DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
805 Commits
3 Branches
110MB
Tree: a8c3944f30
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a8c3944f30'
${ noResults }
DedeV6/src/admin/sys_info.php

162 lines
6.2KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 系统配置

  4.  *

  5.  * @version        $Id: sys_info.php 1 22:28 2010年7月20日Z tianya $

  6.  * @package        DedeBIZ.Administrator

  7.  * @copyright      Copyright (c) 2022, DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. CheckPurview('sys_Edit');

  13. if (empty($dopost)) $dopost = "";

  14. $configfile = DEDEDATA.'/config.cache.inc.php';

  15. //更新配置函数

  16. function ReWriteConfig()

  17. {

  18.     global $dsql, $configfile;

  19.     if (!is_writeable($configfile)) {

  20.         echo "配置文件'{$configfile}'不支持写入,无法修改系统配置参数";

  21.         exit();

  22.     }

  23.     $fp = fopen($configfile, 'w');

  24.     flock($fp, 3);

  25.     fwrite($fp, "<"."?php\r\n");

  26.     $dsql->SetQuery("SELECT `varname`,`type`,`value`,`groupid` FROM `#@__sysconfig` ORDER BY aid ASC ");

  27.     $dsql->Execute();

  28.     while ($row = $dsql->GetArray()) {

  29.         if ($row['type'] == 'number') {

  30.             if ($row['value'] == '') $row['value'] = 0;

  31.             fwrite($fp, "\${$row['varname']} = ".$row['value'].";\r\n");

  32.         } else {

  33.             $row['value'] = stripslashes($row['value']);

  34.             fwrite($fp, "\${$row['varname']} = '".str_replace(array("'","\\"), '', $row['value'])."';\r\n");

  35.         }

  36.     }

  37.     fwrite($fp, "?".">");

  38.     fclose($fp);

  39. }

  40. //保存配置的改动

  41. if ($dopost == "save") {

  42.     CheckCSRF();

  43.     foreach ($_POST as $k => $v) {

  44.         if (preg_match("#^edit___#", $k)) {

  45.             $v = cn_substrR(${$k}, 1024);

  46.         } else {

  47.             continue;

  48.         }

  49.         $k = preg_replace("#^edit___#", "", $k);

  50.         

  51.         $v = $dsql->Esc($v);

  52.         $k = $dsql->Esc($k);

  53.         $dsql->ExecuteNoneQuery("UPDATE `#@__sysconfig` SET `value`='$v' WHERE varname='$k' ");

  54.     }

  55.     ReWriteConfig();

  56.     ShowMsg("成功修改站点配置", "sys_info.php");

  57.     exit();

  58. }

  59. //增加新变量

  60. else if ($dopost == 'add') {

  61.     CheckCSRF();

  62.     if ($vartype == 'bool' && ($nvarvalue != 'Y' && $nvarvalue != 'N')) {

  63.         ShowMsg("布尔变量值必须为'Y'或'N'!", "-1");

  64.         exit();

  65.     }

  66.     if (trim($nvarname) == '' || preg_match("#[^a-z_]#i", $nvarname)) {

  67.         ShowMsg("变量名不能为空并且必须为[a-z_]组成!", "-1");

  68.         exit();

  69.     }

  70.     $row = $dsql->GetOne("SELECT varname FROM `#@__sysconfig` WHERE varname LIKE '$nvarname' ");

  71.     if (is_array($row)) {

  72.         ShowMsg("该变量名称已经存在!", "-1");

  73.         exit();

  74.     }

  75.     $row = $dsql->GetOne("SELECT aid FROM `#@__sysconfig` ORDER BY aid DESC ");

  76.     $aid = $row['aid'] + 1;

  77.     $inquery = "INSERT INTO `#@__sysconfig`(`aid`,`varname`,`info`,`value`,`type`,`groupid`)

  78.     VALUES ('$aid','$nvarname','$varmsg','$nvarvalue','$vartype','$vargroup')";

  79.     $rs = $dsql->ExecuteNoneQuery($inquery);

  80.     if (!$rs) {

  81.         ShowMsg("新增变量失败,可能有非法字符", "sys_info.php?gp=$vargroup");

  82.         exit();

  83.     }

  84.     if (!is_writeable($configfile)) {

  85.         ShowMsg("成功保存变量,但由于 $configfile 无法写入,因此不能更新配置文件", "sys_info.php?gp=$vargroup");

  86.         exit();

  87.     } else {

  88.         ReWriteConfig();

  89.         ShowMsg("成功保存变量并更新配置文件", "sys_info.php?gp=$vargroup");

  90.         exit();

  91.     }

  92. }

  93. //搜索配置

  94. else if ($dopost == 'search') {

  95.     $keywords = isset($keywords) ? strip_tags($keywords) : '';

  96.     $i = 1;

  97.     $configstr = <<<EOT

  98.  <table width="100%" cellspacing="1" cellpadding="1" id="tdSearch">

  99.   <tbody>

  100.    <tr height="26" bgcolor="#F8FCF1" align="center">

  101.     <td width="300">参数说明</td>

  102.     <td>参数值</td>

  103.     <td width="220">变量名</td>

  104.    </tr>

  105. EOT;

  106.     echo $configstr;

  107.     if ($keywords) {

  108. 

  109.         $dsql->SetQuery("SELECT * FROM `#@__sysconfig` WHERE info LIKE '%$keywords%' OR varname LIKE '%$keywords%' order by aid asc");

  110.         $dsql->Execute();

  111. 

  112.         while ($row = $dsql->GetArray()) {

  113.             $bgcolor = ($i++ % 2 == 0) ? "#f8f8f8" : "#ffffff";

  114.             $row['info'] = preg_replace("#{$keywords}#", '<span style="color:#dc3545">'.$keywords.'</span>', $row['info']);

  115.             $row['varname'] = preg_replace("#{$keywords}#", '<span style="color:#dc3545">'.$keywords.'</span>', $row['varname']);

  116. ?>

  117.             <tr height="26" align="center" bgcolor="<?php echo $bgcolor ?>">

  118.                 <td width="300"><?php echo $row['info']; ?>:</td>

  119.                 <td align="left" style="padding:6px;">

  120.                     <?php

  121.                     if ($row['type'] == 'bool') {

  122.                         $c1 = '';

  123.                         $c2 = '';

  124.                         $row['value'] == 'Y' ? $c1 = " checked" : $c2 = " checked";

  125.                         echo "<label><input type='radio' class='np' name='edit___{$row['varname']}' value='Y'$c1> 是</label>";

  126.                         echo "<label><input type='radio' class='np' name='edit___{$row['varname']}' value='N'$c2> 否</label>";

  127.                     } else if ($row['type'] == 'bstring') {

  128.                         echo "<textarea name='edit___{$row['varname']}' row='4' id='edit___{$row['varname']}' class='textarea_info' style='width:98%;height:50px'>".dede_htmlspecialchars($row['value'])."</textarea>";

  129.                     } else if ($row['type'] == 'number') {

  130.                         echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value='{$row['value']}' style='width:30%'>";

  131.                     } else {

  132.                         echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value=\"".dede_htmlspecialchars($row['value'])."\" style='width:80%'>";

  133.                     }

  134.                     ?>

  135.                 </td>

  136.                 <td><?php echo $row['varname'] ?></td>

  137.             </tr>

  138.         <?php

  139.         }

  140.         ?>

  141.         </table>

  142. <?php

  143.         exit;

  144.     }

  145.     if ($i == 1) {

  146.         echo '      <tr align="center" bgcolor="#f8f8f8" height="26">

  147.            <td colspan="3">没有找到搜索的内容</td>

  148.           </tr></table>';

  149.     }

  150.     exit;

  151. } else if ($dopost == 'make_encode') {

  152.     $chars = 'abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789';

  153.     $hash = '';

  154.     $length = rand(28, 32);

  155.     $max = strlen($chars) - 1;

  156.     for ($i = 0; $i < $length; $i++) {

  157.         $hash .= $chars[mt_rand(0, $max)];

  158.     }

  159.     echo $hash;

  160.     exit();

  161. }

  162. include DedeInclude('templets/sys_info.htm');