DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2367 Commits
3 Branches
110MB
Tree: 745dae6e37
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '745dae6e37'
${ noResults }
DedeV6/src/admin/sys_info.php

164 lines
6.0KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 系统设置

  4.  *

  5.  * @version        $id:sys_info.php 22:28 2010年7月20日 tianya $

  6.  * @package        DedeBIZ.Administrator

  7.  * @copyright      Copyright (c) 2022 DedeBIZ.COM

  8.  * @license        GNU GPL v2 (https://www.dedebiz.com/license)

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. CheckPurview('sys_Edit');

  13. if (empty($dopost)) $dopost = '';

  14. $configfile = DEDEDATA.'/config.cache.inc.php';

  15. //更新配置函数

  16. function ReWriteConfig()

  17. {

  18.     global $dsql, $configfile;

  19.     if (!is_writeable($configfile)) {

  20.         echo "配置文件{$configfile}不支持写入,无法修改系统配置参数";

  21.         exit();

  22.     }

  23.     $fp = fopen($configfile, 'w');

  24.     flock($fp, 3);

  25.     fwrite($fp, "<"."?php\r\n");

  26.     $dsql->SetQuery("SELECT `varname`,`type`,`value`,`groupid` FROM `#@__sysconfig` ORDER BY aid ASC");

  27.     $dsql->Execute();

  28.     while ($row = $dsql->GetArray()) {

  29.         if ($row['type'] == 'number') {

  30.             $row['value'] = preg_replace("#[^0-9.-]#","", $row['value']);

  31.             if ($row['value'] == '') $row['value'] = 0;

  32.             fwrite($fp, "\${$row['varname']} = ".$row['value'].";\r\n");

  33.         } else {

  34.             $row['value'] = stripslashes($row['value']);

  35.             fwrite($fp, "\${$row['varname']} = '".str_replace(array("'","\\"), '', $row['value'])."';\r\n");

  36.         }

  37.     }

  38.     fwrite($fp, "?".">");

  39.     fclose($fp);

  40. }

  41. //保存配置的改动

  42. if ($dopost == "save") {

  43.     CheckCSRF();

  44.     foreach ($_POST as $k => $v) {

  45.         if (preg_match("#^edit___#", $k)) {

  46.             $v = cn_substrR(${$k}, 1024);

  47.         } else {

  48.             continue;

  49.         }

  50.         $k = preg_replace("#^edit___#", "", $k);

  51.         

  52.         $v = $dsql->Esc($v);

  53.         $k = $dsql->Esc($k);

  54.         $dsql->ExecuteNoneQuery("UPDATE `#@__sysconfig` SET `value`='$v' WHERE varname='$k' ");

  55.     }

  56.     ReWriteConfig();

  57.     ShowMsg("成功修改系统设置", "sys_info.php");

  58.     exit();

  59. }

  60. //添加新变量

  61. else if ($dopost == 'add') {

  62.     CheckCSRF();

  63.     if ($vartype == 'bool' && ($nvarvalue != 'Y' && $nvarvalue != 'N')) {

  64.         ShowMsg("布尔变量值必须为Y或N", "-1");

  65.         exit();

  66.     }

  67.     if ($valtype == 'number') {

  68.         $nvarvalue = preg_replace("[^0-9.]","", $nvarvalue);

  69.     }

  70.     if (trim($nvarname) == '' || preg_match("#[^a-z_]#i", $nvarname)) {

  71.         ShowMsg("变量名不能为空并且必须为[a-z_]组成", "-1");

  72.         exit();

  73.     }

  74.     $row = $dsql->GetOne("SELECT varname FROM `#@__sysconfig` WHERE varname LIKE '$nvarname' ");

  75.     if (is_array($row)) {

  76.         ShowMsg("该变量名称已经存在", "-1");

  77.         exit();

  78.     }

  79.     $row = $dsql->GetOne("SELECT aid FROM `#@__sysconfig` ORDER BY aid DESC");

  80.     $aid = intval($row['aid']) + 1;

  81.     $varmsg = HtmlReplace($varmsg);

  82.     $inquery = "INSERT INTO `#@__sysconfig` (`aid`,`varname`,`info`,`value`,`type`,`groupid`) VALUES ('$aid','$nvarname','$varmsg','$nvarvalue','$vartype','$vargroup')";

  83.     $rs = $dsql->ExecuteNoneQuery($inquery);

  84.     if (!$rs) {

  85.         ShowMsg("新增变量失败,有非法字符", "sys_info.php?gp=$vargroup");

  86.         exit();

  87.     }

  88.     if (!is_writeable($configfile)) {

  89.         ShowMsg("成功保存变量,但由于".$configfile."无法写入,因此不能更新配置文件", "sys_info.php?gp=$vargroup");

  90.         exit();

  91.     } else {

  92.         ReWriteConfig();

  93.         ShowMsg("成功保存变量并更新配置文件", "sys_info.php?gp=$vargroup");

  94.         exit();

  95.     }

  96. }

  97. //搜索配置

  98. else if ($dopost == 'search') {

  99.     $keywords = isset($keywords) ? strip_tags($keywords) : '';

  100.     $i = 1;

  101.     $configstr = <<<EOT

  102. <table align="center" id="tdSearch" class="table maintable my-3">

  103.     <tr>

  104.         <td bgcolor="#f8fafb" colspan="3">系统设置搜索</td>

  105.     </tr>

  106.     <tr bgcolor="#f8f9fa" align="center">

  107.         <td width="360">参数说明</td>

  108.         <td>参数值</td>

  109.         <td width="260">变量名</td>

  110.     </tr>

  111. EOT;

  112.     echo $configstr;

  113.     if ($keywords) {

  114.         $dsql->SetQuery("SELECT * FROM `#@__sysconfig` WHERE info LIKE '%$keywords%' OR varname LIKE '%$keywords%' ORDER BY aid ASC");

  115.         $dsql->Execute();

  116.         while ($row = $dsql->GetArray()) {

  117.             $row['info'] = preg_replace("#{$keywords}#", '<b class="text-danger">'.$keywords.'</b>', $row['info']);

  118.             $row['varname'] = preg_replace("#{$keywords}#", '<b class="text-danger">'.$keywords.'</b>', $row['varname']);

  119.     ?>

  120.     <tr align="center">

  121.         <td width="300"><?php echo $row['info'];?>:</td>

  122.         <td align="left">

  123.             <?php

  124.             if ($row['type'] == 'bool') {

  125.                 $c1 = '';

  126.                 $c2 = '';

  127.                 $row['value'] == 'Y' ? $c1 = "checked" : $c2 = "checked";

  128.                 echo "<label><input type='radio' name='edit___{$row['varname']}' value='Y' $c1> 是</label> ";

  129.                 echo "<label><input type='radio' name='edit___{$row['varname']}' value='N' $c2> 否</label> ";

  130.             } else if ($row['type'] == 'bstring') {

  131.                 echo "<textarea name='edit___{$row['varname']}' row='4' id='edit___{$row['varname']}' class='admin-textarea-xl'>".dede_htmlspecialchars($row['value'])."</textarea>";

  132.             } else if ($row['type'] == 'number') {

  133.                 echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value='{$row['value']}' class='w-50'>";

  134.             } else {

  135.                 echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value=\"".dede_htmlspecialchars($row['value'])."\" class='w-75'>";

  136.             }

  137.             ?>

  138.         </td>

  139.         <td><?php echo $row['varname'] ?></td>

  140.     </tr>

  141. <?php

  142. }

  143. ?>

  144. </table>

  145. <?php

  146. exit;

  147. }

  148. if ($i == 1) {

  149.     echo '<tr><td bgcolor="#f8fafb" colspan="3" align="center">搜索不到参数</td></tr></table>';

  150. }

  151. exit;

  152. } else if ($dopost == 'make_encode') {

  153.     $chars = 'abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789';

  154.     $hash = '';

  155.     $length = rand(28, 32);

  156.     $max = strlen($chars) - 1;

  157.     for ($i = 0; $i < $length; $i++) {

  158.         $hash .= $chars[mt_rand(0, $max)];

  159.     }

  160.     echo $hash;

  161.     exit();

  162. }

  163. include DedeInclude('templets/sys_info.htm');

  164. ?>