From 1a16e750ec79a0e4057ccaf9fd28e5c27c395cf5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=8F=99=E8=BF=B0=E3=80=81=E5=88=AB=E7=A6=BB?=
<2449271624@qq.com>
Date: Fri, 17 Nov 2023 18:32:26 +0800
Subject: [PATCH] =?UTF-8?q?=E8=87=AA=E5=AE=9A=E4=B9=89=E8=A1=A8=E5=8D=95?=
=?UTF-8?q?=E4=BC=98=E5=8C=96=E6=8F=90=E4=BA=A4=E9=93=BE=E6=8E=A5=E3=80=81?=
=?UTF-8?q?ip=E3=80=81=E6=97=B6=E9=97=B4=EF=BC=8C=E7=94=A8=E6=88=B7?=
=?UTF-8?q?=E9=9C=80=E8=A6=81=E6=B7=BB=E5=8A=A0=E5=AF=B9=E5=BA=94=E8=87=AA?=
=?UTF-8?q?=E5=AE=9A=E4=B9=89=E5=AD=97=E6=AE=B5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
src/admin/diy_list.php | 14 +++++++-------
src/apps/diy.php | 31 +++++++++++++++++--------------
2 files changed, 24 insertions(+), 21 deletions(-)
diff --git a/src/admin/diy_list.php b/src/admin/diy_list.php
index 9cd61111..53fa76f3 100644
--- a/src/admin/diy_list.php
+++ b/src/admin/diy_list.php
@@ -13,7 +13,7 @@ CheckPurview('c_New');
$diyid = isset($diyid) && is_numeric($diyid) ? $diyid : 0;
$action = isset($action) && in_array($action, array('post', 'list', 'edit', 'check', 'delete', 'excel')) ? $action : '';
if (empty($diyid)) {
- showMsg("操作失败", 'javascript:;');
+ showMsg('操作失败', '-1');
exit();
}
require_once DEDEINC.'/diyform.class.php';
@@ -27,13 +27,13 @@ if ($action == 'post') {
$dede_fieldshash = empty($dede_fieldshash) ? '' : trim($dede_fieldshash);
if (!empty($dede_fields)) {
if ($dede_fieldshash != md5($dede_fields.$cfg_cookie_encode)) {
- showMsg("数据校验不对,程序返回", '-1');
+ showMsg('数据校验不对', '-1');
exit();
}
}
$diyform = $dsql->GetOne("SELECT * FROM `#@__diyforms` WHERE diyid=$diyid");
if (!is_array($diyform)) {
- showmsg("表单不存在,程序返回", '-1');
+ showmsg('表单不存在', '-1');
exit();
}
$addvar = $addvalue = '';
@@ -88,13 +88,13 @@ if ($action == 'post') {
if (empty($do)) {
$id = isset($id) && is_numeric($id) ? $id : 0;
if (empty($id)) {
- showMsg('操作失败,未指定id', 'javascript:;');
+ showMsg('操作失败,未指定id', '-1');
exit();
}
$query = "SELECT * FROM {$diy->table} WHERE id=$id";
$row = $dsql->GetOne($query);
if (!is_array($row)) {
- showmsg("您浏览的记录不存在或待审核", '-1');
+ showmsg('您浏览的记录不存在或待审核', '-1');
exit();
}
$postform = $diy->getForm('edit', $row, 'admin');
@@ -107,7 +107,7 @@ if ($action == 'post') {
$diyform = $dsql->GetOne("SELECT * FROM `#@__diyforms` WHERE diyid=$diyid");
$diyco = $dsql->GetOne("SELECT * FROM `$diy->table` WHERE id='$id'");
if (!is_array($diyform)) {
- showmsg("表单不存在,程序返回", '-1');
+ showmsg("表单不存在", '-1');
exit();
}
$addsql = '';
@@ -207,6 +207,6 @@ if ($action == 'post') {
}
echo "";
} else {
- showmsg('未定义操作', "-1");
+ showmsg('未定义操作', '-1');
}
?>
\ No newline at end of file
diff --git a/src/apps/diy.php b/src/apps/diy.php
index 44e255e4..5c4964df 100755
--- a/src/apps/diy.php
+++ b/src/apps/diy.php
@@ -13,7 +13,7 @@ $diyid = isset($diyid) && is_numeric($diyid) ? $diyid : 0;
$action = isset($action) && in_array($action, array('post', 'list', 'view')) ? $action : 'post';
$id = isset($id) && is_numeric($id) ? $id : 0;
if (empty($diyid)) {
- showMsg('操作失败', 'javascript:;');
+ showMsg('操作失败', '/');
exit();
}
require_once DEDEINC.'/diyform.class.php';
@@ -28,13 +28,13 @@ if ($action == 'post') {
$dede_fieldshash = empty($dede_fieldshash) ? '' : trim($dede_fieldshash);
if (!empty($dede_fields)) {
if ($dede_fieldshash != md5($dede_fields.$cfg_cookie_encode)) {
- showMsg('数据校验不对,程序返回', '-1');
+ showMsg('数据校验不对', '-1');
exit();
}
}
$diyform = $dsql->GetOne("SELECT * FROM `#@__diyforms` WHERE diyid='$diyid' ");
if (!is_array($diyform)) {
- showmsg('表单不存在,程序返回', '-1');
+ showmsg('表单不存在', '-1');
exit();
}
$addvar = $addvalue = '';
@@ -47,14 +47,18 @@ if ($action == 'post') {
if ($fieldinfo[1] == 'textdata') {
${$fieldinfo[0]} = FilterSearch(stripslashes(${$fieldinfo[0]}));
${$fieldinfo[0]} = addslashes(${$fieldinfo[0]});
- }
- //获取地址,表单添加text数据类型ip字段型后模板用
+ }
+ //获取提交链接,表单添加字段文字为链接,字段名称默认为link,数据类型为单行文本后模板里用使用
+ if ($fieldinfo[0] == 'link') {
+ ${$fieldinfo[0]} = $_SERVER['HTTP_REFERER'];
+ }
+ //获取提交地址,表单添加字段文字为地址,字段名称默认为ip,数据类型为单行文本后模板里用使用
if ($fieldinfo[0] == 'ip') {
- ${$fieldinfo[0]}=GetIP();
+ ${$fieldinfo[0]} = GetIP();
}
- //获取时间,表单添加text数据类型sj字段型后模板用
- if ($fieldinfo[0] == 'sj') {
- ${$fieldinfo[0]}=date("Y-m-d H:i:s");
+ //获取提交日期,表单添加字段文字为日期,字段名称默认为date,数据类型为单行文本后模板里用使用
+ if ($fieldinfo[0] == 'date') {
+ ${$fieldinfo[0]} = date("Y-m-d H:i:s");
} else {
${$fieldinfo[0]} = GetFieldValue(${$fieldinfo[0]}, $fieldinfo[1],0,'add','','diy', $fieldinfo[0]);
}
@@ -68,10 +72,10 @@ if ($action == 'post') {
$id = $dsql->GetLastID();
if ($diy->public == 2) {
$goto = "diy.php?action=list&diyid={$diy->diyid}";
- $bkmsg = '发布成功,正在前往表单列表';
+ $bkmsg = '提交成功,正在前往表单列表';
} else {
$goto = '/';
- $bkmsg = '发布成功,请等待管理员处理';
+ $bkmsg = '提交成功,请等待管理员处理';
}
ShowMsg($bkmsg, $goto);
}
@@ -96,11 +100,11 @@ if ($action == 'post') {
$datalist->Display();
} else if ($action == 'view') {
if (empty($diy->public)) {
- showMsg('表单已关闭前台浏览', 'javascript:;');
+ showMsg('表单已关闭前台浏览', '/');
exit();
}
if (empty($id)) {
- showMsg('操作失败,未指定id', 'javascript:;');
+ showMsg('操作失败,未指定id', '/');
exit();
}
if ($diy->public == 2) {
@@ -109,7 +113,6 @@ if ($action == 'post') {
$query = "SELECT * FROM `{$diy->table}` WHERE id='$id' AND ifcheck=1";
}
$row = $dsql->GetOne($query);
-
if (!is_array($row)) {
showmsg('您浏览的记录不存在或待审核', '-1');
exit();