国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

420 lines
18KB

  1. <?php
  2. if (!defined('DEDEINC')) exit('dedebiz');
  3. /**
  4. * 系统核心函数存放文件
  5. * @version $Id: common.func.php 4 16:39 2010年7月6日Z tianya $
  6. * @package DedeBIZ.Libraries
  7. * @copyright Copyright (c) 2022, DedeBIZ.COM
  8. * @license https://www.dedebiz.com/license
  9. * @link https://www.dedebiz.com
  10. */
  11. if (version_compare(PHP_VERSION, '7.0.0', '>=')) {
  12. if (!function_exists('mysql_connect') and function_exists('mysqli_connect')) {
  13. function mysql_connect($server, $username, $password)
  14. {
  15. return mysqli_connect($server, $username, $password);
  16. }
  17. }
  18. if (!function_exists('mysql_query') and function_exists('mysqli_query')) {
  19. function mysql_query($query, $link)
  20. {
  21. return mysqli_query($link, $query);
  22. }
  23. }
  24. if (!function_exists('mysql_select_db') and function_exists('mysqli_select_db')) {
  25. function mysql_select_db($database_name, $link)
  26. {
  27. return mysqli_select_db($link, $database_name);
  28. }
  29. }
  30. if (!function_exists('mysql_fetch_array') and function_exists('mysqli_fetch_array')) {
  31. function mysql_fetch_array($result)
  32. {
  33. return mysqli_fetch_array($result);
  34. }
  35. }
  36. if (!function_exists('mysql_close') and function_exists('mysqli_close')) {
  37. function mysql_close($link)
  38. {
  39. return mysqli_close($link);
  40. }
  41. }
  42. if (!function_exists('mysql_free_result') and function_exists('mysqli_free_result')) {
  43. function mysql_free_result($result)
  44. {
  45. return mysqli_free_result($result);
  46. }
  47. }
  48. if (!function_exists('split')) {
  49. function split($pattern, $string)
  50. {
  51. return explode($pattern, $string);
  52. }
  53. }
  54. }
  55. // 一个支持在PHP Cli Server打印的方法
  56. function var_dump_cli($val){
  57. ob_start();
  58. var_dump($val);
  59. error_log(ob_get_clean(), 4);
  60. }
  61. function get_mime_type($filename)
  62. {
  63. if (! function_exists('finfo_open'))
  64. {
  65. return 'unknow/octet-stream';
  66. }
  67. $finfo = finfo_open(FILEINFO_MIME_TYPE);
  68. $mimeType = finfo_file($finfo, $filename);
  69. finfo_close($finfo);
  70. return $mimeType;
  71. }
  72. function is_all_numeric(array $array){
  73. foreach($array as $item){
  74. if(!is_numeric($item)) return false;
  75. }
  76. return true;
  77. }
  78. function make_hash()
  79. {
  80. $rand = dede_random_bytes(16);
  81. $_SESSION['token'] = ($rand === FALSE)
  82. ? md5(uniqid(mt_rand(), TRUE))
  83. : bin2hex($rand);
  84. return $_SESSION['token'];
  85. }
  86. function dede_random_bytes($length)
  87. {
  88. if (empty($length) or !ctype_digit((string) $length)) {
  89. return FALSE;
  90. }
  91. if (function_exists('openssl_random_pseudo_bytes')) {
  92. return openssl_random_pseudo_bytes($length);
  93. }
  94. if (function_exists('random_bytes')) {
  95. try {
  96. return random_bytes((int) $length);
  97. } catch (Exception $e) {
  98. return FALSE;
  99. }
  100. }
  101. if (is_readable('/dev/urandom') && ($fp = fopen('/dev/urandom', 'rb')) !== FALSE) {
  102. version_compare(PHP_VERSION, '5.4.0', '>=') && stream_set_chunk_size($fp, $length);
  103. $output = fread($fp, $length);
  104. fclose($fp);
  105. if ($output !== FALSE) {
  106. return $output;
  107. }
  108. }
  109. return FALSE;
  110. }
  111. /**
  112. * 载入小助手,系统默认载入小助手
  113. * 在/data/helper.inc.php中进行默认小助手初始化的设置
  114. * 使用示例:
  115. * 在开发中,首先需要创建一个小助手函数,目录在\include\helpers中
  116. * 例如,我们创建一个示例为test.helper.php,文件基本内容如下:
  117. * <code>
  118. * if ( ! function_exists('HelloDede'))
  119. * {
  120. * function HelloDede()
  121. * {
  122. * echo "Hello! Dede";
  123. * }
  124. * }
  125. * </code>
  126. * 则我们在开发中使用这个小助手的时候直接使用函数helper('test');初始化它
  127. * 然后在文件中就可以直接使用:HelloDede();来进行调用.
  128. *
  129. * @access public
  130. * @param mix $helpers 小助手名称,可以是数组,可以是单个字符串
  131. * @return void
  132. */
  133. $_helpers = array();
  134. function helper($helpers)
  135. {
  136. //如果是数组,则进行递归操作
  137. if (is_array($helpers)) {
  138. foreach ($helpers as $dede) {
  139. helper($dede);
  140. }
  141. return;
  142. }
  143. if (isset($_helpers[$helpers])) {
  144. return;
  145. }
  146. if (file_exists(DEDEINC.'/helpers/'.$helpers.'.helper.php')) {
  147. include_once(DEDEINC.'/helpers/'.$helpers.'.helper.php');
  148. $_helpers[$helpers] = TRUE;
  149. }
  150. //无法载入小助手
  151. if (!isset($_helpers[$helpers])) {
  152. exit('Unable to load the requested file: helpers/'.$helpers.'.helper.php');
  153. }
  154. }
  155. function dede_htmlspecialchars($str)
  156. {
  157. global $cfg_soft_lang;
  158. if (version_compare(PHP_VERSION, '5.4.0', '<')) return htmlspecialchars($str);
  159. if ($cfg_soft_lang == 'gb2312') return htmlspecialchars($str, ENT_COMPAT, 'ISO-8859-1');
  160. else return htmlspecialchars($str);
  161. }
  162. /**
  163. * 载入小助手,这里用户可能载入用helps载入多个小助手
  164. *
  165. * @access public
  166. * @param string
  167. * @return string
  168. */
  169. function helpers($helpers)
  170. {
  171. helper($helpers);
  172. }
  173. //兼容php4的file_put_contents
  174. if (!function_exists('file_put_contents')) {
  175. function file_put_contents($n, $d)
  176. {
  177. $f = @fopen($n, "w");
  178. if (!$f) {
  179. return FALSE;
  180. } else {
  181. fwrite($f, $d);
  182. fclose($f);
  183. return TRUE;
  184. }
  185. }
  186. }
  187. /**
  188. * 显示更新信息
  189. *
  190. * @return void
  191. */
  192. function UpdateStat()
  193. {
  194. include_once(DEDEINC."/inc/inc_stat.php");
  195. return SpUpdateStat();
  196. }
  197. $arrs1 = array();
  198. $arrs2 = array();
  199. /**
  200. * 短消息函数,可以在某个动作处理后友好的提示信息
  201. *
  202. * @param string $msg 消息提示信息
  203. * @param string $gourl 跳转地址
  204. * @param int $onlymsg 仅显示信息
  205. * @param int $limittime 限制时间
  206. * @return void
  207. */
  208. function ShowMsg($msg, $gourl, $onlymsg = 0, $limittime = 0)
  209. {
  210. global $cfg_soft_lang, $cfg_cmsurl;
  211. if(empty($GLOBALS['cfg_plus_dir'])) $GLOBALS['cfg_plus_dir'] = '..';
  212. $htmlhead = "<html><head><meta charset='utf-8'><title>提示信息</title><meta name='viewport' content='width=device-width,initial-scale=1'><base target='_self'></head>";
  213. $htmlhead .= "<body><center><script>";
  214. $htmlfoot = "</script></center></body></html>";
  215. $litime = ($limittime == 0 ? 1000 : $limittime);
  216. $func = '';
  217. if ($gourl == '-1') {
  218. if ($limittime == 0) $litime = 5000;
  219. $gourl = "javascript:history.go(-1);";
  220. }
  221. if ($gourl == '' || $onlymsg == 1) {
  222. $msg = "<script>alert(\"".str_replace("\"", "“", $msg)."\");</script>";
  223. } else {
  224. //当网址为:close::objname 时, 关闭父框架的id=objname元素
  225. if (preg_match('/close::/', $gourl)) {
  226. $tgobj = trim(preg_replace('/close::/', '', $gourl));
  227. $gourl = 'javascript:;';
  228. $func .= "window.parent.document.getElementById('{$tgobj}').style.display='none';\r\n";
  229. }
  230. $func .= "var pgo=0;function JumpUrl(){if (pgo==0){location='$gourl'; pgo=1;}}";
  231. $rmsg = $func;
  232. $rmsg .= "document.write(\"<style>body{margin:0;line-height:1.5;font:14px Helvetica Neue,Helvetica,PingFang SC,Tahoma,Arial,sans-serif;color:#424b51;background:#f6f6f6}a{color:#28a745;text-decoration:none}.tips{margin:70px auto 0;padding:0;width:430px;height:auto;background:#fff;border-radius:.2rem}.tips-head{margin:0 20px;padding:16px 0;border-bottom:1px solid #f8f8f8}.tips-head p{margin:0;padding-left:10px;line-height:16px;text-align:left;border-left:3px solid #dc3545}.tips-box{padding:20px;min-height:120px;color:#424b51}.btn a{display:inline-block;margin:20px auto 0;padding:.375rem .75rem;font-size:12px;color:#fff;background:#28a745;border-radius:.2rem;text-align:center;transition:all .6s}.btn a:focus{background:#006829;border-color:#005b24;box-shadow:0 0 0 0.2rem rgba(38,159,86,.5)}@media (max-width:768px){body{padding:0 15px}.tips{width:100%}}</style>\");";
  233. $rmsg .= "document.write(\"<div class='tips'>";
  234. $rmsg .= "<div class='tips-head'><p>提示信息</p></div>\");";
  235. $rmsg .= "document.write(\"<div class='tips-box'>\");";
  236. $rmsg .= "document.write(\"".str_replace("\"","“",$msg)."\");";
  237. $rmsg .= "document.write(\"";
  238. if($onlymsg==0)
  239. {
  240. if( $gourl != 'javascript:;' && $gourl != '')
  241. {
  242. $rmsg .= "<div class='btn'><a href='{$gourl}'>点击反应</a></div>\");";
  243. $rmsg .= "setTimeout('JumpUrl()',$litime);";
  244. } else {
  245. $rmsg .= "</div>\");";
  246. }
  247. } else {
  248. $rmsg .= "</div>\");";
  249. }
  250. $msg = $htmlhead.$rmsg.$htmlfoot;
  251. }
  252. echo $msg;
  253. }
  254. /**
  255. * 获取验证码的session值
  256. *
  257. * @return string
  258. */
  259. function GetCkVdValue()
  260. {
  261. @session_id($_COOKIE['PHPSESSID']);
  262. @session_start();
  263. return isset($_SESSION['securimage_code_value']) ? $_SESSION['securimage_code_value'] : '';
  264. }
  265. /**
  266. * PHP某些版本有Bug,不能在同一作用域中同时读session并改注销它,因此调用后需执行本函数
  267. *
  268. * @return void
  269. */
  270. function ResetVdValue()
  271. {
  272. @session_start();
  273. $_SESSION['securimage_code_value'] = '';
  274. }
  275. function IndexSub($idx, $num)
  276. {
  277. return intval($idx) - intval($num) == 0 ? '0 ' : intval($idx) - intval($num);
  278. }
  279. //用来返回index的active
  280. function IndexActive($idx)
  281. {
  282. if ($idx == 1) {
  283. return ' active';
  284. } else {
  285. return '';
  286. }
  287. }
  288. //是否是HTTPS
  289. function IsSSL()
  290. {
  291. if ($_SERVER['HTTPS'] && ('1' == $_SERVER['HTTPS'] || 'on' == strtolower($_SERVER['HTTPS']))) {
  292. return true;
  293. } elseif ('https' == $_SERVER['REQUEST_SCHEME']) {
  294. return true;
  295. } elseif ('443' == $_SERVER['SERVER_PORT']) {
  296. return true;
  297. } elseif ('https' == $_SERVER['HTTP_X_FORWARDED_PROTO']) {
  298. return true;
  299. }
  300. return false;
  301. }
  302. //自定义函数接口
  303. //这里主要兼容早期的用户扩展,v5.7之后我们建议使用小助手helper进行扩展
  304. if (file_exists(DEDEINC.'/extend.func.php')) {
  305. require_once(DEDEINC.'/extend.func.php');
  306. }
  307. /**
  308. * 添加多选联动筛选
  309. *
  310. * @return string
  311. */
  312. function litimgurls($imgid=0)
  313. {
  314. global $lit_imglist,$dsql;
  315. $row = $dsql->GetOne("SELECT c.addtable FROM `#@__archives` AS a LEFT JOIN `#@__channeltype` AS c ON a.channel=c.id where a.id='$imgid'");
  316. $addtable = trim($row['addtable']);
  317. $row = $dsql->GetOne("Select imgurls From `$addtable` where aid='$imgid'");
  318. $ChannelUnit = new ChannelUnit(2,$imgid);
  319. $lit_imglist = $ChannelUnit->GetlitImgLinks($row['imgurls']);
  320. return $lit_imglist;
  321. }
  322. //字符过滤函数,用于安全
  323. function string_filter($str,$stype="inject") {
  324. if ($stype=="inject") {
  325. $str = str_replace (
  326. array ("select", "insert", "update", "delete", "alter", "cas", "union", "into", "load_file", "outfile", "create", "join", "where", "like", "drop", "modify", "rename", "'", "/*", "*", "../", "./"),
  327. array ("","","","","","","","","","","","","","","","","","","","","",""),
  328. $str);
  329. } else if ($stype=="xss") {
  330. $farr = array ("/\s+/" , "/<(\/?)(script|META|STYLE|HTML|HEAD|BODY|STYLE |i?frame|b|strong|style|html|img|P|o:p|iframe|u|em|strike|BR|div|a|TABLE|TBODY|object|tr|td|st1:chsdate|FONT|span|MARQUEE|body|title|\r\n|link|meta|\?|\%)([^>]*?)>/isU", "/(<[^>]*)on[a-zA-Z]+\s*=([^>]*>)/isU",);
  331. $tarr = array (" ","","\\1\\2",);
  332. $str = preg_replace ($farr, $tarr, $str);
  333. $str = str_replace (
  334. array( "<", ">", "'", "\"", ";", "/*", "*", "../", "./"),
  335. array("&lt;","&gt;","","","","","","",""),
  336. $str);
  337. }
  338. return $str;
  339. }
  340. //载入自定义表单,用于发布
  341. function AddFilter($channelid, $type=1, $fieldsnamef="", $defaulttid=0, $loadtype='autofield')
  342. {
  343. global $tid,$dsql,$id;
  344. $tid = $defaulttid ? $defaulttid : $tid;
  345. $id = intval($id);
  346. $tid = intval($tid);
  347. $channelid = intval($channelid);
  348. if ($id!="")
  349. {
  350. $tidsq = $dsql->GetOne("SELECT typeid FROM `#@__archives` WHERE id='$id' ");
  351. $tid = $tidsq["typeid"];
  352. }
  353. $nofilter = (isset($_REQUEST['TotalResult']) ? "&TotalResult=".(int)$_REQUEST['TotalResult'] : '').(isset($_REQUEST['PageNo']) ? "&PageNo=".(int)$_REQUEST['PageNo'] : '');
  354. $filterarr = string_filter(stripos($_SERVER['REQUEST_URI'], "list.php?tid=") ? str_replace($nofilter, '', $_SERVER['REQUEST_URI']) : $GLOBALS['cfg_cmsurl']."/apps/list.php?tid=".$tid);
  355. $cInfos = $dsql->GetOne("SELECT * FROM `#@__channeltype` WHERE id='$channelid' ");
  356. $fieldset=stripslashes($cInfos['fieldset']);
  357. $dtp = new DedeTagParse();
  358. $dtp->SetNameSpace('field','<','>');
  359. $dtp->LoadSource($fieldset);
  360. $dede_addonfields = '';
  361. if(is_array($dtp->CTags))
  362. {
  363. foreach($dtp->CTags as $tida=>$ctag)
  364. {
  365. $fieldsname = $fieldsnamef ? explode(",", $fieldsnamef) : explode(",", $ctag->GetName());
  366. if(($loadtype!='autofield' || ($loadtype=='autofield' && $ctag->GetAtt('autofield')==1)) && in_array($ctag->GetName(), $fieldsname) )
  367. {
  368. $href1 = explode($ctag->GetName().'=', $filterarr);
  369. $href2 = explode('&', $href1[1]);
  370. $fields_value = $href2[0];
  371. $fields_value1 = explode('|', $fields_value);
  372. $dede_addonfields .= ''.$ctag->GetAtt('itemname').':';
  373. switch ($type) {
  374. case 1:
  375. $dede_addonfields .= (preg_match("/&".$ctag->GetName()."=/is",$filterarr,$regm) ? '<a href="'.str_replace("&".$ctag->GetName()."=".$fields_value,"",$filterarr).'" style="display:inline-block;padding:.25rem .5rem;line-height:1.5;color:#fff;background:#28a745;border-color:#28a745;border-radius:.2rem">全部</a>' : '<span style="display:inline-block;padding:.25rem .5rem;line-height:1.5;color:#fff;background:#dc3545;border-color:#dc3545;border-radius:.2rem">全部</span>').'&nbsp;';
  376. $addonfields_items = explode(",",$ctag->GetAtt('default'));
  377. for ($i=0; $i<count($addonfields_items); $i++)
  378. {
  379. $href = stripos($filterarr,$ctag->GetName().'=') ? str_replace("=".$fields_value,"=".$fields_value."|".urlencode($addonfields_items[$i]),$filterarr) : $filterarr.'&'.$ctag->GetName().'='.urlencode($addonfields_items[$i]);
  380. $is_select = in_array(urlencode($addonfields_items[$i]), $fields_value1) ? 1 : 0;
  381. $fields_value2 = "";
  382. for ($j=0; $j<count($fields_value1); $j++)
  383. {
  384. $fields_value2 .= $fields_value1[$j] != urlencode($addonfields_items[$i]) ? $fields_value1[$j].($j<count($fields_value1)-1 ? "|" : "") : "";
  385. }
  386. $fields_value2 = rtrim($fields_value2, "|");
  387. $href3 = str_replace(array("&".$ctag->GetName()."=".$fields_value,$ctag->GetName()."=".$fields_value, "&".$ctag->GetName()."=&"), array("&".$ctag->GetName()."=".$fields_value2,$ctag->GetName()."=".$fields_value2, "&"), $filterarr);
  388. $href3 = !end(explode("=", $href3)) ? str_replace("&".end(explode("&", $href3)), "", $href3) : $href3;
  389. $dede_addonfields .= ($fields_value!=urlencode($addonfields_items[$i]) && $is_select!=1 ? '<a title="'.$addonfields_items[$i].'" href="'.$href.'" style="display:inline-block;padding:.25rem .5rem;line-height:1.5;color:#fff;background:#28a745;border-color:#28a745;border-radius:.2rem">'.$addonfields_items[$i].'</a>' : '<a title="'.$addonfields_items[$i].'" href="'.$href3.'" style="display:inline-block;padding:.25rem .5rem;line-height:1.5;color:#fff;background:#dc3545;border-color:#dc3545;border-radius:.2rem">'.$addonfields_items[$i].'<span style="margin-left:6px;color:#fff">×</span></a>')."&nbsp;";
  390. }
  391. $dede_addonfields .= '<br><br>';
  392. break;
  393. case 2:
  394. $dede_addonfields .= (preg_match("/&".$ctag->GetName()."=/is",$filterarr,$regm) ? '<a href="'.str_replace("&".$ctag->GetName()."=".$fields_value,"",$filterarr).'">全部</a>' : '<span>全部</span>').'&nbsp;';
  395. $addonfields_items = explode(",",$ctag->GetAtt('default'));
  396. for ($i=0; $i<count($addonfields_items); $i++)
  397. {
  398. $href = stripos($filterarr,$ctag->GetName().'=') ? str_replace("=".$fields_value,"=".$fields_value."|".urlencode($addonfields_items[$i]),$filterarr) : $filterarr.'&'.$ctag->GetName().'='.urlencode($addonfields_items[$i]);
  399. $is_select = in_array(urlencode($addonfields_items[$i]), $fields_value1) ? 1 : 0;
  400. $fields_value2 = "";
  401. for ($j=0; $j<count($fields_value1); $j++)
  402. {
  403. $fields_value2 .= $fields_value1[$j] != urlencode($addonfields_items[$i]) ? $fields_value1[$j].($j<count($fields_value1)-1 ? "|" : "") : "";
  404. }
  405. $fields_value2 = rtrim($fields_value2, "|");
  406. $href3 = str_replace(array("&".$ctag->GetName()."=".$fields_value,$ctag->GetName()."=".$fields_value, "&".$ctag->GetName()."=&"), array("&".$ctag->GetName()."=".$fields_value2,$ctag->GetName()."=".$fields_value2, "&"), $filterarr);
  407. $href3 = !end(explode("=", $href3)) ? str_replace("&".end(explode("&", $href3)), "", $href3) : $href3;
  408. $dede_addonfields .= ($fields_value!=urlencode($addonfields_items[$i]) && $is_select!=1 ? '<input type="checkbox" title="'.$addonfields_items[$i].'" value="'.$href.'" onclick="window.location=this.value">&nbsp;<a title="'.$addonfields_items[$i].'" href="'.$href.'">'.$addonfields_items[$i].'</a>' : '<input type="checkbox" checked="checked" title="'.$addonfields_items[$i].'" value="'.$href3.'" onclick="window.location=this.value">&nbsp;<a title="'.$addonfields_items[$i].'" href="'.$href3.'" class="cur">'.$addonfields_items[$i].'</a>')."&nbsp;";
  409. }
  410. $dede_addonfields .= '<br><br>';
  411. break;
  412. }
  413. }
  414. }
  415. }
  416. echo $dede_addonfields;
  417. }