new DedeTagParse();
    $dtp->SetNameSpace("dede", "{", "}");
    $dtp->LoadSource("--" . $row['listtag'] . "--");
    $dtp->LoadSource("--".$row['listtag']."--");
    $ctag = $dtp->GetTag('list');
    include DedeInclude('templets/freelist_edit.htm');
    exit();
@@ -28,10 +28,10 @@ if (empty($dopost)) {
    $ntype = '';
    $edtime = time();
    if (is_array($types)) {
        foreach ($types as $v) $ntype .= $v . ' ';
        foreach ($types as $v) $ntype .= $v.' ';
    }

    if ($ntype != '') $atts .= " type='" . trim($ntype) . "' ";
    if ($ntype != '') $atts .= " type='".trim($ntype)."' ";
    if (!empty($typeid)) $atts .= " typeid='$typeid' ";
    if (!empty($channel)) $atts .= " channel='$channel' ";
    if (!empty($subday)) $atts .= " subday='$subday' ";
--- a/src/dede/freelist_main.php
+++ b/src/dede/freelist_main.php
@@ -4,7 +4,7 @@
 *
 * @version        $Id: freelist_main.php 1 8:48 2010年7月13日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
@@ -68,10 +68,10 @@ function GetTagList($dsql,$pageno,$pagesize,$orderby='aid')
    $start = ($pageno-1) * $pagesize;
    $printhead ="<table width='98%' border='0' cellpadding='1' cellspacing='1' align='center'  class='table maintable table-bordered' style='background:#cfcfcf;margin-bottom:5px;'>
        <tr align='center' bgcolor='#FBFCE2'>
          <td width='5%' class='tbsname'><a href='#' onclick=\"ReloadPage('aid')\"><u>ID</u></a></td>
          <td width='5%' class='tbsname'><a href='#' onclick=\"ReloadPage('aid')\">ID</a></td>
          <td width='20%' class='tbsname'>列表名称</td>
          <td width='20%' class='tbsname'>模板文件</td>
          <td width='5%' class='tbsname'><a href='#' onclick=\"ReloadPage('click')\"><u>点击</u></a></td>
          <td width='5%' class='tbsname'><a href='#' onclick=\"ReloadPage('click')\">点击</a></td>
          <td width='15%' class='tbsname'>创建时间</td>
          <td class='tbsname'>管理</td>
            </tr>\r\n";
--- a/src/dede/friendlink_add.php
+++ b/src/dede/friendlink_add.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: friendlink_add.php 1 10:59 2010年7月13日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require(dirname(__FILE__) . "/config.php");
 require(dirname(__FILE__)."/config.php");
 CheckPurview('plus_友情链接模块');
 if (empty($dopost)) $dopost = "";

@@ -17,18 +17,18 @@ if ($dopost == "add") {
    $dtime = time();
    if (is_uploaded_file($logoimg)) {
        $names = split("\.", $logoimg_name);
        $shortname = "." . $names[count($names) - 1];
        $shortname = ".".$names[count($names) - 1];
        if (!preg_match("#(jpg|gif|png)$#", $shortname)) {
            $shortname = '.gif';
        }
        $filename = MyDate("ymdHis", time()) . mt_rand(1000, 9999) . $shortname;
        $imgurl = $cfg_medias_dir . "/flink";
        if (!is_dir($cfg_basedir . $imgurl)) {
            MkdirAll($cfg_basedir . $imgurl, $cfg_dir_purview);
        $filename = MyDate("ymdHis", time()).mt_rand(1000, 9999).$shortname;
        $imgurl = $cfg_medias_dir."/flink";
        if (!is_dir($cfg_basedir.$imgurl)) {
            MkdirAll($cfg_basedir.$imgurl, $cfg_dir_purview);
            CloseFtp();
        }
        $imgurl = $imgurl . "/" . $filename;
        move_uploaded_file($logoimg, $cfg_basedir . $imgurl) or die("复制文件到:" . $cfg_basedir . $imgurl . "失败");
        $imgurl = $imgurl."/".$filename;
        move_uploaded_file($logoimg, $cfg_basedir.$imgurl) or die("复制文件到:".$cfg_basedir.$imgurl."失败");
        @unlink($logoimg);
    } else {
        $imgurl = $logo;
@@ -48,7 +48,7 @@ if ($dopost == "add") {
        ShowMsg("成功增加一个链接!", $burl, 0, 500);
        exit();
    } else {
        ShowMsg("增加链接时出错，请向官方反馈，原因：" . $dsql->GetError(), "javascript:;");
        ShowMsg("增加链接时出错，请向官方反馈，原因：".$dsql->GetError(), "javascript:;");
        exit();
    }
 }
--- a/src/dede/friendlink_edit.php
+++ b/src/dede/friendlink_edit.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: friendlink_edit.php 1 10:59 2010年7月13日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 CheckPurview('plus_友情链接模块');
 $ENV_GOBACK_URL = empty($_COOKIE['ENV_GOBACK_URL']) ? 'friendlink_main.php' : $_COOKIE['ENV_GOBACK_URL'];
 if (empty($dopost)) $dopost = "";
@@ -24,7 +24,7 @@ if (isset($allid)) {
 if ($dopost == "delete") {
    $id = preg_replace("#[^0-9]#", "", $id);
    $dsql->ExecuteNoneQuery("DELETE FROM `#@__flink` WHERE id='$id'");
    ShowMsg("成功删除一个链接！", $ENV_GOBACK_URL);
    ShowMsg("成功删除一个链接", $ENV_GOBACK_URL);
    exit();
 } else if ($dopost == "delall") {
    $aids = explode(',', $aids);
@@ -33,22 +33,22 @@ if ($dopost == "delete") {
            $aid = preg_replace("#[^0-9]#", "", $aid);
            $dsql->ExecuteNoneQuery("DELETE FROM `#@__flink` WHERE id='$aid'");
        }
        ShowMsg("成功删除指定链接！", $ENV_GOBACK_URL);
        ShowMsg("成功删除指定链接", $ENV_GOBACK_URL);
        exit();
    } else {
        ShowMsg("你没选定任何链接！", $ENV_GOBACK_URL);
        ShowMsg("您没选定任何链接", $ENV_GOBACK_URL);
        exit();
    }
 } else if ($dopost == "saveedit") {
    require_once DEDEINC . '/request.class.php';
    require_once DEDEINC.'/request.class.php';
    $request = new Request();
    $request->Init();
    $id = preg_replace("#[^0-9]#", "", $request->Item('id', 0));
    $logo = $request->Item('logo', '');
    $logoimg = $request->Upfile('logoimg', '');
    if (!empty($logoimg)) {
        $request->MoveUploadFile('logoimg', DEDEROOT . '/uploads/flink/' . $request->GetFileInfo('logoimg', 'name'));
        $logo = $cfg_cmspath . '/uploads/flink/' . $request->GetFileInfo('logoimg', 'name');
        $request->MoveUploadFile('logoimg', DEDEROOT.'/uploads/flink/'.$request->GetFileInfo('logoimg', 'name'));
        $logo = $cfg_cmspath.'/uploads/flink/'.$request->GetFileInfo('logoimg', 'name');
    }
    $sortrank = $request->Item('sortrank', 1);
    $url = $request->Item('url', '');
@@ -61,7 +61,7 @@ if ($dopost == "delete") {
    $query = "UPDATE `#@__flink` SET sortrank='$sortrank',url='$url',webname='$webname',logo='$logo',msg='$msg',
                  email='$email',typeid='$typeid',ischeck='$ischeck' WHERE id='$id' ";
    $dsql->ExecuteNoneQuery($query);
    ShowMsg("成功更改一个链接！", $ENV_GOBACK_URL);
    ShowMsg("成功更改一个链接", $ENV_GOBACK_URL);
    exit();
 }
 $myLink = $dsql->GetOne("SELECT #@__flink.*,#@__flinktype.typename FROM #@__flink LEFT JOIN #@__flinktype ON #@__flink.typeid=#@__flinktype.id WHERE #@__flink.id=$id");
--- a/src/dede/friendlink_main.php
+++ b/src/dede/friendlink_main.php
@@ -5,12 +5,12 @@
 *
 * @version        $Id: friendlink_main.php 1 8:48 2010年7月13日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(DEDEINC . '/datalistcp.class.php');
 require_once(dirname(__FILE__).'/config.php');
 require_once(DEDEINC.'/datalistcp.class.php');
 setcookie('ENV_GOBACK_URL', $dedeNowurl, time() + 3600, '/');

 if (empty($keyword)) $keyword = '';
@@ -29,7 +29,7 @@ $sql = "SELECT * FROM `#@__flink` WHERE  CONCAT(`url`,`webname`,`email`) LIKE '%
 $dlist = new DataListCP();
 $dlist->SetParameter('keyword', $keyword);
 $dlist->SetParameter('ischeck', $ischeck);
 $dlist->SetTemplet(DEDEADMIN . '/templets/friendlink_main.htm');
 $dlist->SetTemplet(DEDEADMIN.'/templets/friendlink_main.htm');
 $dlist->SetSource($sql);
 $dlist->display();

--- a/src/dede/friendlink_type.php
+++ b/src/dede/friendlink_type.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: friendlink_type.php 1 8:48 2010年7月13日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/config.php");
 require_once(dirname(__FILE__)."/config.php");
 if (empty($dopost)) $dopost = '';

 //保存更改
@@ -18,9 +18,9 @@ if ($dopost == "save") {
    $endID = $idend;
    for (; $startID <= $endID; $startID++) {
        $query = '';
        $tid = ${'ID_' . $startID};
        $pname =   ${'pname_' . $startID};
        if (isset(${'check_' . $startID})) {
        $tid = ${'ID_'.$startID};
        $pname =   ${'pname_'.$startID};
        if (isset(${'check_'.$startID})) {
            if ($pname != '') {
                $query = "UPDATE `#@__flinktype` SET typename='$pname' WHERE id='$tid' ";
                $dsql->ExecuteNoneQuery($query);
@@ -36,7 +36,7 @@ if ($dopost == "save") {
        $dsql->ExecuteNoneQuery($query);
    }
    header("Content-Type: text/html; charset={$cfg_soft_lang}");
    echo "<script> alert('成功更新友情链接网站分类表！'); </script>";
    echo "<script> alert('成功更新友情链接网站分类表'); </script>";
 }

 include DedeInclude('templets/friendlink_type.htm');
--- a/src/dede/imagecut.php
+++ b/src/dede/imagecut.php
@@ -5,41 +5,41 @@
 *
 * @version        $Id: imagecut.php 1 11:06 2010年7月13日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . '/config.php');
 require_once(dirname(__FILE__).'/config.php');
 $action = isset($action) ? trim($action) : '';
 if (empty($action)) {
    if (!@is_file($cfg_basedir . $file)) {
        ShowMsg("对不起，必须选择站内的图片才能进行裁剪！<br />点击'<a href='./dialog/select_images.php?f=form1.picname&imgstick=small'>站内选择</a>', 上传或选择一个图片，然后才能进行裁剪！", "./dialog/select_images.php?f=form1.picname&imgstick=small", 0, 10000);
    if (!@is_file($cfg_basedir.$file)) {
        ShowMsg("对不起，必须选择站内的图片才能进行裁剪<br />点击'<a href='./dialog/select_images.php?f=form1.picname&imgstick=small'>站内选择</a>', 上传或选择一个图片，然后才能进行裁剪", "./dialog/select_images.php?f=form1.picname&imgstick=small", 0, 10000);
        exit();
    }
    include DEDEADMIN . '/templets/imagecut.htm';
    include DEDEADMIN.'/templets/imagecut.htm';
    exit();
 } elseif ($action == 'cut') {
    require_once(DEDEINC . '/image.func.php');
    require_once(DEDEINC.'/image.func.php');

    if (!@is_file($cfg_basedir . $file)) {
        ShowMsg('对不起，请重新选择裁剪图片！', '-1');
    if (!@is_file($cfg_basedir.$file)) {
        ShowMsg('对不起，请重新选择裁剪图片', '-1');
        exit();
    }
    if (empty($width)) {
        ShowMsg('对不起，请选择裁剪图片的尺寸！', '-1');
        ShowMsg('对不起，请选择裁剪图片的尺寸', '-1');
        exit();
    }
    if (empty($height)) {
        ShowMsg('对不起，请选择裁剪图片的尺寸！', '-1');
        ShowMsg('对不起，请选择裁剪图片的尺寸', '-1');
        exit();
    }
    $imginfo = getimagesize($cfg_basedir . $file);
    $imginfo = getimagesize($cfg_basedir.$file);
    $imgw = $imginfo[0];
    $imgh = $imginfo[1];
    $temp = 400 / $imgw;
    $newwidth = 400;
    $newheight = $imgh * $temp;
    $srcFile = $cfg_basedir . $file;
    $srcFile = $cfg_basedir.$file;
    $thumb = imagecreatetruecolor($newwidth, $newheight);
    $thumba = imagecreatetruecolor($width, $height);

@@ -54,7 +54,7 @@ if (empty($action)) {
            $source = imagecreatefrompng($srcFile);
            break;
        default:
            ShowMsg('对不起，裁剪图片类型不支持请选择其他类型图片！', '-1');
            ShowMsg('对不起，裁剪图片类型不支持请选择其他类型图片', '-1');
            break;
    }

@@ -65,7 +65,7 @@ if (empty($action)) {

    $ddpicok = $reObjJs = '';
    if (empty($isupload)) {
        $ddpicok = preg_replace("#\." . $ddn . "$#", '-lp.' . $ddn, $file);
        $ddpicok = preg_replace("#\.".$ddn."$#", '-lp.'.$ddn, $file);
        $reObjJs = "        var backObj = window.opener.document.form1.picname;
        var prvObj = window.opener.document.getElementById('divpicview');\r\n";
    } else {
@@ -74,7 +74,7 @@ if (empty($action)) {
        var prvObj = window.opener.parent.document.getElementById('divpicview');\r\n";
    }

    $ddpicokurl = $cfg_basedir . $ddpicok;
    $ddpicokurl = $cfg_basedir.$ddpicok;

    switch ($imginfo['mime']) {
        case 'image/jpeg':
@@ -87,7 +87,7 @@ if (empty($action)) {
            imagepng($thumba, $ddpicokurl);
            break;
        default:
            ShowMsg("对不起，裁剪图片类型不支持请选择其他类型图片！", "-1");
            ShowMsg("对不起，裁剪图片类型不支持请选择其他类型图片", "-1");
            break;
    }

@@ -99,7 +99,7 @@ if (empty($action)) {
    //如果从其它图中剪出， 保存附件信息
    if (empty($isupload)) {
        $inquery = "INSERT INTO `#@__uploads`(title,url,mediatype,width,height,playtime,filesize,uptime,mid)
        VALUES ('$ddpicok','$ddpicok','1','0','0','0','" . filesize($ddpicokurl) . "','" . time() . "','" . $cuserLogin->getUserID() . "'); ";
        VALUES ('$ddpicok','$ddpicok','1','0','0','0','".filesize($ddpicokurl)."','".time()."','".$cuserLogin->getUserID()."'); ";
        $dsql->ExecuteNoneQuery($inquery);
        $fid = $dsql->GetLastID();
        AddMyAddon($fid, $ddpicok);
--- a/src/dede/inc/inc_action_info.php
+++ b/src/dede/inc/inc_action_info.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: inc_action_info.php 2 14:55 2010-11-11 tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(dirname(__FILE__) . "/../config.php");
 require_once(dirname(__FILE__)."/../config.php");
 $cuserLogin = new userLogin();
 //后台功能操作配置项
 $actionSearch[0] = array(
@@ -33,7 +33,7 @@ $actionSearch[0] = array(
            'title' => '我发布的文档',
            'description' => '现在登录的管理员所发表的所有内容模型中的文档',
            'purview' => 'a_List,a_AccList,a_MyList',
            'linkurl' => 'content_list.php?mid=' . $cuserLogin->userID
            'linkurl' => 'content_list.php?mid='.$cuserLogin->userID
        ),
        3  =>  array(
            'title' => '评论管理',
@@ -259,7 +259,7 @@ $actionSearch[6] = array(
        ),
        7  =>  array(
            'title' => '汇款账号设置',
            'description' => '银行付款的账号设置,用户可以查看到你的银行付款账号方便支付',
            'description' => '银行付款的账号设置,用户可以查看到您的银行付款账号方便支付',
            'purview' => 'sys_Data',
            'linkurl' => 'shops_bank.php'
        ),
@@ -425,7 +425,7 @@ $actionSearch[10] = array(
        ),
        9  =>  array(
            'title' => '随机模板设置',
            'description' => '本设置仅适用于系统默认的文章模型，设置后发布文章时会自动按指定的模板随机获取一个，如果不想使用此功能，把它设置为空即可！',
            'description' => '本设置仅适用于系统默认的文章模型，设置后发布文章时会自动按指定的模板随机获取一个，如果不想使用此功能，把它设置为空即可',
            'purview' => 'sys_StringMix',
            'linkurl' => 'article_template_rand.php'
        ),
@@ -443,7 +443,7 @@ $actionSearch[10] = array(
        ),
        14  =>  array(
            'title' => '病毒扫描[S]',
            'description' => '以DedeCMSV6开发模式为标准对现有的文件进行扫描并进行判断',
            'description' => '以DedeBIZ开发模式为标准对现有的文件进行扫描并进行判断',
            'purview' => 'sys_verifies',
            'linkurl' => 'sys_safetest.php'
        ),
--- a/src/dede/inc/inc_archives_all.php
+++ b/src/dede/inc/inc_archives_all.php
@@ -5,7 +5,7 @@
 *
 * @version        $Id: inc_archives_all.php 1 9:56 2010年7月21日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
@@ -69,7 +69,7 @@ function GetFormItem($ctag)
    }
    if ($ctag->GetAtt("type") == "htmltext" || $ctag->GetAtt("type") == "textdata") {
        $formitem = "";
        $formitem .= "<table width=\"800\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr><td width=\"80\">" . $ctag->GetAtt('itemname') . "</td><td>";
        $formitem .= "<table width=\"800\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr><td width=\"80\">".$ctag->GetAtt('itemname')."</td><td>";
        $formitem .= GetEditor($fieldname, '', 350, 'Basic', 'string');
        $formitem .= "</td></tr></table>\r\n";
        return $formitem;
@@ -86,22 +86,22 @@ function GetFormItem($ctag)
        $formitem = str_replace("~form~", $innertext, $formitem);
        return $formitem;
    } else if ($ctag->GetAtt("type") == "img") {
        $innertext = "<input type='text' name='$fieldname' id='$fieldname' style='width:300'><input name='" . $fieldname . "_bt' type='button' value='浏览...' onClick=\"SelectImage('form1.$fieldname','big')\">\r\n";
        $innertext = "<input type='text' name='$fieldname' id='$fieldname' style='width:300'><input name='".$fieldname."_bt' type='button' value='浏览...' onClick=\"SelectImage('form1.$fieldname','big')\">\r\n";
        $formitem = str_replace("~name~", $ctag->GetAtt('itemname'), $formitem);
        $formitem = str_replace("~form~", $innertext, $formitem);
        return $formitem;
    } else if ($ctag->GetAtt("type") == "media") {
        $innertext = "<input type='text' name='$fieldname' id='$fieldname' style='width:300'><input name='" . $fieldname . "_bt' type='button' value='浏览...' onClick=\"SelectMedia('form1.$fieldname')\">\r\n";
        $innertext = "<input type='text' name='$fieldname' id='$fieldname' style='width:300'><input name='".$fieldname."_bt' type='button' value='浏览...' onClick=\"SelectMedia('form1.$fieldname')\">\r\n";
        $formitem = str_replace("~name~", $ctag->GetAtt('itemname'), $formitem);
        $formitem = str_replace("~form~", $innertext, $formitem);
        return $formitem;
    } else if ($ctag->GetAtt("type") == "addon") {
        $innertext = "<input type='text' name='$fieldname' id='$fieldname' style='width:300'><input name='" . $fieldname . "_bt' type='button' value='浏览...' onClick=\"SelectSoft('form1.$fieldname')\">\r\n";
        $innertext = "<input type='text' name='$fieldname' id='$fieldname' style='width:300'><input name='".$fieldname."_bt' type='button' value='浏览...' onClick=\"SelectSoft('form1.$fieldname')\">\r\n";
        $formitem = str_replace("~name~", $ctag->GetAtt('itemname'), $formitem);
        $formitem = str_replace("~form~", $innertext, $formitem);
        return $formitem;
    } else if ($ctag->GetAtt("type") == "media") {
        $innertext = "<input type='text' name='$fieldname' id='$fieldname' style='width:300'><input name='" . $fieldname . "_bt' type='button' value='浏览...' onClick=\"SelectMedia('form1.$fieldname')\">\r\n";
        $innertext = "<input type='text' name='$fieldname' id='$fieldname' style='width:300'><input name='".$fieldname."_bt' type='button' value='浏览...' onClick=\"SelectMedia('form1.$fieldname')\">\r\n";
        $formitem = str_replace("~name~", $ctag->GetAtt('itemname'), $formitem);
        $formitem = str_replace("~form~", $innertext, $formitem);
        return $formitem;
@@ -147,28 +147,28 @@ function GetFieldValue($dvalue, $dtype, $aid = 0, $job = 'add', $addvar = '')
    } else if ($dtype == "textdata") {
        if ($job == 'edit') {
            $addvarDirs = explode('/', $addvar);
            $addvarDir = preg_replace("#\/" . $addvarDirs[count($addvarDirs) - 1] . "$#", "", $addvar);
            $mdir = $GLOBALS['cfg_basedir'] . $addvarDir;
            $addvarDir = preg_replace("#\/".$addvarDirs[count($addvarDirs) - 1]."$#", "", $addvar);
            $mdir = $GLOBALS['cfg_basedir'].$addvarDir;
            if (!is_dir($mdir)) {
                MkdirAll($mdir, $GLOBALS['cfg_dir_purview']);
            }
            $fp = fopen($GLOBALS['cfg_basedir'] . $addvar, "w");
            $fp = fopen($GLOBALS['cfg_basedir'].$addvar, "w");
            fwrite($fp, stripslashes($dvalue));
            fclose($fp);
            CloseFtp();
            return $addvar;
        } else {
            $ipath = $GLOBALS['cfg_cmspath'] . "/data/textdata";
            $ipath = $GLOBALS['cfg_cmspath']."/data/textdata";
            $tpath = ceil($aid / 5000);
            if (!is_dir($GLOBALS['cfg_basedir'] . $ipath)) {
                MkdirAll($GLOBALS['cfg_basedir'] . $ipath, $cfg_dir_purview);
            if (!is_dir($GLOBALS['cfg_basedir'].$ipath)) {
                MkdirAll($GLOBALS['cfg_basedir'].$ipath, $cfg_dir_purview);
            }
            if (!is_dir($GLOBALS['cfg_basedir'] . $ipath . '/' . $tpath)) {
                MkdirAll($GLOBALS['cfg_basedir'] . $ipath . '/' . $tpath, $cfg_dir_purview);
            if (!is_dir($GLOBALS['cfg_basedir'].$ipath.'/'.$tpath)) {
                MkdirAll($GLOBALS['cfg_basedir'].$ipath.'/'.$tpath, $cfg_dir_purview);
            }
            $ipath = $ipath . '/' . $tpath;
            $filename = "{$ipath}/{$aid}-" . cn_substr(md5($cfg_cookie_encode), 0, 16) . ".txt";
            $fp = fopen($GLOBALS['cfg_basedir'] . $filename, "w");
            $ipath = $ipath.'/'.$tpath;
            $filename = "{$ipath}/{$aid}-".cn_substr(md5($cfg_cookie_encode), 0, 16).".txt";
            $fp = fopen($GLOBALS['cfg_basedir'].$filename, "w");
            fwrite($fp, stripslashes($dvalue));
            fclose($fp);
            CloseFtp();
@@ -180,24 +180,24 @@ function GetFieldValue($dvalue, $dtype, $aid = 0, $job = 'add', $addvar = '')
            return "";
        }
        $iurl = trim(str_replace($GLOBALS['cfg_basehost'], "", $iurl));
        $imgurl = "{dede:img text='' width='' height=''} " . $iurl . " {/dede:img}";
        $imgurl = "{dede:img text='' width='' height=''} ".$iurl." {/dede:img}";
        if (preg_match("#^http:\/\/#i", $iurl) && $GLOBALS['isUrlOpen']) {
            //远程图片
            $reimgs = "";
            if ($isUrlOpen) {
                $reimgs = GetRemoteImage($iurl, $GLOBALS['adminid']);
                if (is_array($reimgs)) {
                    $imgurl = "{dede:img text='' width='" . $reimgs[1] . "' height='" . $reimgs[2] . "'} " . $reimgs[0] . " {/dede:img}";
                    $imgurl = "{dede:img text='' width='".$reimgs[1]."' height='".$reimgs[2]."'} ".$reimgs[0]." {/dede:img}";
                }
            } else {
                $imgurl = "{dede:img text='' width='' height=''} " . $iurl . " {/dede:img}";
                $imgurl = "{dede:img text='' width='' height=''} ".$iurl." {/dede:img}";
            }
        } else if ($iurl != "") {
            //站内图片
            $imgfile = $GLOBALS['cfg_basedir'] . $iurl;
            $imgfile = $GLOBALS['cfg_basedir'].$iurl;
            if (is_file($imgfile)) {
                $imginfos = GetImageSize($imgfile);
                $imgurl = "{dede:img text='' width='" . $imginfos[0] . "' height='" . $imginfos[1] . "'} $iurl {/dede:img}";
                $imgurl = "{dede:img text='' width='".$imginfos[0]."' height='".$imginfos[1]."'} $iurl {/dede:img}";
            }
        }
        return addslashes($imgurl);
@@ -271,8 +271,8 @@ function GetFormItemValue($ctag, $fvalue)

    //文本数据的特殊处理
    if ($ctag->GetAtt("type") == "textdata") {
        if (is_file($GLOBALS['cfg_basedir'] . $fvalue)) {
            $fp = fopen($GLOBALS['cfg_basedir'] . $fvalue, 'r');
        if (is_file($GLOBALS['cfg_basedir'].$fvalue)) {
            $fp = fopen($GLOBALS['cfg_basedir'].$fvalue, 'r');
            $okfvalue = "";
            while (!feof($fp)) {
                $okfvalue .= fgets($fp, 1024);
@@ -281,14 +281,14 @@ function GetFormItemValue($ctag, $fvalue)
        } else {
            $okfvalue = "";
        }
        $formitem  = "<table width=\"800\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr><td width=\"80\">" . $ctag->GetAtt('itemname') . "</td>\r\n";
        $formitem .= "<td>\r\n" . GetEditor($fieldname, $okfvalue, 350, 'Basic', 'string') . "</td>\r\n";
        $formitem  = "<table width=\"800\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr><td width=\"80\">".$ctag->GetAtt('itemname')."</td>\r\n";
        $formitem .= "<td>\r\n".GetEditor($fieldname, $okfvalue, 350, 'Basic', 'string')."</td>\r\n";
        $formitem .= "</tr></table>\r\n";
        $formitem .= "<input type='hidden' name='{$fieldname}_file' value='{$fvalue}'>\r\n";
        return $formitem;
    } else if ($ctag->GetAtt("type") == "htmltext") {
        $formitem  = "<table width=\"800\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr><td width=\"80\">" . $ctag->GetAtt('itemname') . "</td>\r\n";
        $formitem .= "<td>\r\n" . GetEditor($fieldname, $fvalue, 350, 'Basic', 'string') . "</td>\r\n";
        $formitem  = "<table width=\"800\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr><td width=\"80\">".$ctag->GetAtt('itemname')."</td>\r\n";
        $formitem .= "<td>\r\n".GetEditor($fieldname, $fvalue, 350, 'Basic', 'string')."</td>\r\n";
        $formitem .= "</tr></table>\r\n";
        return $formitem;
    } else if ($ctag->GetAtt("type") == "multitext") {
@@ -312,17 +312,17 @@ function GetFormItemValue($ctag, $fvalue)
        }
        $ntag = $ndtp->GetTag("img");
        $fvalue = trim($ntag->GetInnerText());
        $innertext = "<input type='text' name='$fieldname' value='$fvalue' id='$fieldname' style='width:300'><input name='" . $fieldname . "_bt' type='button' value='浏览...' onClick=\"SelectImage('form1.$fieldname','big')\">\r\n";
        $innertext = "<input type='text' name='$fieldname' value='$fvalue' id='$fieldname' style='width:300'><input name='".$fieldname."_bt' type='button' value='浏览...' onClick=\"SelectImage('form1.$fieldname','big')\">\r\n";
        $formitem = str_replace("~name~", $ctag->GetAtt('itemname'), $formitem);
        $formitem = str_replace("~form~", $innertext, $formitem);
        return $formitem;
    } else if ($ctag->GetAtt("type") == "media") {
        $innertext = "<input type='text' name='$fieldname' value='$fvalue' id='$fieldname' style='width:300'><input name='" . $fieldname . "_bt' type='button' value='浏览...' onClick=\"SelectMedia('form1.$fieldname')\">\r\n";
        $innertext = "<input type='text' name='$fieldname' value='$fvalue' id='$fieldname' style='width:300'><input name='".$fieldname."_bt' type='button' value='浏览...' onClick=\"SelectMedia('form1.$fieldname')\">\r\n";
        $formitem = str_replace("~name~", $ctag->GetAtt('itemname'), $formitem);
        $formitem = str_replace("~form~", $innertext, $formitem);
        return $formitem;
    } else if ($ctag->GetAtt("type") == "addon") {
        $innertext = "<input type='text' name='$fieldname' id='$fieldname' value='$fvalue' style='width:300'><input name='" . $fieldname . "_bt' type='button' value='浏览...' onClick=\"SelectSoft('form1.$fieldname')\">\r\n";
        $innertext = "<input type='text' name='$fieldname' id='$fieldname' value='$fvalue' style='width:300'><input name='".$fieldname."_bt' type='button' value='浏览...' onClick=\"SelectSoft('form1.$fieldname')\">\r\n";
        $formitem = str_replace("~name~", $ctag->GetAtt('itemname'), $formitem);
        $formitem = str_replace("~form~", $innertext, $formitem);
        return $formitem;
--- a/src/dede/inc/inc_archives_functions.php
+++ b/src/dede/inc/inc_archives_functions.php
@@ -1,24 +1,22 @@
 <?php

 /**
 * 文档操作相关函数
 *
 * @version        $Id: inc_archives_functions.php 1 9:56 2010年7月21日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(DEDEINC . '/dedehttpdown.class.php');
 require_once(DEDEINC . '/image.func.php');
 require_once(DEDEINC . '/archives.func.php');
 require_once(DEDEINC . '/arc.partview.class.php');
 require_once(DEDEINC.'/dedehttpdown.class.php');
 require_once(DEDEINC.'/image.func.php');
 require_once(DEDEINC.'/archives.func.php');
 require_once(DEDEINC.'/arc.partview.class.php');
 $backurl = !empty($_COOKIE['ENV_GOBACK_URL']) ? $_COOKIE['ENV_GOBACK_URL'] : '';
 $backurl = preg_match("#content_#", $backurl) ? "<a href='$backurl' class='btn btn-success btn-sm'>记忆的列表页</a> &nbsp;" : '';
 if (!isset($_NOT_ARCHIVES)) {
    require_once(DEDEINC . '/customfields.func.php');
    require_once(DEDEINC.'/customfields.func.php');
 }

 /**
 * 获得HTML里的外部资源，针对图集
 *
@@ -32,46 +30,44 @@ function GetCurContentAlbum($body, $rfurl, &$firstdd)
 {
    global $dsql, $cfg_multi_site, $cfg_basehost, $cfg_ddimg_width;
    global $cfg_basedir, $pagestyle, $cuserLogin, $cfg_addon_savetype;
    require_once(DEDEINC . '/dedecollection.func.php');
    require_once(DEDEINC.'/dedecollection.func.php');
    if (empty($cfg_ddimg_width))    $cfg_ddimg_width = 320;
    $rsimg = '';
    $cfg_uploaddir = $GLOBALS['cfg_image_dir'];
    $cfg_basedir = $GLOBALS['cfg_basedir'];
    $basehost = 'http://' . $_SERVER['HTTP_HOST'];
    $basehost = 'http://'.$_SERVER['HTTP_HOST'];
    $img_array = array();
    preg_match_all("/(src)=[\"|'| ]{0,}(http:\/\/([^>]*)\.(gif|jpg|png))/isU", $body, $img_array);
    $img_array = array_unique($img_array[2]);
    $imgUrl = $cfg_uploaddir . '/' . MyDate($cfg_addon_savetype, time());
    $imgPath = $cfg_basedir . $imgUrl;
    if (!is_dir($imgPath . '/')) {
    $imgUrl = $cfg_uploaddir.'/'.MyDate($cfg_addon_savetype, time());
    $imgPath = $cfg_basedir.$imgUrl;
    if (!is_dir($imgPath.'/')) {
        MkdirAll($imgPath, $GLOBALS['cfg_dir_purview']);
        CloseFtp();
    }
    $milliSecond = 'co' . dd2char(MyDate('ymdHis', time()));
    $milliSecond = 'co'.dd2char(MyDate('ymdHis', time()));
    foreach ($img_array as $key => $value) {
        $value = trim($value);
        if (
            preg_match("#" . $basehost . "#i", $value) || !preg_match("#^http:\/\/#i", $value)
            || ($cfg_basehost != $basehost && preg_match("#" . $cfg_basehost . "#i", $value))
            preg_match("#".$basehost."#i", $value) || !preg_match("#^http:\/\/#i", $value)
            || ($cfg_basehost != $basehost && preg_match("#".$cfg_basehost."#i", $value))
        ) {
            continue;
        }
        $itype =  substr($value, -4, 4);
        if (!preg_match("#\.(gif|jpg|png)#", $itype)) $itype = ".jpg";

        $rndFileName = $imgPath . '/' . $milliSecond . '-' . $key . $itype;
        $iurl = $imgUrl . '/' . $milliSecond . '-' . $key . $itype;

        $rndFileName = $imgPath.'/'.$milliSecond.'-'.$key.$itype;
        $iurl = $imgUrl.'/'.$milliSecond.'-'.$key.$itype;
        //下载并保存文件
        $rs = DownImageKeep($value, $rfurl, $rndFileName, '', 0, 30);
        if ($rs) {
            $info = '';
            $imginfos = GetImageSize($rndFileName, $info);
            $fsize = filesize($rndFileName);
            $filename = $milliSecond . '-' . $key . $itype;
            $filename = $milliSecond.'-'.$key.$itype;
            //保存图片附件信息
            $inquery = "INSERT INTO `#@__uploads`(arcid,title,url,mediatype,width,height,playtime,filesize,uptime,mid)
            VALUES ('0','$filename','$iurl','1','{$imginfos[0]}','$imginfos[1]','0','$fsize','" . time() . "','" . $cuserLogin->getUserID() . "'); ";
            VALUES ('0','$filename','$iurl','1','{$imginfos[0]}','$imginfos[1]','0','$fsize','".time()."','".$cuserLogin->getUserID()."'); ";
            $dsql->ExecuteNoneQuery($inquery);
            $fid = $dsql->GetLastID();
            AddMyAddon($fid, $iurl);
@@ -82,17 +78,16 @@ function GetCurContentAlbum($body, $rfurl, &$firstdd)
            }
            if (empty($firstdd) && !empty($litpicname)) {
                $firstdd = $litpicname;
                if (!file_exists($cfg_basedir . $firstdd)) {
                if (!file_exists($cfg_basedir.$firstdd)) {
                    $firstdd = $iurl;
                }
            }
            @WaterImg($rndFileName, 'down');
            $rsimg .= "{dede:img ddimg='$litpicname' text='' width='" . $imginfos[0] . "' height='" . $imginfos[1] . "'} $iurl {/dede:img}\r\n";
            $rsimg .= "{dede:img ddimg='$litpicname' text='' width='".$imginfos[0]."' height='".$imginfos[1]."'} $iurl {/dede:img}\r\n";
        }
    }
    return $rsimg;
 }

 /**
 * 获得文章body里的外部资源
 *
@@ -105,23 +100,22 @@ function GetCurContent($body)
    global $cfg_multi_site, $cfg_basehost, $cfg_basedir, $cfg_image_dir, $arcID, $cuserLogin, $dsql;
    $cfg_uploaddir = $cfg_image_dir;
    $htd = new DedeHttpDown();
    $basehost = "http://" . $_SERVER["HTTP_HOST"];
    $basehost = "http://".$_SERVER["HTTP_HOST"];
    $img_array = array();
    preg_match_all("/src=[\"|'|\s]([^\"|^\'|^\s]*?)/isU", $body, $img_array);

    $img_array = array_unique($img_array[1]);
    $imgUrl = $cfg_uploaddir . '/' . MyDate("ymd", time());
    $imgPath = $cfg_basedir . $imgUrl;
    if (!is_dir($imgPath . '/')) {
    $imgUrl = $cfg_uploaddir.'/'.MyDate("ymd", time());
    $imgPath = $cfg_basedir.$imgUrl;
    if (!is_dir($imgPath.'/')) {
        MkdirAll($imgPath, $GLOBALS['cfg_dir_purview']);
        CloseFtp();
    }
    $milliSecond = MyDate('His', time());
    foreach ($img_array as $key => $value) {
        if (preg_match("#" . $basehost . "#i", $value)) {
        if (preg_match("#".$basehost."#i", $value)) {
            continue;
        }
        if ($cfg_basehost != $basehost && preg_match("#" . $cfg_basehost . "#i", $value)) {
        if ($cfg_basehost != $basehost && preg_match("#".$cfg_basehost."#i", $value)) {
            continue;
        }
        if (!preg_match("#^(http|https):\/\/#i", $value)) {
@@ -140,11 +134,10 @@ function GetCurContent($body)
                $itype = '.jpg';
            }
        }
        $milliSecondN = dd2char($milliSecond . mt_rand(1000, 8000));
        $milliSecondN = dd2char($milliSecond.mt_rand(1000, 8000));
        $value = trim($value);
        $rndFileName = $imgPath . '/' . $milliSecondN . '-' . $key . $itype;
        $fileurl = $imgUrl . '/' . $milliSecondN . '-' . $key . $itype;

        $rndFileName = $imgPath.'/'.$milliSecondN.'-'.$key.$itype;
        $fileurl = $imgUrl.'/'.$milliSecondN.'-'.$key.$itype;
        $rs = $htd->SaveToBin($rndFileName);
        if ($rs) {
            $info = '';
@@ -152,12 +145,12 @@ function GetCurContent($body)
            $fsize = filesize($rndFileName);
            //保存图片附件信息
            $inquery = "INSERT INTO `#@__uploads`(arcid,title,url,mediatype,width,height,playtime,filesize,uptime,mid)
 			VALUES ('{$arcID}','$rndFileName','$fileurl','1','{$imginfos[0]}','$imginfos[1]','0','$fsize','" . time() . "','" . $cuserLogin->getUserID() . "'); ";
 			VALUES ('{$arcID}','$rndFileName','$fileurl','1','{$imginfos[0]}','$imginfos[1]','0','$fsize','".time()."','".$cuserLogin->getUserID()."'); ";
            $dsql->ExecuteNoneQuery($inquery);
            $fid = $dsql->GetLastID();
            AddMyAddon($fid, $fileurl);
            if ($cfg_multi_site == 'Y') {
                $fileurl = $cfg_basehost . $fileurl;
                $fileurl = $cfg_basehost.$fileurl;
            }
            $body = str_replace($value, $fileurl, $body);
            @WaterImg($rndFileName, 'down');
@@ -166,7 +159,6 @@ function GetCurContent($body)
    $htd->Close();
    return $body;
 }

 /**
 * 获取一个远程图片
 *
@@ -187,8 +179,8 @@ function GetRemoteImage($url, $uid = 0)
    if (!in_array($htd->GetHead("content-type"), $sparr)) {
        return '';
    } else {
        $imgUrl = $cfg_uploaddir . '/' . MyDate($cfg_addon_savetype, time());
        $imgPath = $cfg_basedir . $imgUrl;
        $imgUrl = $cfg_uploaddir.'/'.MyDate($cfg_addon_savetype, time());
        $imgPath = $cfg_basedir.$imgUrl;
        CreateDir($imgUrl);
        $itype = $htd->GetHead("content-type");
        if ($itype == "image/gif") {
@@ -200,9 +192,9 @@ function GetRemoteImage($url, $uid = 0)
        } else {
            $itype = '.jpg';
        }
        $rndname = dd2char($uid . '_' . MyDate('mdHis', time()) . mt_rand(1000, 9999));
        $rndtrueName = $imgPath . '/' . $rndname . $itype;
        $fileurl = $imgUrl . '/' . $rndname . $itype;
        $rndname = dd2char($uid.'_'.MyDate('mdHis', time()).mt_rand(1000, 9999));
        $rndtrueName = $imgPath.'/'.$rndname.$itype;
        $fileurl = $imgUrl.'/'.$rndname.$itype;
        $ok = $htd->SaveToBin($rndtrueName);
        @WaterImg($rndtrueName, 'down');
        if ($ok) {
@@ -215,7 +207,6 @@ function GetRemoteImage($url, $uid = 0)
    $htd->Close();
    return ($ok ? $revalues : '');
 }

 /**
 *  获取远程flash
 *
@@ -235,13 +226,13 @@ function GetRemoteFlash($url, $uid = 0)
    if ($htd->GetHead("content-type") != $sparr) {
        return '';
    } else {
        $imgUrl = $cfg_uploaddir . '/' . MyDate($cfg_addon_savetype, time());
        $imgPath = $cfg_basedir . $imgUrl;
        $imgUrl = $cfg_uploaddir.'/'.MyDate($cfg_addon_savetype, time());
        $imgPath = $cfg_basedir.$imgUrl;
        CreateDir($imgUrl);
        $itype = '.swf';
        $milliSecond = $uid . '_' . MyDate('mdHis', time());
        $rndFileName = $imgPath . '/' . $milliSecond . $itype;
        $fileurl = $imgUrl . '/' . $milliSecond . $itype;
        $milliSecond = $uid.'_'.MyDate('mdHis', time());
        $rndFileName = $imgPath.'/'.$milliSecond.$itype;
        $fileurl = $imgUrl.'/'.$milliSecond.$itype;
        $ok = $htd->SaveToBin($rndFileName);
        if ($ok) {
            $revalues = $fileurl;
@@ -250,7 +241,6 @@ function GetRemoteFlash($url, $uid = 0)
    $htd->Close();
    return $revalues;
 }

 /**
 *  检测频道ID
 *
@@ -263,12 +253,10 @@ function CheckChannel($typeid, $channelid)
 {
    global $dsql;
    if ($typeid == 0) return TRUE;

    $row = $dsql->GetOne("SELECT ispart,channeltype FROM `#@__arctype` WHERE id='$typeid' ");
    if ($row['ispart'] != 0 || $row['channeltype'] != $channelid) return FALSE;
    else return TRUE;
 }

 /**
 *  检测档案权限
 *
@@ -284,7 +272,6 @@ function CheckArcAdmin($aid, $adminid)
    if ($row['mid'] != $adminid) return FALSE;
    else return TRUE;
 }

 /**
 *  文档自动分页
 *
@@ -309,7 +296,7 @@ function SpLongBody($mybody, $spsize, $sptag)
            $npageBody .= $bds[$i];
            continue;
        }
        $bds[$i] = "<" . $bds[$i];
        $bds[$i] = "<".$bds[$i];
        if (strlen($bds[$i]) > 6) {
            $tname = substr($bds[$i], 1, 5);
            if (strtolower($tname) == 'table') {
@@ -327,7 +314,7 @@ function SpLongBody($mybody, $spsize, $sptag)
            $npageBody .= $bds[$i];
        }
        if (strlen($npageBody) > $spsize) {
            $mybody .= $npageBody . $sptag;
            $mybody .= $npageBody.$sptag;
            $npageBody = '';
        }
    }
@@ -336,7 +323,6 @@ function SpLongBody($mybody, $spsize, $sptag)
    }
    return addslashes($mybody);
 }

 /**
 *  创建指定ID的文档
 *
@@ -349,13 +335,12 @@ function SpLongBody($mybody, $spsize, $sptag)
 function MakeArt($aid, $mkindex = FALSE, $ismakesign = FALSE, $isremote = 0)
 {
    global $envs, $typeid;
    require_once(DEDEINC . '/arc.archives.class.php');
    require_once(DEDEINC.'/arc.archives.class.php');
    if ($ismakesign) $envs['makesign'] = 'yes';
    $arc = new Archives($aid);
    $reurl = $arc->MakeHtml($isremote);
    return $reurl;
 }

 /**
 *  取第一个图片为缩略图
 *
@@ -375,7 +360,6 @@ function GetDDImgFromBody(&$body)
    }
    return $litpic;
 }

 /**
 *  获得缩略图
 *
@@ -389,59 +373,52 @@ function GetDDImage($litpic, $picname, $isremote)
 {
    global $cuserLogin, $cfg_ddimg_width, $cfg_ddimg_height, $cfg_basedir, $ddcfg_image_dir, $cfg_addon_savetype;
    $ntime = time();
    if (($litpic != 'none' || $litpic != 'ddfirst') &&
        !empty($_FILES[$litpic]['tmp_name']) && is_uploaded_file($_FILES[$litpic]['tmp_name'])
    if (($litpic != 'none' || $litpic != 'ddfirst') && !empty($_FILES[$litpic]['tmp_name']) && is_uploaded_file($_FILES[$litpic]['tmp_name'])
    ) {
        //如果用户自行上传缩略图
        $istype = 0;
        $sparr = array("image/pjpeg", "image/jpeg", "image/gif", "image/png");
        $_FILES[$litpic]['type'] = strtolower(trim($_FILES[$litpic]['type']));
        if (!in_array($_FILES[$litpic]['type'], $sparr)) {
            ShowMsg("上传的图片格式错误，请使用JPEG、GIF、PNG格式的其中一种！", "-1");
            ShowMsg("上传的图片格式错误，请使用JPEG、GIF、PNG格式的其中一种", "-1");
            exit();
        }
        $savepath = $ddcfg_image_dir . '/' . MyDate($cfg_addon_savetype, $ntime);

        $savepath = $ddcfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime);
        CreateDir($savepath);
        $fullUrl = $savepath . '/' . dd2char(MyDate('mdHis', $ntime) . $cuserLogin->getUserID() . mt_rand(1000, 9999));
        $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999));
        if (strtolower($_FILES[$litpic]['type']) == "image/gif") {
            $fullUrl = $fullUrl . ".gif";
            $fullUrl = $fullUrl.".gif";
        } else if (strtolower($_FILES[$litpic]['type']) == "image/png") {
            $fullUrl = $fullUrl . ".png";
            $fullUrl = $fullUrl.".png";
        } else {
            $fullUrl = $fullUrl . ".jpg";
            $fullUrl = $fullUrl.".jpg";
        }

        @move_uploaded_file($_FILES[$litpic]['tmp_name'], $cfg_basedir . $fullUrl);
        @move_uploaded_file($_FILES[$litpic]['tmp_name'], $cfg_basedir.$fullUrl);
        $litpic = $fullUrl;

        if ($GLOBALS['cfg_ddimg_full'] == 'Y') @ImageResizeNew($cfg_basedir . $fullUrl, $cfg_ddimg_width, $cfg_ddimg_height);
        else @ImageResize($cfg_basedir . $fullUrl, $cfg_ddimg_width, $cfg_ddimg_height);

        $img = $cfg_basedir . $litpic;
        if ($GLOBALS['cfg_ddimg_full'] == 'Y') @ImageResizeNew($cfg_basedir.$fullUrl, $cfg_ddimg_width, $cfg_ddimg_height);
        else @ImageResize($cfg_basedir.$fullUrl, $cfg_ddimg_width, $cfg_ddimg_height);
        $img = $cfg_basedir.$litpic;
    } else {

        $picname = trim($picname);
        if ($isremote == 1 && preg_match("#^http:\/\/#i", $picname)) {
            $litpic = $picname;
            $ddinfos = GetRemoteImage($litpic, $cuserLogin->getUserID());

            if (!is_array($ddinfos)) {
                $litpic = '';
            } else {
                $litpic = $ddinfos[0];
                if ($ddinfos[1] > $cfg_ddimg_width || $ddinfos[2] > $cfg_ddimg_height) {
                    if ($GLOBALS['cfg_ddimg_full'] == 'Y') @ImageResizeNew($cfg_basedir . $litpic, $cfg_ddimg_width, $cfg_ddimg_height);
                    else @ImageResize($cfg_basedir . $litpic, $cfg_ddimg_width, $cfg_ddimg_height);
                    if ($GLOBALS['cfg_ddimg_full'] == 'Y') @ImageResizeNew($cfg_basedir.$litpic, $cfg_ddimg_width, $cfg_ddimg_height);
                    else @ImageResize($cfg_basedir.$litpic, $cfg_ddimg_width, $cfg_ddimg_height);
                }
            }
        } else {
            if ($litpic == 'ddfirst' && !preg_match("#^http:\/\/#i", $picname)) {
                $oldpic = $cfg_basedir . $picname;
                $oldpic = $cfg_basedir.$picname;
                $litpic = str_replace('.', '-lp.', $picname);
                if ($GLOBALS['cfg_ddimg_full'] == 'Y') @ImageResizeNew($oldpic, $cfg_ddimg_width, $cfg_ddimg_height, $cfg_basedir . $litpic);
                else @ImageResize($oldpic, $cfg_ddimg_width, $cfg_ddimg_height, $cfg_basedir . $litpic);
                if (!is_file($cfg_basedir . $litpic)) $litpic = '';
                if ($GLOBALS['cfg_ddimg_full'] == 'Y') @ImageResizeNew($oldpic, $cfg_ddimg_width, $cfg_ddimg_height, $cfg_basedir.$litpic);
                else @ImageResize($oldpic, $cfg_ddimg_width, $cfg_ddimg_height, $cfg_basedir.$litpic);
                if (!is_file($cfg_basedir.$litpic)) $litpic = '';
            } else {
                $litpic = $picname;
                return $litpic;
@@ -451,7 +428,6 @@ function GetDDImage($litpic, $picname, $isremote)
    if ($litpic == 'litpic' || $litpic == 'ddfirst') $litpic = '';
    return $litpic;
 }

 /**
 *  获得一个附加表单
 *
@@ -463,7 +439,6 @@ function GetFormItemA($ctag)
 {
    return GetFormItem($ctag, 'admin');
 }

 /**
 *  处理不同类型的数据
 *
@@ -479,7 +454,6 @@ function GetFieldValueA($dvalue, $dtype, $aid = 0, $job = 'add', $addvar = '')
 {
    return GetFieldValue($dvalue, $dtype, $aid, $job, $addvar, 'admin');
 }

 /**
 *  获得带值的表单(编辑时用)
 *
@@ -492,7 +466,6 @@ function GetFormItemValueA($ctag, $fvalue)
 {
    return GetFormItemValue($ctag, $fvalue, 'admin');
 }

 /**
 *  载入自定义表单(用于发布)
 *
@@ -510,17 +483,15 @@ function PrintAutoFieldsAdd($fieldset, $loadtype = 'all')
    if (is_array($dtp->CTags)) {
        foreach ($dtp->CTags as $tid => $ctag) {
            if (
                $loadtype != 'autofield'
                || ($loadtype == 'autofield' && $ctag->GetAtt('autofield') == 1)
                $loadtype != 'autofield' || ($loadtype == 'autofield' && $ctag->GetAtt('autofield') == 1)
            ) {
                $dede_addonfields .= ($dede_addonfields == "" ? $ctag->GetName() . "," . $ctag->GetAtt('type') : ";" . $ctag->GetName() . "," . $ctag->GetAtt('type'));
                $dede_addonfields .= ($dede_addonfields == "" ? $ctag->GetName().",".$ctag->GetAtt('type') : ";".$ctag->GetName().",".$ctag->GetAtt('type'));
                echo  GetFormItemA($ctag);
            }
        }
    }
    echo "<input type='hidden' name='dede_addonfields' value=\"" . $dede_addonfields . "\">\r\n";
    echo "<input type='hidden' name='dede_addonfields' value=\"".$dede_addonfields."\">\r\n";
 }

 /**
 *  载入自定义表单(用于编辑)
 *
@@ -539,18 +510,15 @@ function PrintAutoFieldsEdit(&$fieldset, &$fieldValues, $loadtype = 'all')
    if (is_array($dtp->CTags)) {
        foreach ($dtp->CTags as $tid => $ctag) {
            if (
                $loadtype != 'autofield'
                || ($loadtype == 'autofield' && $ctag->GetAtt('autofield') == 1)
                $loadtype != 'autofield' || ($loadtype == 'autofield' && $ctag->GetAtt('autofield') == 1)
            ) {
                $dede_addonfields .= ($dede_addonfields == '' ? $ctag->GetName() . "," . $ctag->GetAtt('type') : ";" . $ctag->GetName() . "," . $ctag->GetAtt('type'));
                $dede_addonfields .= ($dede_addonfields == '' ? $ctag->GetName().",".$ctag->GetAtt('type') : ";".$ctag->GetName().",".$ctag->GetAtt('type'));
                echo GetFormItemValueA($ctag, $fieldValues[$ctag->GetName()]);
            }
        }
    }
    echo "<input type='hidden' name='dede_addonfields' value=\"" . $dede_addonfields . "\">\r\n";
    echo "<input type='hidden' name='dede_addonfields' value=\"".$dede_addonfields."\">\r\n";
 }


 /**
 * 处理HTML文本
 * 删除非站外链接、自动摘要、自动获取缩略图
@@ -569,36 +537,31 @@ function AnalyseHtmlBody($body, &$description, &$litpic, &$keywords, $dtype = ''
    global $cfg_bizcore_appid, $cfg_bizcore_key, $cfg_bizcore_hostname, $cfg_bizcore_port;
    $autolitpic = (empty($autolitpic) ? '' : $autolitpic);
    $body = stripslashes($body);

    //远程图片本地化
    if ($remote == 1) {
        $body = GetCurContent($body);
    }

    //删除非站内链接
    if ($dellink == 1) {
        $allow_urls = array($_SERVER['HTTP_HOST']);
        // 读取允许的超链接设置
        if (file_exists(DEDEDATA . "/admin/allowurl.txt")) {
            $allow_urls = array_merge($allow_urls, file(DEDEDATA . "/admin/allowurl.txt"));
        if (file_exists(DEDEDATA."/admin/allowurl.txt")) {
            $allow_urls = array_merge($allow_urls, file(DEDEDATA."/admin/allowurl.txt"));
        }
        $body = Replace_Links($body, $allow_urls);
    }

    //自动摘要
    if ($description == '' && $cfg_auot_description > 0) {
        $description = cn_substr(html2text($body), $cfg_auot_description);
        $description = trim(preg_replace('/#p#|#e#/', '', $description));
        $description = addslashes($description);
    }

    //自动获取缩略图
    if ($autolitpic == 1 && $litpic == '') {
        $litpic = GetDDImgFromBody($body);
    }

    //自动获取关键字
    if ($autokey == 1 && $keywords == '') {
    if ($autokey == 2 && $keywords == '') {
        $subject = $title;
        $message = $body;
        // 采用DedeBIZ Core分词组件分词
@@ -607,11 +570,11 @@ function AnalyseHtmlBody($body, &$description, &$litpic, &$keywords, $dtype = ''
            $client = new DedeBizClient($cfg_bizcore_hostname, $cfg_bizcore_port);
            $client->appid = $cfg_bizcore_appid;
            $client->key = $cfg_bizcore_key;
            $data = $client->Spliteword($subject . Html2Text($message));
            $data = $client->Spliteword($subject.Html2Text($message));
            $keywords = $data->data;
            $client->Close();
        } else {
            include_once(DEDEINC . '/splitword.class.php');
            include_once(DEDEINC.'/splitword.class.php');
            $keywords = '';
            $sp = new SplitWord($cfg_soft_lang, $cfg_soft_lang);
            $sp->SetSource($subject, $cfg_soft_lang, $cfg_soft_lang);
@@ -620,22 +583,21 @@ function AnalyseHtmlBody($body, &$description, &$litpic, &$keywords, $dtype = ''
            $sp->SetSource(Html2Text($message), $cfg_soft_lang, $cfg_soft_lang);
            $sp->StartAnalysis();
            $allindexs = preg_replace("/#p#|#e#/", '', $sp->GetFinallyIndex());

            if (is_array($allindexs) && is_array($titleindexs)) {
                foreach ($titleindexs as $k => $v) {
                    if (strlen($keywords . $k) >= 60) {
                    if (strlen($keywords.$k) >= 60) {
                        break;
                    } else {
                        if (strlen($k) <= 2) continue;
                        $keywords .= $k . ',';
                        $keywords .= $k.',';
                    }
                }
                foreach ($allindexs as $k => $v) {
                    if (strlen($keywords . $k) >= 60) {
                    if (strlen($keywords.$k) >= 60) {
                        break;
                    } else if (!in_array($k, $titleindexs)) {
                        if (strlen($k) <= 2) continue;
                        $keywords .= $k . ',';
                        $keywords .= $k.',';
                    }
                }
            }
@@ -646,7 +608,6 @@ function AnalyseHtmlBody($body, &$description, &$litpic, &$keywords, $dtype = ''
    $body = addslashes($body);
    return $body;
 }

 /**
 *  删除非站内链接
 *
@@ -667,7 +628,7 @@ function Replace_Links(&$body, $allow_urls = array())
        $rparr = array();
        $tgarr = array();
        foreach ($arr[0] as $i => $v) {
            if ($host_rule != '' && preg_match('#' . $host_rule . '#i', $arr[1][$i])) {
            if ($host_rule != '' && preg_match('#'.$host_rule.'#i', $arr[1][$i])) {
                continue;
            } else {
                $rparr[] = $v;
@@ -681,7 +642,6 @@ function Replace_Links(&$body, $allow_urls = array())
    $arr = $rparr = $tgarr = '';
    return $body;
 }

 /**
 *  图集里大图的小图
 *
@@ -694,26 +654,21 @@ function GetImageMapDD($filename, $maxwidth)
 {
    global $cuserLogin, $dsql, $cfg_ddimg_height, $cfg_ddimg_full;
    $ddn = substr($filename, -3);
    $ddpicok = preg_replace("#\." . $ddn . "$#", "-lp." . $ddn, $filename);
    $toFile = $GLOBALS['cfg_basedir'] . $ddpicok;

    if ($cfg_ddimg_full == 'Y') ImageResizeNew($GLOBALS['cfg_basedir'] . $filename, $maxwidth, $cfg_ddimg_height, $toFile);
    else ImageResize($GLOBALS['cfg_basedir'] . $filename, $maxwidth, $cfg_ddimg_height, $toFile);

    $ddpicok = preg_replace("#\.".$ddn."$#", "-lp.".$ddn, $filename);
    $toFile = $GLOBALS['cfg_basedir'].$ddpicok;
    if ($cfg_ddimg_full == 'Y') ImageResizeNew($GLOBALS['cfg_basedir'].$filename, $maxwidth, $cfg_ddimg_height, $toFile);
    else ImageResize($GLOBALS['cfg_basedir'].$filename, $maxwidth, $cfg_ddimg_height, $toFile);
    //保存图片附件信息
    $fsize = filesize($toFile);
    $ddpicoks = explode('/', $ddpicok);
    $filename = $ddpicoks[count($ddpicoks) - 1];
    $inquery = "INSERT INTO `#@__uploads`(arcid,title,url,mediatype,width,height,playtime,filesize,uptime,mid)
                    VALUES ('0','$filename','$ddpicok','1','0','0','0','$fsize','" . time() . "','" . $cuserLogin->getUserID() . "'); ";
        VALUES ('0','$filename','$ddpicok','1','0','0','0','$fsize','".time()."','".$cuserLogin->getUserID()."'); ";
    $dsql->ExecuteNoneQuery($inquery);
    $fid = $dsql->GetLastID();
    AddMyAddon($fid, $ddpicok);

    return $ddpicok;
 }


 /**
 *  上传一个未经处理的图片
 *
@@ -734,50 +689,45 @@ function UploadOneImage($upname, $handurl = '', $isremote = 1, $ntitle = '')
    $filename = '';
    $isrm_up = FALSE;
    $handurl = trim($handurl);

    //如果用户自行上传了图片
    if (!empty($_FILES[$upname]['tmp_name']) && is_uploaded_file($_FILES[$upname]['tmp_name'])) {
        $istype = 0;
        $sparr = array("image/pjpeg", "image/jpeg", "image/gif", "image/png");
        $_FILES[$upname]['type'] = strtolower(trim($_FILES[$upname]['type']));
        if (!in_array($_FILES[$upname]['type'], $sparr)) {
            ShowMsg("上传的图片格式错误，请使用JPEG、GIF、PNG格式的其中一种！", "-1");
            ShowMsg("上传的图片格式错误，请使用JPEG、GIF、PNG格式的其中一种", "-1");
            exit();
        }
        if (!empty($handurl) && !preg_match("#^http:\/\/#i", $handurl) && file_exists($cfg_basedir . $handurl)) {
        if (!empty($handurl) && !preg_match("#^http:\/\/#i", $handurl) && file_exists($cfg_basedir.$handurl)) {
            if (!is_object($dsql)) {
                $dsql = new DedeSql();
            }
            $dsql->ExecuteNoneQuery("DELETE FROM `#@__uploads` WHERE url LIKE '$handurl' ");
            $fullUrl = preg_replace("#\.([a-z]*)$#i", "", $handurl);
        } else {
            $savepath = $cfg_image_dir . '/' . strftime("%Y-%m", $ntime);
            $savepath = $cfg_image_dir.'/'.strftime("%Y-%m", $ntime);
            CreateDir($savepath);
            $fullUrl = $savepath . '/' . strftime("%d", $ntime) . dd2char(strftime("%H%M%S", $ntime) . '0' . $cuserLogin->getUserID() . '0' . mt_rand(1000, 9999));
            $fullUrl = $savepath.'/'.strftime("%d", $ntime).dd2char(strftime("%H%M%S", $ntime).'0'.$cuserLogin->getUserID().'0'.mt_rand(1000, 9999));
        }
        if (strtolower($_FILES[$upname]['type']) == "image/gif") {
            $fullUrl = $fullUrl . ".gif";
            $fullUrl = $fullUrl.".gif";
        } else if (strtolower($_FILES[$upname]['type']) == "image/png") {
            $fullUrl = $fullUrl . ".png";
            $fullUrl = $fullUrl.".png";
        } else {
            $fullUrl = $fullUrl . ".jpg";
            $fullUrl = $fullUrl.".jpg";
        }

        //保存
        @move_uploaded_file($_FILES[$upname]['tmp_name'], $cfg_basedir . $fullUrl);
        @move_uploaded_file($_FILES[$upname]['tmp_name'], $cfg_basedir.$fullUrl);
        $filename = $fullUrl;

        //水印
        @WaterImg($cfg_basedir . $fullUrl, 'up');
        @WaterImg($cfg_basedir.$fullUrl, 'up');
        $isrm_up = TRUE;
    }

    //远程或选择本地图片
    else {
        if ($handurl == '') {
            return '';
        }

        //远程图片并要求本地化
        if ($isremote == 1 && preg_match("#^http[s]?:\/\/#i", $handurl)) {
            $ddinfos = GetRemoteImage($handurl, $cuserLogin->getUserID());
@@ -787,27 +737,23 @@ function UploadOneImage($upname, $handurl = '', $isremote = 1, $ntitle = '')
                $filename = $ddinfos[0];
            }
            $isrm_up = TRUE;

            //本地图片或远程不要求本地化
        } else {
            $filename = $handurl;
        }
    }
    $imgfile = $cfg_basedir . $filename;
    $imgfile = $cfg_basedir.$filename;
    if (is_file($imgfile) && $isrm_up && $filename != '') {
        $info = "";
        $imginfos = GetImageSize($imgfile, $info);

        //把新上传的图片信息保存到媒体文档管理档案中
        $inquery = "
        INSERT INTO `#@__uploads`(title,url,mediatype,width,height,playtime,filesize,uptime,mid)
        VALUES ('$title','$filename','1','" . $imginfos[0] . "','" . $imginfos[1] . "','0','" . filesize($imgfile) . "','" . time() . "','" . $cuserLogin->getUserID() . "');
    ";
        VALUES ('$title','$filename','1','".$imginfos[0]."','".$imginfos[1]."','0','".filesize($imgfile)."','".time()."','".$cuserLogin->getUserID()."');";
        $dsql->ExecuteNoneQuery($inquery);
    }
    return $filename;
 }

 /**
 *  获取更新测试信息
 *
@@ -823,7 +769,7 @@ function GetUpdateTest()
        if ($cfg_makeindex == 'Y') $dolist .= empty($dolist) ? 'makeindex' : ',makeindex';
        if ($cfg_make_andcat == 'Y') $dolist .= empty($dolist) ? 'makeparenttype' : ',makeparenttype';
        $dolists = explode(',', $dolist);
        $jumpUrl = "task_do.php?typeid={$typeid}&aid={$arcID}&dopost={$dolists[0]}&nextdo=" . preg_replace("#" . $dolists[0] . "[,]{0,1}#", '', $dolist);
        $jumpUrl = "task_do.php?typeid={$typeid}&aid={$arcID}&dopost={$dolists[0]}&nextdo=".preg_replace("#".$dolists[0]."[,]{0,1}#", '', $dolist);
        $revalue = "<table width='80%' style='border:1px dashed #cdcdcd;margin-left:20px;margin-bottom:15px' id='tgtable' align='left'><tr><td bgcolor='#EBF5C9'>&nbsp;<strong>正在进行相关内容更新，请完成前不要进行其它操作：</strong>\r\n</td></tr>\r\n";
        $revalue .= "<tr><td>\r\n<iframe name='stafrm' frameborder='0' id='stafrm' width='100%' height='200px' src='$jumpUrl'></iframe>\r\n</td></tr>\r\n";
        $revalue .= "</table>";
@@ -831,4 +777,4 @@ function GetUpdateTest()
        $revalue = '';
    }
    return $revalue;
 }
 }
--- a/src/dede/inc/inc_batchup.php
+++ b/src/dede/inc/inc_batchup.php
@@ -5,7 +5,7 @@
 *
 * @version        $Id: inc_batchup.php 1 10:32 2010年7月21日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
@@ -96,14 +96,14 @@ function DelArc($aid, $type = 'ON', $onlyfile = FALSE, $recycle = 0)
                        $addfile = $row['url'];
                        $aid = $row['aid'];
                        $dsql->ExecuteNoneQuery("Delete From `#@__uploads` where aid = '$aid' ");
                        $upfile = $cfg_basedir . $addfile;
                        $upfile = $cfg_basedir.$addfile;
                        if (@file_exists($upfile)) @unlink($upfile);
                    }
                }
            }
        }
        //删除文本数据
        $filenameh = DEDEDATA . "/textdata/" . (ceil($aid / 5000)) . "/{$aid}-" . substr(md5($cfg_cookie_encode), 0, 16) . ".txt";
        $filenameh = DEDEDATA."/textdata/".(ceil($aid / 5000))."/{$aid}-".substr(md5($cfg_cookie_encode), 0, 16).".txt";
        if (@is_file($filenameh)) @unlink($filenameh);
    }

@@ -132,14 +132,14 @@ function DelArc($aid, $type = 'ON', $onlyfile = FALSE, $recycle = 0)
        $arcRow['filename']
    );
    if (!preg_match("#\?#", $arcurl)) {
        $htmlfile = GetTruePath() . str_replace($GLOBALS['cfg_basehost'], '', $arcurl);
        $htmlfile = GetTruePath().str_replace($GLOBALS['cfg_basehost'], '', $arcurl);
        if (file_exists($htmlfile) && !is_dir($htmlfile)) {
            @unlink($htmlfile);
            $arcurls = explode(".", $htmlfile);
            $sname = $arcurls[count($arcurls) - 1];
            $fname = preg_replace("#(\.$sname)$#", "", $htmlfile);
            for ($i = 2; $i <= 100; $i++) {
                $htmlfile = $fname . "_{$i}." . $sname;
                $htmlfile = $fname."_{$i}.".$sname;
                if (@file_exists($htmlfile)) @unlink($htmlfile);
                else break;
            }
--- a/src/dede/inc/inc_catalog_options.php
+++ b/src/dede/inc/inc_catalog_options.php
@@ -5,7 +5,7 @@
 *
 * @version        $Id: inc_catalog_options.php 1 10:32 2010年7月21日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
@@ -33,8 +33,8 @@ function GetOptionList($selid = 0, $userCatalog = 0, $channeltype = 0)
    //当前选中的栏目
    if ($selid > 0) {
        $row = $dsql->GetOne("SELECT id,typename,ispart,channeltype FROM `#@__arctype` WHERE id='$selid'");
        if ($row['ispart'] == 1) $OptionArrayList .= "<option value='" . $row['id'] . "' class='option1' selected='selected'>" . $row['typename'] . "(封面频道)</option>\r\n";
        else $OptionArrayList .= "<option value='" . $row['id'] . "' selected='selected'>" . $row['typename'] . "</option>\r\n";
        if ($row['ispart'] == 1) $OptionArrayList .= "<option value='".$row['id']."' class='option1' selected='selected'>".$row['typename']."(封面频道)</option>\r\n";
        else $OptionArrayList .= "<option value='".$row['id']."' selected='selected'>".$row['typename']."</option>\r\n";
    }

    //是否限定用户管理的栏目
@@ -48,9 +48,9 @@ function GetOptionList($selid = 0, $userCatalog = 0, $channeltype = 0)
            $topidstr = '';
            while ($row = $dsql->GetObject('qq')) {
                if ($row->reid == 0) continue;
                $topidstr .= ($topidstr == '' ? $row->reid : ',' . $row->reid);
                $topidstr .= ($topidstr == '' ? $row->reid : ','.$row->reid);
            }
            $admin_catalog .= ',' . $topidstr;
            $admin_catalog .= ','.$topidstr;
            $admin_catalogs = explode(',', $admin_catalog);
            $admin_catalogs = array_unique($admin_catalogs);
            $admin_catalog = join(',', $admin_catalogs);
@@ -68,17 +68,17 @@ function GetOptionList($selid = 0, $userCatalog = 0, $channeltype = 0)
        $sonCats = '';
        LogicGetOptionArray($row->id, '─', $channeltype, $dsql, $sonCats);
        if ($sonCats != '') {
            if ($row->ispart == 1) $OptionArrayList .= "<option value='" . $row->id . "' class='option1'>" . $row->typename . "(封面频道)</option>\r\n";
            if ($row->ispart == 1) $OptionArrayList .= "<option value='".$row->id."' class='option1'>".$row->typename."(封面频道)</option>\r\n";
            else if ($row->ispart == 2) $OptionArrayList .= '';
            else if (empty($channeltype) && $row->ispart != 0) $OptionArrayList .= "<option value='" . $row->id . "' class='option2'>" . $row->typename . "(" . $channels[$row->channeltype] . ")</option>\r\n";
            else $OptionArrayList .= "<option value='" . $row->id . "' class='option3'>" . $row->typename . "</option>\r\n";
            else if (empty($channeltype) && $row->ispart != 0) $OptionArrayList .= "<option value='".$row->id."' class='option2'>".$row->typename."(".$channels[$row->channeltype].")</option>\r\n";
            else $OptionArrayList .= "<option value='".$row->id."' class='option3'>".$row->typename."</option>\r\n";
            $OptionArrayList .= $sonCats;
        } else {
            if ($row->ispart == 0 && (!empty($channeltype) && $row->channeltype == $channeltype)) {
                $OptionArrayList .= "<option value='" . $row->id . "' class='option3'>" . $row->typename . "</option>\r\n";
                $OptionArrayList .= "<option value='".$row->id."' class='option3'>".$row->typename."</option>\r\n";
            } else if ($row->ispart == 0 && empty($channeltype)) {
                // 专题 
                $OptionArrayList .= "<option value='" . $row->id . "' class='option3'>" . $row->typename . "</option>\r\n";
                $OptionArrayList .= "<option value='".$row->id."' class='option3'>".$row->typename."</option>\r\n";
            }
        }
    }
@@ -88,17 +88,17 @@ function GetOptionList($selid = 0, $userCatalog = 0, $channeltype = 0)
 function LogicGetOptionArray($id, $step, $channeltype, &$dsql, &$sonCats)
 {
    global $OptionArrayList, $channels, $cfg_admin_channel, $admin_catalogs;
    $dsql->SetQuery("Select id,typename,ispart,channeltype From `#@__arctype` where reid='" . $id . "' And ispart<>2 order by sortrank asc");
    $dsql->SetQuery("Select id,typename,ispart,channeltype From `#@__arctype` where reid='".$id."' And ispart<>2 order by sortrank asc");
    $dsql->Execute($id);
    while ($row = $dsql->GetObject($id)) {
        if ($cfg_admin_channel != 'all' && !in_array($row->id, $admin_catalogs)) {
            continue;
        }
        if ($row->channeltype == $channeltype && $row->ispart == 1) {
            $sonCats .= "<option value='" . $row->id . "' class='option1'>$step" . $row->typename . "</option>\r\n";
            $sonCats .= "<option value='".$row->id."' class='option1'>$step".$row->typename."</option>\r\n";
        } else if (($row->channeltype == $channeltype && $row->ispart == 0) || empty($channeltype)) {
            $sonCats .= "<option value='" . $row->id . "' class='option3'>$step" . $row->typename . "</option>\r\n";
            $sonCats .= "<option value='".$row->id."' class='option3'>$step".$row->typename."</option>\r\n";
        }
        LogicGetOptionArray($row->id, $step . '─', $channeltype, $dsql, $sonCats);
        LogicGetOptionArray($row->id, $step.'─', $channeltype, $dsql, $sonCats);
    }
 }
--- a/src/dede/inc/inc_coonepage.php
+++ b/src/dede/inc/inc_coonepage.php
@@ -5,11 +5,11 @@
 *
 * @version        $Id: inc_coonepage.php 1 10:32 2010年7月21日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(DEDEINC . '/charset.func.php');
 require_once(DEDEINC.'/charset.func.php');

 /**
 *  获取一个页面
@@ -24,7 +24,7 @@ function CoOnePage($gurl)
    $redatas = array('title' => '', 'body' => '', 'source' => '', 'writer' => '', 'description' => '', 'keywords' => '');
    $redatas['source'] = preg_replace("/http:\/\//i", "", $gurl);
    $redatas['source'] = preg_replace("/\/(.*)$/i", "", $redatas['source']);
    $row = $dsql->GetOne("SELECT * FROM `#@__co_onepage` WHERE url LIKE '" . $redatas['source'] . "' ");
    $row = $dsql->GetOne("SELECT * FROM `#@__co_onepage` WHERE url LIKE '".$redatas['source']."' ");
    $s = $e = '';
    if (is_array($row)) {
        list($s, $e) = explode('{@body}', $row['rule']);
--- a/src/dede/inc/inc_list_functions.php
+++ b/src/dede/inc/inc_list_functions.php
@@ -1,126 +1,112 @@
 <?php

 /**
 * 列表对应函数
 *
 * @version        $Id: inc_list_functions.php 1 10:32 2010年7月21日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2021, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 if (!isset($registerGlobals)) {
    require_once(dirname(__FILE__) . "/../../include/common.inc.php");
 }

 // 获取栏目名称
 function GetTypename($tid)
 {
    global $dsql;
    if (empty($tid)) return '';
    if (file_exists(DEDEDATA . '/cache/inc_catalog_base.inc')) {
        require_once(DEDEDATA . '/cache/inc_catalog_base.inc');
        global $cfg_Cs;
        if (isset($cfg_Cs[$tid])) {
            return base64_decode($cfg_Cs[$tid][3]);
        }
    } else {
        $row = $dsql->GetOne("SELECT typename FROM #@__arctype WHERE id = '{$tid}'");
        unset($dsql);
        unset($cfg_Cs);
        return isset($row['typename']) ? $row['typename'] : '';
    }
    return '';
 }

 //获得是否推荐的表述
 $arcatts = array();
 $dsql->Execute('n', 'SELECT * FROM `#@__arcatt` ');
 while ($arr = $dsql->GetArray('n')) {
    $arcatts[$arr['att']] = $arr['attname'];
 }

 function IsCommendArchives($iscommend)
 {
    global $arcatts;
    $sn = '';
    foreach ($arcatts as $k => $v) {
        $v = cn_substr($v, 2);
        $sn .= (preg_match("#" . $k . "#", $iscommend) ? ' ' . $v : '');
    }
    $sn = trim($sn);
    if ($sn == '') return '';
    else return "[<font color='red'>$sn</font>]";
 }

 //获得推荐的标题
 function GetCommendTitle($title, $iscommend)
 {
    /*if(preg_match('#c#i',$iscommend))
    {
        $title = "$title<font color='red'>(推荐)</font>";
    }*/
    return $title;
 }

 //更换颜色
 $GLOBALS['RndTrunID'] = 1;
 function GetColor($color1, $color2)
 {
    $GLOBALS['RndTrunID']++;
    if ($GLOBALS['RndTrunID'] % 2 == 0) {
        return $color1;
    } else {
        return $color2;
    }
 }

 //检查图片是否存在
 function CheckPic($picname)
 {
    if ($picname != "") {
        return $picname;
    } else {
        return "images/dfpic.gif";
    }
 }

 //判断内容是否生成HTML
 function IsHtmlArchives($ismake)
 {
    if ($ismake == 1) {
        return "已生成";
    } else if ($ismake == -1) {
        return "仅动态";
    } else {
        return "<font color='red'>未生成</font>";
    }
 }

 //获得内容的限定级别名称
 function GetRankName($arcrank)
 {
    global $arcArray, $dsql;
    if (!is_array($arcArray)) {
        $dsql->SetQuery("SELECT * FROM `#@__arcrank` ");
        $dsql->Execute();
        while ($row = $dsql->GetObject()) {
            $arcArray[$row->rank] = $row->membername;
        }
    }
    if (isset($arcArray[$arcrank])) {
        return $arcArray[$arcrank];
    } else {
        return "不限";
    }
 }

 //判断内容是否为图片文章
 function IsPicArchives($picname)
 {
    if ($picname != '') {
        return '<font color=\'red\'>(图)</font>';
    } else {
        return '';
    }
 }
 <?php
 /**
 * 列表对应函数
 *
 * @version        $Id: inc_list_functions.php 1 10:32 2010年7月21日Z tianya $
 * @package        DedeBIZ.Administrator
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 if (!isset($registerGlobals)) {
    require_once(dirname(__FILE__)."/../../include/common.inc.php");
 }
 // 获取栏目名称
 function GetTypename($tid)
 {
    global $dsql;
    if (empty($tid)) return '';
    if (file_exists(DEDEDATA.'/cache/inc_catalog_base.inc')) {
        require_once(DEDEDATA.'/cache/inc_catalog_base.inc');
        global $cfg_Cs;
        if (isset($cfg_Cs[$tid])) {
            return base64_decode($cfg_Cs[$tid][3]);
        }
    } else {
        $row = $dsql->GetOne("SELECT typename FROM #@__arctype WHERE id = '{$tid}'");
        unset($dsql);
        unset($cfg_Cs);
        return isset($row['typename']) ? $row['typename'] : '';
    }
    return '';
 }
 //获得是否推荐的表述
 $arcatts = array();
 $dsql->Execute('n', 'SELECT * FROM `#@__arcatt` ');
 while ($arr = $dsql->GetArray('n')) {
    $arcatts[$arr['att']] = $arr['attname'];
 }
 function IsCommendArchives($iscommend)
 {
    global $arcatts;
    $sn = '';
    foreach ($arcatts as $k => $v) {
        $v = cn_substr($v, 2);
        $sn .= (preg_match("#".$k."#", $iscommend) ? ' '.$v : '');
    }
    $sn = trim($sn);
    if ($sn == '') return '';
    else return "<span style='color:#dc3545'>[$sn]</span>";
 }
 //获得推荐的标题
 function GetCommendTitle($title, $iscommend)
 {
    return $title;
 }
 //更换颜色
 $GLOBALS['RndTrunID'] = 1;
 function GetColor($color1, $color2)
 {
    $GLOBALS['RndTrunID']++;
    if ($GLOBALS['RndTrunID'] % 2 == 0) {
        return $color1;
    } else {
        return $color2;
    }
 }
 //检查图片是否存在
 function CheckPic($picname)
 {
    if ($picname != "") {
        return $picname;
    } else {
        return "images/dfpic.gif";
    }
 }
 //判断内容是否生成HTML
 function IsHtmlArchives($ismake)
 {
    if ($ismake == 1) {
        return "已生成";
    } else if ($ismake == -1) {
        return "仅动态";
    } else {
        return "<span style='color:#dc3545'>未生成</span>";
    }
 }
 //获得内容的限定级别名称
 function GetRankName($arcrank)
 {
    global $arcArray, $dsql;
    if (!is_array($arcArray)) {
        $dsql->SetQuery("SELECT * FROM `#@__arcrank` ");
        $dsql->Execute();
        while ($row = $dsql->GetObject()) {
            $arcArray[$row->rank] = $row->membername;
        }
    }
    if (isset($arcArray[$arcrank])) {
        return $arcArray[$arcrank];
    } else {
        return "不限";
    }
 }
 //判断内容是否为图片文章
 function IsPicArchives($picname)
 {
    if ($picname != '') {
        return "<span style='color:#dc3545'>[图]</span>";
    } else {
        return '';
    }
 }