DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
170 Commits
3 Branches
110MB
Tree: ac9141298b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ac9141298b'
${ noResults }
DedeV6/src/dede/sys_info.php

187 lines
5.9KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 系统配置

  4.  *

  5.  * @version        $Id: sys_info.php 1 22:28 2010年7月20日Z tianya $

  6.  * @package        DedeCMS.Administrator

  7.  * @copyright      Copyright (c) 2007 - 2018, DesDev, Inc.

  8.  * @copyright      Copyright (c) 2020, DedeBIZ.COM

  9.  * @license        https://www.dedebiz.com/license/v6

  10.  * @link           https://www.dedebiz.com

  11.  */

  12. require_once(dirname(__FILE__)."/config.php");

  13. CheckPurview('sys_Edit');

  14. if(empty($dopost)) $dopost = "";

  15. 

  16. $configfile = DEDEDATA.'/config.cache.inc.php';

  17. 

  18. //更新配置函数

  19. function ReWriteConfig()

  20. {

  21.     global $dsql,$configfile;

  22.     if(!is_writeable($configfile))

  23.     {

  24.         echo "配置文件'{$configfile}'不支持写入,无法修改系统配置参数!";

  25.         exit();

  26.     }

  27.     $fp = fopen($configfile,'w');

  28.     flock($fp,3);

  29.     fwrite($fp,"<"."?php\r\n");

  30.     $dsql->SetQuery("SELECT `varname`,`type`,`value`,`groupid` FROM `#@__sysconfig` ORDER BY aid ASC ");

  31.     $dsql->Execute();

  32.     while($row = $dsql->GetArray())

  33.     {

  34.         if($row['type']=='number')

  35.         {

  36.             if($row['value']=='') $row['value'] = 0;

  37.             fwrite($fp,"\${$row['varname']} = ".$row['value'].";\r\n");

  38.         }

  39.         else

  40.         {

  41.             fwrite($fp,"\${$row['varname']} = '".str_replace("'",'',$row['value'])."';\r\n");

  42.         }

  43.     }

  44.     fwrite($fp,"?".">");

  45.     fclose($fp);

  46. }

  47. 

  48. //保存配置的改动

  49. if($dopost=="save")

  50. {

  51.     CheckCSRF();

  52.     foreach($_POST as $k=>$v)

  53.     {

  54.         if(preg_match("#^edit___#", $k))

  55.         {

  56.             $v = cn_substrR(${$k}, 1024);

  57.         }

  58.         else

  59.         {

  60.             continue;

  61.         }

  62.         $k = preg_replace("#^edit___#", "", $k);

  63.         $dsql->ExecuteNoneQuery("UPDATE `#@__sysconfig` SET `value`='$v' WHERE varname='$k' ");

  64.     }

  65.     ReWriteConfig();

  66.     ShowMsg("成功更改站点配置!", "sys_info.php");

  67.     exit();

  68. }

  69. //增加新变量

  70. else if($dopost=='add')

  71. {

  72.     CheckCSRF();

  73.     if($vartype=='bool' && ($nvarvalue!='Y' && $nvarvalue!='N'))

  74.     {

  75.         ShowMsg("布尔变量值必须为'Y'或'N'!","-1");

  76.         exit();

  77.     }

  78.     if(trim($nvarname)=='' || preg_match("#[^a-z_]#i", $nvarname) )

  79.     {

  80.         ShowMsg("变量名不能为空并且必须为[a-z_]组成!","-1");

  81.         exit();

  82.     }

  83.     $row = $dsql->GetOne("SELECT varname FROM `#@__sysconfig` WHERE varname LIKE '$nvarname' ");

  84.     if(is_array($row))

  85.     {

  86.         ShowMsg("该变量名称已经存在!","-1");

  87.         exit();

  88.     }

  89.     $row = $dsql->GetOne("SELECT aid FROM `#@__sysconfig` ORDER BY aid DESC ");

  90.     $aid = $row['aid'] + 1;

  91.     $inquery = "INSERT INTO `#@__sysconfig`(`aid`,`varname`,`info`,`value`,`type`,`groupid`)

  92.     VALUES ('$aid','$nvarname','$varmsg','$nvarvalue','$vartype','$vargroup')";

  93.     $rs = $dsql->ExecuteNoneQuery($inquery);

  94.     if(!$rs)

  95.     {

  96.         ShowMsg("新增变量失败,可能有非法字符!", "sys_info.php?gp=$vargroup");

  97.         exit();

  98.     }

  99.     if(!is_writeable($configfile))

  100.     {

  101.         ShowMsg("成功保存变量,但由于 $configfile 无法写入,因此不能更新配置文件!","sys_info.php?gp=$vargroup");

  102.         exit();

  103.     }else

  104.     {

  105.         ReWriteConfig();

  106.         ShowMsg("成功保存变量并更新配置文件!","sys_info.php?gp=$vargroup");

  107.         exit();

  108.     }

  109. }

  110. // 搜索配置

  111. else if ($dopost=='search')

  112. {

  113.     $keywords = isset($keywords)? strip_tags($keywords) : '';

  114.     $i = 1;

  115.     $configstr = <<<EOT

  116.  <table width="100%" cellspacing="1" cellpadding="1" border="0" bgcolor="#cfcfcf" id="tdSearch" style="">

  117.   <tbody>

  118.    <tr height="25" bgcolor="#fbfce2" align="center">

  119.     <td width="300">参数说明</td>

  120.     <td>参数值</td>

  121.     <td width="220">变量名</td>

  122.    </tr>

  123. EOT;

  124.     echo $configstr;

  125.     if ($keywords)

  126.     {

  127. 

  128.         $dsql->SetQuery("SELECT * FROM `#@__sysconfig` WHERE info LIKE '%$keywords%' OR varname LIKE '%$keywords%' order by aid asc");

  129.         $dsql->Execute();

  130.        

  131.         while ($row = $dsql->GetArray()) {

  132.             $bgcolor = ($i++%2==0)? "#F9FCEF" : "#ffffff";

  133.             $row['info'] = preg_replace("#{$keywords}#", '<font color="red">'.$keywords.'</font>', $row['info']);

  134.             $row['varname'] = preg_replace("#{$keywords}#", '<font color="red">'.$keywords.'</font>', $row['varname']);

  135. ?>

  136.       <tr align="center" height="25" bgcolor="<?php echo $bgcolor?>">

  137.        <td width="300"><?php echo $row['info']; ?>: </td>

  138.        <td align="left" style="padding:3px;">

  139. <?php

  140.     if($row['type']=='bool')

  141.     {

  142.         $c1='';

  143.         $c2 = '';

  144.         $row['value']=='Y' ? $c1=" checked" : $c2=" checked";

  145.         echo "<input type='radio' class='np' name='edit___{$row['varname']}' value='Y'$c1>是 ";

  146.         echo "<input type='radio' class='np' name='edit___{$row['varname']}' value='N'$c2>否 ";

  147.     }else if($row['type']=='bstring')

  148.     {

  149.         echo "<textarea name='edit___{$row['varname']}' row='4' id='edit___{$row['varname']}' class='textarea_info' style='width:98%;height:50px'>".dede_htmlspecialchars($row['value'])."</textarea>";

  150.     }else if($row['type']=='number')

  151.     {

  152.         echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value='{$row['value']}' style='width:30%'>";

  153.     }else

  154.     {

  155.         echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value=\"".dede_htmlspecialchars($row['value'])."\" style='width:80%'>";

  156.     }

  157.     ?>

  158. </td>

  159.        <td><?php echo $row['varname']?></td>

  160.       </tr>

  161.       <?php

  162. }

  163. ?>

  164.      </table>

  165.       <?php

  166.         exit;

  167.     }

  168.     if ($i == 1)

  169.     {

  170.         echo '      <tr align="center" bgcolor="#F9FCEF" height="25">

  171.            <td colspan="3">没有找到搜索的内容</td>

  172.           </tr></table>';

  173.     }

  174.     exit;

  175. } else if ($dopost=='make_encode')

  176. {

  177.     $chars='abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789';

  178.     $hash='';

  179.     $length = rand(28,32);

  180.     $max = strlen($chars) - 1;

  181.     for($i = 0; $i < $length; $i++) {

  182.         $hash .= $chars[mt_rand(0, $max)];

  183.     }

  184.     echo $hash;

  185.     exit();

  186. }

  187. include DedeInclude('templets/sys_info.htm');