DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1251 Commits
3 Branches
110MB
Tree: 33e441547b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '33e441547b'
${ noResults }
DedeV6/src/admin/sys_info.php

158 lines
6.0KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 系统配置

  4.  *

  5.  * @version        $id:sys_info.php 22:28 2010年7月20日 tianya $

  6.  * @package        DedeBIZ.Administrator

  7.  * @copyright      Copyright (c) 2022 DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. CheckPurview('sys_Edit');

  13. if (empty($dopost)) $dopost = "";

  14. $configfile = DEDEDATA.'/config.cache.inc.php';

  15. //更新配置函数

  16. function ReWriteConfig()

  17. {

  18.     global $dsql, $configfile;

  19.     if (!is_writeable($configfile)) {

  20.         echo "配置文件{$configfile}不支持写入,无法修改系统配置参数";

  21.         exit();

  22.     }

  23.     $fp = fopen($configfile, 'w');

  24.     flock($fp, 3);

  25.     fwrite($fp, "<"."?php\r\n");

  26.     $dsql->SetQuery("SELECT `varname`,`type`,`value`,`groupid` FROM `#@__sysconfig` ORDER BY aid ASC");

  27.     $dsql->Execute();

  28.     while ($row = $dsql->GetArray()) {

  29.         if ($row['type'] == 'number') {

  30.             if ($row['value'] == '') $row['value'] = 0;

  31.             fwrite($fp, "\${$row['varname']} = ".$row['value'].";\r\n");

  32.         } else {

  33.             $row['value'] = stripslashes($row['value']);

  34.             fwrite($fp, "\${$row['varname']} = '".str_replace(array("'","\\"), '', $row['value'])."';\r\n");

  35.         }

  36.     }

  37.     fwrite($fp, "?".">");

  38.     fclose($fp);

  39. }

  40. //保存配置的改动

  41. if ($dopost == "save") {

  42.     CheckCSRF();

  43.     foreach ($_POST as $k => $v) {

  44.         if (preg_match("#^edit___#", $k)) {

  45.             $v = cn_substrR(${$k}, 1024);

  46.         } else {

  47.             continue;

  48.         }

  49.         $k = preg_replace("#^edit___#", "", $k);

  50.         

  51.         $v = $dsql->Esc($v);

  52.         $k = $dsql->Esc($k);

  53.         $dsql->ExecuteNoneQuery("UPDATE `#@__sysconfig` SET `value`='$v' WHERE varname='$k' ");

  54.     }

  55.     ReWriteConfig();

  56.     ShowMsg("成功修改站点配置", "sys_info.php");

  57.     exit();

  58. }

  59. //增加新变量

  60. else if ($dopost == 'add') {

  61.     CheckCSRF();

  62.     if ($vartype == 'bool' && ($nvarvalue != 'Y' && $nvarvalue != 'N')) {

  63.         ShowMsg("布尔变量值必须为'Y'或'N'", "-1");

  64.         exit();

  65.     }

  66.     if (trim($nvarname) == '' || preg_match("#[^a-z_]#i", $nvarname)) {

  67.         ShowMsg("变量名不能为空并且必须为[a-z_]组成", "-1");

  68.         exit();

  69.     }

  70.     $row = $dsql->GetOne("SELECT varname FROM `#@__sysconfig` WHERE varname LIKE '$nvarname' ");

  71.     if (is_array($row)) {

  72.         ShowMsg("该变量名称已经存在", "-1");

  73.         exit();

  74.     }

  75.     $row = $dsql->GetOne("SELECT aid FROM `#@__sysconfig` ORDER BY aid DESC");

  76.     $aid = $row['aid'] + 1;

  77.     $inquery = "INSERT INTO `#@__sysconfig` (`aid`,`varname`,`info`,`value`,`type`,`groupid`) VALUES ('$aid','$nvarname','$varmsg','$nvarvalue','$vartype','$vargroup')";

  78.     $rs = $dsql->ExecuteNoneQuery($inquery);

  79.     if (!$rs) {

  80.         ShowMsg("新增变量失败,可能有非法字符", "sys_info.php?gp=$vargroup");

  81.         exit();

  82.     }

  83.     if (!is_writeable($configfile)) {

  84.         ShowMsg("成功保存变量,但由于 $configfile 无法写入,因此不能更新配置文件", "sys_info.php?gp=$vargroup");

  85.         exit();

  86.     } else {

  87.         ReWriteConfig();

  88.         ShowMsg("成功保存变量并更新配置文件", "sys_info.php?gp=$vargroup");

  89.         exit();

  90.     }

  91. }

  92. //搜索配置

  93. else if ($dopost == 'search') {

  94.     $keywords = isset($keywords) ? strip_tags($keywords) : '';

  95.     $i = 1;

  96.     $configstr = <<<EOT

  97. <table width="100%" cellspacing="1" cellpadding="1" id="tdSearch">

  98.     <tbody>

  99.         <tr bgcolor="#fbfce2" align="center">

  100.             <td width="300">参数说明</td>

  101.             <td>参数值</td>

  102.             <td width="220">变量名</td>

  103.         </tr>

  104. EOT;

  105.     echo $configstr;

  106.     if ($keywords) {

  107.         $dsql->SetQuery("SELECT * FROM `#@__sysconfig` WHERE info LIKE '%$keywords%' OR varname LIKE '%$keywords%' ORDER BY aid ASC");

  108.         $dsql->Execute();

  109.         while ($row = $dsql->GetArray()) {

  110.             $bgcolor = ($i++ % 2 == 0) ? "#f5f5f5" : "#ffffff";

  111.             $row['info'] = preg_replace("#{$keywords}#", '<span class="text-danger">'.$keywords.'</span>', $row['info']);

  112.             $row['varname'] = preg_replace("#{$keywords}#", '<span class="text-danger">'.$keywords.'</span>', $row['varname']);

  113.     ?>

  114.     <tr align="center" bgcolor="<?php echo $bgcolor ?>">

  115.         <td width="300"><?php echo $row['info'];?>:</td>

  116.         <td align="left">

  117.             <?php

  118.             if ($row['type'] == 'bool') {

  119.                 $c1 = '';

  120.                 $c2 = '';

  121.                 $row['value'] == 'Y' ? $c1 = " checked" : $c2 = " checked";

  122.                 echo "<label><input type='radio' name='edit___{$row['varname']}' value='Y'$c1> 是 </label> ";

  123.                 echo "<label><input type='radio' name='edit___{$row['varname']}' value='N'$c2> 否 </label> ";

  124.             } else if ($row['type'] == 'bstring') {

  125.                 echo "<textarea name='edit___{$row['varname']}' row='4' id='edit___{$row['varname']}' class='textarea_info' style='width:98%;height:50px'>".dede_htmlspecialchars($row['value'])."</textarea>";

  126.             } else if ($row['type'] == 'number') {

  127.                 echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value='{$row['value']}' style='width:30%'>";

  128.             } else {

  129.                 echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value=\"".dede_htmlspecialchars($row['value'])."\" style='width:80%'>";

  130.             }

  131.             ?>

  132.         </td>

  133.         <td><?php echo $row['varname'] ?></td>

  134.     </tr>

  135. <?php

  136. }

  137. ?>

  138. </table>

  139. <?php

  140.     exit;

  141.     }

  142.     if ($i == 1) {

  143.         echo '<tr bgcolor="#f5f5f5" align="center"><td colspan="3">没有找到搜索的内容</td></tr></table>';

  144.     }

  145. exit;

  146. } else if ($dopost == 'make_encode') {

  147.     $chars = 'abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789';

  148.     $hash = '';

  149.     $length = rand(28, 32);

  150.     $max = strlen($chars) - 1;

  151.     for ($i = 0; $i < $length; $i++) {

  152.         $hash .= $chars[mt_rand(0, $max)];

  153.     }

  154.     echo $hash;

  155.     exit();

  156. }

  157. include DedeInclude('templets/sys_info.htm');

  158. ?>