DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1710 Commits
3 Branches
110MB
Tree: e21ceb7e2b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e21ceb7e2b'
${ noResults }
DedeV6/src/admin/sys_info.php

165 lines
6.3KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 系统配置变量

  4.  *

  5.  * @version        $id:sys_info.php 22:28 2010年7月20日 tianya $

  6.  * @package        DedeBIZ.Administrator

  7.  * @copyright      Copyright (c) 2022 DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. CheckPurview('sys_Edit');

  13. if (empty($dopost)) $dopost = "";

  14. $configfile = DEDEDATA.'/config.cache.inc.php';

  15. //更新配置函数

  16. function ReWriteConfig()

  17. {

  18.     global $dsql, $configfile;

  19.     if (!is_writeable($configfile)) {

  20.         echo "配置文件<span class='text-primary'>{$configfile}</span>不支持写入,无法修改系统配置参数";

  21.         exit();

  22.     }

  23.     $fp = fopen($configfile, 'w');

  24.     flock($fp, 3);

  25.     fwrite($fp, "<"."?php\r\n");

  26.     $dsql->SetQuery("SELECT `varname`,`type`,`value`,`groupid` FROM `#@__sysconfig` ORDER BY aid ASC");

  27.     $dsql->Execute();

  28.     while ($row = $dsql->GetArray()) {

  29.         if ($row['type'] == 'number') {

  30.             $row['value'] = preg_replace("#[^0-9.-]#","", $row['value']);

  31.             if ($row['value'] == '') $row['value'] = 0;

  32.             fwrite($fp, "\${$row['varname']} = ".$row['value'].";\r\n");

  33.         } else {

  34.             $row['value'] = stripslashes($row['value']);

  35.             fwrite($fp, "\${$row['varname']} = '".str_replace(array("'","\\"), '', $row['value'])."';\r\n");

  36.         }

  37.     }

  38.     fwrite($fp, "?".">");

  39.     fclose($fp);

  40. }

  41. //保存配置的改动

  42. if ($dopost == "save") {

  43.     CheckCSRF();

  44.     foreach ($_POST as $k => $v) {

  45.         if (preg_match("#^edit___#", $k)) {

  46.             $v = cn_substrR(${$k}, 1024);

  47.         } else {

  48.             continue;

  49.         }

  50.         $k = preg_replace("#^edit___#", "", $k);

  51.         

  52.         $v = $dsql->Esc($v);

  53.         $k = $dsql->Esc($k);

  54.         $dsql->ExecuteNoneQuery("UPDATE `#@__sysconfig` SET `value`='$v' WHERE varname='$k' ");

  55.     }

  56.     ReWriteConfig();

  57.     ShowMsg("成功修改站点配置", "sys_info.php");

  58.     exit();

  59. }

  60. //添加新变量

  61. else if ($dopost == 'add') {

  62.     CheckCSRF();

  63.     if ($vartype == 'bool' && ($nvarvalue != 'Y' && $nvarvalue != 'N')) {

  64.         ShowMsg("布尔变量值必须为Y或N", "-1");

  65.         exit();

  66.     }

  67.     if ($valtype == 'number') {

  68.         $nvarvalue = preg_replace("[^0-9.]","", $nvarvalue);

  69.     }

  70.     if (trim($nvarname) == '' || preg_match("#[^a-z_]#i", $nvarname)) {

  71.         ShowMsg("变量名不能为空并且必须为[a-z_]组成", "-1");

  72.         exit();

  73.     }

  74.     $row = $dsql->GetOne("SELECT varname FROM `#@__sysconfig` WHERE varname LIKE '$nvarname' ");

  75.     if (is_array($row)) {

  76.         ShowMsg("该变量名称已经存在", "-1");

  77.         exit();

  78.     }

  79.     $row = $dsql->GetOne("SELECT aid FROM `#@__sysconfig` ORDER BY aid DESC");

  80.     $aid = intval($row['aid']) + 1;

  81.     $varmsg = HtmlReplace($varmsg);

  82.     $inquery = "INSERT INTO `#@__sysconfig` (`aid`,`varname`,`info`,`value`,`type`,`groupid`) VALUES ('$aid','$nvarname','$varmsg','$nvarvalue','$vartype','$vargroup')";

  83.     $rs = $dsql->ExecuteNoneQuery($inquery);

  84.     if (!$rs) {

  85.         ShowMsg("新增变量失败,可能有非法字符", "sys_info.php?gp=$vargroup");

  86.         exit();

  87.     }

  88.     if (!is_writeable($configfile)) {

  89.         ShowMsg("成功保存变量,但由于<span class='text-primary'>$configfile</span>无法写入,因此不能更新配置文件", "sys_info.php?gp=$vargroup");

  90.         exit();

  91.     } else {

  92.         ReWriteConfig();

  93.         ShowMsg("成功保存变量并更新配置文件", "sys_info.php?gp=$vargroup");

  94.         exit();

  95.     }

  96. }

  97. //搜索配置

  98. else if ($dopost == 'search') {

  99.     $keywords = isset($keywords) ? strip_tags($keywords) : '';

  100.     $i = 1;

  101.     $configstr = <<<EOT

  102. <table cellspacing="1" cellpadding="1" align="center" id="tdSearch" class="table maintable my-3">

  103.     <tr>

  104.         <td bgcolor="#f5f5f5" colspan="3">系统配置变量搜索</td>

  105.     </tr>

  106.     <tr bgcolor="#e9ecef" align="center">

  107.         <td width="360">参数说明</td>

  108.         <td>参数值</td>

  109.         <td width="260">变量名</td>

  110.     </tr>

  111. EOT;

  112.     echo $configstr;

  113.     if ($keywords) {

  114.         $dsql->SetQuery("SELECT * FROM `#@__sysconfig` WHERE info LIKE '%$keywords%' OR varname LIKE '%$keywords%' ORDER BY aid ASC");

  115.         $dsql->Execute();

  116.         while ($row = $dsql->GetArray()) {

  117.             $bgcolor = ($i++ % 2 == 0) ? "#f5f5f5" : "#ffffff";

  118.             $row['info'] = preg_replace("#{$keywords}#", '<span class="text-primary">'.$keywords.'</span>', $row['info']);

  119.             $row['varname'] = preg_replace("#{$keywords}#", '<span class="text-primary">'.$keywords.'</span>', $row['varname']);

  120.     ?>

  121.     <tr align="center" bgcolor="<?php echo $bgcolor ?>">

  122.         <td width="300"><?php echo $row['info'];?>:</td>

  123.         <td align="left">

  124.             <?php

  125.             if ($row['type'] == 'bool') {

  126.                 $c1 = '';

  127.                 $c2 = '';

  128.                 $row['value'] == 'Y' ? $c1 = " checked" : $c2 = " checked";

  129.                 echo "<label><input type='radio' name='edit___{$row['varname']}' value='Y'$c1> 是 </label> ";

  130.                 echo "<label><input type='radio' name='edit___{$row['varname']}' value='N'$c2> 否 </label> ";

  131.             } else if ($row['type'] == 'bstring') {

  132.                 echo "<textarea name='edit___{$row['varname']}' row='4' id='edit___{$row['varname']}' class='textarea_info' style='width:98%;height:50px'>".dede_htmlspecialchars($row['value'])."</textarea>";

  133.             } else if ($row['type'] == 'number') {

  134.                 echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value='{$row['value']}' style='width:30%'>";

  135.             } else {

  136.                 echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value=\"".dede_htmlspecialchars($row['value'])."\" style='width:80%'>";

  137.             }

  138.             ?>

  139.         </td>

  140.         <td><?php echo $row['varname'] ?></td>

  141.     </tr>

  142. <?php

  143. }

  144. ?>

  145. </table>

  146. <?php

  147.     exit;

  148.     }

  149.     if ($i == 1) {

  150.         echo '<tr bgcolor="#f5f5f5" align="center"><td colspan="3">搜索不到参数</td></tr></table>';

  151.     }

  152. exit;

  153. } else if ($dopost == 'make_encode') {

  154.     $chars = 'abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789';

  155.     $hash = '';

  156.     $length = rand(28, 32);

  157.     $max = strlen($chars) - 1;

  158.     for ($i = 0; $i < $length; $i++) {

  159.         $hash .= $chars[mt_rand(0, $max)];

  160.     }

  161.     echo $hash;

  162.     exit();

  163. }

  164. include DedeInclude('templets/sys_info.htm');

  165. ?>