SetQuery("SELECT `varname`,`type`,`value`,`groupid` FROM `#@__sysconfig` ORDER BY aid ASC "); $dsql->Execute(); while($row = $dsql->GetArray()) { if($row['type']=='number') { if($row['value']=='') $row['value'] = 0; fwrite($fp,"\${$row['varname']} = ".$row['value'].";\r\n"); } else { fwrite($fp,"\${$row['varname']} = '".str_replace("'",'',$row['value'])."';\r\n"); } } fwrite($fp,"?".">"); fclose($fp); } //保存配置的改动 if($dopost=="save") { CheckCSRF(); foreach($_POST as $k=>$v) { if(preg_match("#^edit___#", $k)) { $v = cn_substrR(${$k}, 1024); } else { continue; } $k = preg_replace("#^edit___#", "", $k); $dsql->ExecuteNoneQuery("UPDATE `#@__sysconfig` SET `value`='$v' WHERE varname='$k' "); } ReWriteConfig(); ShowMsg("成功更改站点配置！", "sys_info.php"); exit(); } //增加新变量 else if($dopost=='add') { CheckCSRF(); if($vartype=='bool' && ($nvarvalue!='Y' && $nvarvalue!='N')) { ShowMsg("布尔变量值必须为'Y'或'N'!","-1"); exit(); } if(trim($nvarname)=='' || preg_match("#[^a-z_]#i", $nvarname) ) { ShowMsg("变量名不能为空并且必须为[a-z_]组成!","-1"); exit(); } $row = $dsql->GetOne("SELECT varname FROM `#@__sysconfig` WHERE varname LIKE '$nvarname' "); if(is_array($row)) { ShowMsg("该变量名称已经存在!","-1"); exit(); } $row = $dsql->GetOne("SELECT aid FROM `#@__sysconfig` ORDER BY aid DESC "); $aid = $row['aid'] + 1; $inquery = "INSERT INTO `#@__sysconfig`(`aid`,`varname`,`info`,`value`,`type`,`groupid`) VALUES ('$aid','$nvarname','$varmsg','$nvarvalue','$vartype','$vargroup')"; $rs = $dsql->ExecuteNoneQuery($inquery); if(!$rs) { ShowMsg("新增变量失败，可能有非法字符！", "sys_info.php?gp=$vargroup"); exit(); } if(!is_writeable($configfile)) { ShowMsg("成功保存变量，但由于 $configfile 无法写入，因此不能更新配置文件！","sys_info.php?gp=$vargroup"); exit(); }else { ReWriteConfig(); ShowMsg("成功保存变量并更新配置文件！","sys_info.php?gp=$vargroup"); exit(); } } // 搜索配置 else if ($dopost=='search') { $keywords = isset($keywords)? strip_tags($keywords) : ''; $i = 1; $configstr = << 参数说明 参数值 变量名 EOT; echo $configstr; if ($keywords) { $dsql->SetQuery("SELECT * FROM `#@__sysconfig` WHERE info LIKE '%$keywords%' OR varname LIKE '%$keywords%' order by aid asc"); $dsql->Execute(); while ($row = $dsql->GetArray()) { $bgcolor = ($i++%2==0)? "#F9FCEF" : "#ffffff"; $row['info'] = preg_replace("#{$keywords}#", ''.$keywords.'', $row['info']); $row['varname'] = preg_replace("#{$keywords}#", ''.$keywords.'', $row['varname']); ?> ： 是"; echo " 否"; }else if($row['type']=='bstring') { echo "".dede_htmlspecialchars($row['value']).""; }else if($row['type']=='number') { echo ""; }else { echo ""; } ?> 没有找到搜索的内容 '; } exit; } else if ($dopost=='make_encode') { $chars='abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789'; $hash=''; $length = rand(28,32); $max = strlen($chars) - 1; for($i = 0; $i < $length; $i++) { $hash .= $chars[mt_rand(0, $max)]; } echo $hash; exit(); } include DedeInclude('templets/sys_info.htm');