3 년 전 · a5f68b377f
--- a/src/dede/templets/login.htm
+++ b/src/dede/templets/login.htm
@@ -11,7 +11,7 @@
 body{font:14px Helvetica Neue,Helvetica,PingFang SC,Tahoma,Arial,sans-serif;background-color:#f2f2f2}
 header{background:#fff}
 header .logo{width:260px;padding:1em 0}
 .login-from{max-width:620px;width:100%}
 .login-from{max-width:580px;width:100%}
 .login-area{background-color:#fff;padding:2em}
 .login-area .btnLogin{width:100%}
 .login-power{padding-top:1em}
--- a/src/include/common.func.php
+++ b/src/include/common.func.php
@@ -1,5 +1,5 @@
 <?php
 if (!defined('DEDEINC')) exit('dedebiz');
 /**
 * 系统核心函数存放文件
 * @version        $Id: common.func.php 4 16:39 2010年7月6日Z tianya $
@@ -8,8 +8,6 @@
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 if (!defined('DEDEINC')) exit('dedebiz');
 if (version_compare(PHP_VERSION, '7.0.0', '>=')) {
    if (!function_exists('mysql_connect') and function_exists('mysqli_connect')) {
        function mysql_connect($server, $username, $password)
@@ -17,28 +15,24 @@ if (version_compare(PHP_VERSION, '7.0.0', '>=')) {
            return mysqli_connect($server, $username, $password);
        }
    }
    if (!function_exists('mysql_query') and function_exists('mysqli_query')) {
        function mysql_query($query, $link)
        {
            return mysqli_query($link, $query);
        }
    }
    if (!function_exists('mysql_select_db') and function_exists('mysqli_select_db')) {
        function mysql_select_db($database_name, $link)
        {
            return mysqli_select_db($link, $database_name);
        }
    }
    if (!function_exists('mysql_fetch_array') and function_exists('mysqli_fetch_array')) {
        function mysql_fetch_array($result)
        {
            return mysqli_fetch_array($result);
        }
    }
    if (!function_exists('mysql_close') and function_exists('mysqli_close')) {
        function mysql_close($link)
        {
@@ -52,7 +46,6 @@ if (version_compare(PHP_VERSION, '7.0.0', '>=')) {
        }
    }
 }
 function make_hash()
 {
    $rand = dede_random_bytes(16);
@@ -61,17 +54,14 @@ function make_hash()
        : bin2hex($rand);
    return $_SESSION['token'];
 }
 function dede_random_bytes($length)
 {
    if (empty($length) or !ctype_digit((string) $length)) {
        return FALSE;
    }
    if (function_exists('openssl_random_pseudo_bytes')) {
        return openssl_random_pseudo_bytes($length);
    }
    if (function_exists('random_bytes')) {
        try {
            return random_bytes((int) $length);
@@ -90,11 +80,8 @@ function dede_random_bytes($length)
            return $output;
        }
    }
    return FALSE;
 }
 /**
 *  载入小助手,系统默认载入小助手
 *  在/data/helper.inc.php中进行默认小助手初始化的设置
@@ -127,7 +114,6 @@ function helper($helpers)
        }
        return;
    }
    if (isset($_helpers[$helpers])) {
        return;
    }
@@ -135,12 +121,11 @@ function helper($helpers)
        include_once(DEDEINC . '/helpers/' . $helpers . '.helper.php');
        $_helpers[$helpers] = TRUE;
    }
    // 无法载入小助手
    //无法载入小助手
    if (!isset($_helpers[$helpers])) {
        exit('Unable to load the requested file: helpers/' . $helpers . '.helper.php');
    }
 }
 function dede_htmlspecialchars($str)
 {
    global $cfg_soft_lang;
@@ -148,7 +133,6 @@ function dede_htmlspecialchars($str)
    if ($cfg_soft_lang == 'gb2312') return htmlspecialchars($str, ENT_COMPAT, 'ISO-8859-1');
    else return htmlspecialchars($str);
 }
 /**
 *  载入小助手,这里用户可能载入用helps载入多个小助手
 *
@@ -160,7 +144,6 @@ function helpers($helpers)
 {
    helper($helpers);
 }
 //兼容php4的file_put_contents
 if (!function_exists('file_put_contents')) {
    function file_put_contents($n, $d)
@@ -175,7 +158,6 @@ if (!function_exists('file_put_contents')) {
        }
    }
 }
 /**
 *  显示更新信息
 *
@@ -186,15 +168,8 @@ function UpdateStat()
    include_once(DEDEINC . "/inc/inc_stat.php");
    return SpUpdateStat();
 }
 $arrs1 = array(0x63, 0x66, 0x67, 0x5f, 0x70, 0x6f, 0x77, 0x65, 0x72, 0x62, 0x79);
 $arrs2 = array(
    0x20, 0x3c, 0x61, 0x20, 0x68, 0x72, 0x65, 0x66, 0x3d, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f,
    0x77, 0x77, 0x77, 0x2e, 0x64, 0x65, 0x64, 0x65, 0x63, 0x6d, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x20, 0x74, 0x61, 0x72,
    0x67, 0x65, 0x74, 0x3d, 0x27, 0x5f, 0x62, 0x6c, 0x61, 0x6e, 0x6b, 0x27, 0x3e, 0x50, 0x6f, 0x77, 0x65, 0x72, 0x20,
    0x62, 0x79, 0x20, 0x44, 0x65, 0x64, 0x65, 0x43, 0x6d, 0x73, 0x3c, 0x2f, 0x61, 0x3e
 );
 $arrs1 = array();
 $arrs2 = array();
 /**
 *  短消息函数,可以在某个动作处理后友好的提示信息
 *
@@ -207,21 +182,16 @@ $arrs2 = array(
 function ShowMsg($msg, $gourl, $onlymsg = 0, $limittime = 0)
 {
    global $cfg_soft_lang, $cfg_cmsurl;
    if (empty($GLOBALS['cfg_plus_dir'])) $GLOBALS['cfg_plus_dir'] = '..';
    $htmlhead  = "<html>\r\n<head>\r\n<title>DedeBIZ提示信息</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset={$cfg_soft_lang}\" />\r\n<meta name=\"viewport\" content=\"width=device-width, initial-scale=1, shrink-to-fit=no\">";
    $htmlhead .= "<link rel=\"stylesheet\" href=\"{$cfg_cmsurl}/static/css/bootstrap.min.css\"><style>.modal {position: static;}</style><link href=\"{$cfg_cmsurl}/static/font-awesome/css/font-awesome.min.css\" rel=\"stylesheet\">";
    $htmlhead .= "<base target='_self'/></head>\r\n<body leftmargin='0' topmargin='0' bgcolor='#FFFFFF'>" . (isset($GLOBALS['ucsynlogin']) ? $GLOBALS['ucsynlogin'] : '') . "\r\n<center>\r\n<script>\r\n";
    $htmlfoot  = "</script>\r\n</center>\r\n</body>\r\n</html>\r\n";
    if(empty($GLOBALS['cfg_plus_dir'])) $GLOBALS['cfg_plus_dir'] = '..';
    $htmlhead  = "<html><head><meta charset='utf-8'><title>提示信息</title><meta name='viewport' content='width=device-width,initial-scale=1'>";
    $htmlhead .= "<base target='_self'></head><body>".(isset($GLOBALS['ucsynlogin']) ? $GLOBALS['ucsynlogin'] : '')."<center><script>";
    $htmlfoot  = "</script></center></body></html>";
    $litime = ($limittime == 0 ? 1000 : $limittime);
    $func = '';
    if ($gourl == '-1') {
        if ($limittime == 0) $litime = 5000;
        $gourl = "javascript:history.go(-1);";
    }
    if ($gourl == '' || $onlymsg == 1) {
        $msg = "<script>alert(\"" . str_replace("\"", "“", $msg) . "\");</script>";
    } else {
@@ -231,33 +201,30 @@ function ShowMsg($msg, $gourl, $onlymsg = 0, $limittime = 0)
            $gourl = 'javascript:;';
            $func .= "window.parent.document.getElementById('{$tgobj}').style.display='none';\r\n";
        }
        $func .= "      var pgo=0;
      function JumpUrl(){
        if(pgo==0){ location='$gourl'; pgo=1; }
      }\r\n";
        $func .= "var pgo=0;function JumpUrl(){if (pgo==0){location='$gourl'; pgo=1;}}";
        $rmsg = $func;
        $rmsg .= "document.write(\"<main class='container'><div class='modal' tabindex='-1' role='dialog' style='display:block'><div class='modal-dialog'><div class='modal-content'><div class='modal-header'><h6 class='modal-title'>";
        $rmsg .= "DedeBIZ 提示信息！</h6></div><div class='modal-body'>\");\r\n";
        $rmsg .= "document.write(\"" . str_replace("\"", "“", $msg) . "\");\r\n";
        $rmsg .= "document.write(\"<style>body{margin:0;line-height:1.6;font:12px Helvetica Neue,Helvetica,PingFang SC,Tahoma,Arial,sans-serif;color:#666;background:#f2f2f2}a{color:#009688;text-decoration:none}.xushu-tips{margin:68px auto 0;padding:0;width:360px;height:auto;background:#fff;border-radius:2px;box-shadow:0 1px 2px 0 rgba(0,0,0,.05)}.tips{margin:0 20px;padding:12px 0;border-bottom:1px solid #f6f6f6}.tips p{margin:0;padding-left:10px;line-height:16px;font-size:14px;color:#424b51;text-align:left;border-left:3px solid #ff5722}.frame{padding:20px;height:120px}.go a{display:inline-block;margin:20px auto 0;padding:0 10px;line-height:30px;color:#fff;background:#28a745;border:1px solid #28a745;box-sizing:border-box;border-radius:2px;text-align:center;transition:all .4s}.go a:hover{color:#fff;opacity:.8}@media (max-width:768px){body{padding:0 14px}.xushu-tips{width:100%}}</style>\");";
        $rmsg .= "document.write(\"<div class='xushu-tips'>";
        $rmsg .= "<div class='tips'><p>提示信息</p></div>\");";
        $rmsg .= "document.write(\"<div class='frame'>\");";
        $rmsg .= "document.write(\"".str_replace("\"","“",$msg)."\");";
        $rmsg .= "document.write(\"";
        if ($onlymsg == 0) {
            if ($gourl != 'javascript:;' && $gourl != '') {
                $rmsg .= "<br /><a href='{$gourl}'>如果你的浏览器没反应，请点击这里...</a>";
                $rmsg .= "</div></div></div></div></main>\");\r\n";
        if($onlymsg==0)
        {
            if( $gourl != 'javascript:;' && $gourl != '')
            {
                $rmsg .= "<div class='go'><a href='{$gourl}'>点击反应</a></div>\");";
                $rmsg .= "setTimeout('JumpUrl()',$litime);";
            } else {
                $rmsg .= "</div></div></div></div></main>\");\r\n";
                $rmsg .= "</div>\");";
            }
        } else {
            $rmsg .= "</div></div></div></div></main>\");\r\n";
            $rmsg .= "</div>\");";
        }
        $msg  = $htmlhead . $rmsg . $htmlfoot;
        $msg  = $htmlhead.$rmsg.$htmlfoot;
    }
    echo $msg;
 }
 /**
 *  获取验证码的session值
 *
@@ -269,7 +236,6 @@ function GetCkVdValue()
    @session_start();
    return isset($_SESSION['securimage_code_value']) ? $_SESSION['securimage_code_value'] : '';
 }
 /**
 *  PHP某些版本有Bug，不能在同一作用域中同时读session并改注销它，因此调用后需执行本函数
 *
@@ -280,12 +246,10 @@ function ResetVdValue()
    @session_start();
    $_SESSION['securimage_code_value'] = '';
 }
 function IndexSub($idx, $num)
 {
    return intval($idx) - intval($num) == 0 ? '0 ' : intval($idx) - intval($num);
 }
 // 用来返回index的active
 function IndexActive($idx)
 {
@@ -295,9 +259,8 @@ function IndexActive($idx)
        return '';
    }
 }
 // 自定义函数接口
 // 这里主要兼容早期的用户扩展,v5.7之后我们建议使用小助手helper进行扩展
 if (file_exists(DEDEINC . '/extend.func.php')) {
    require_once(DEDEINC . '/extend.func.php');
 }
 }
--- a/src/include/taglib/channel.lib.php
+++ b/src/include/taglib/channel.lib.php
@@ -1,5 +1,4 @@
 <?php
 /**
 * 获取栏目列表标签
 *
@@ -9,18 +8,14 @@
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 function lib_channel(&$ctag, &$refObj)
 {
    global $dsql;
    $attlist = "typeid|0,reid|0,row|100,col|1,type|son,currentstyle|,cacheid|";
    FillAttsDefault($ctag->CAttribute->Items, $attlist);
    extract($ctag->CAttribute->Items, EXTR_SKIP);
    $innertext = $ctag->GetInnerText();
    $line = empty($row) ? 100 : $row;
    $likeType = '';
    //读取固定的缓存块
    $cacheid = trim($cacheid);
@@ -28,7 +23,6 @@ function lib_channel(&$ctag, &$refObj)
        $likeType = GetCacheBlock($cacheid);
        if ($likeType != '') return $likeType;
    }
    $reid = 0;
    $topid = 0;
    //如果属性里没指定栏目id，从引用类里获取栏目信息
@@ -52,39 +46,30 @@ function lib_channel(&$ctag, &$refObj)
            $issetInfos = true;
        }
    }
    if ($type == '' || $type == 'sun') $type = 'son';
    if ($innertext == '') $innertext = GetSysTemplets("channel_list.htm");
    if ($type == 'top') {
        $sql = "SELECT id,typename,typedir,isdefault,ispart,defaultname,namerule2,moresite,siteurl,sitepath
          From `#@__arctype` WHERE reid=0 And ishidden<>1 order by sortrank asc limit 0, $line ";
        $sql = "SELECT * From `#@__arctype` WHERE reid=0 And ishidden<>1 order by sortrank asc limit 0, $line ";
    } else if ($type == 'son') {
        if ($typeid == 0) return '';
        $sql = "SELECT id,typename,typedir,isdefault,ispart,defaultname,namerule2,moresite,siteurl,sitepath
          From `#@__arctype` WHERE reid='$typeid' And ishidden<>1 order by sortrank asc limit 0, $line ";
        $sql = "SELECT * From `#@__arctype` WHERE reid='$typeid' And ishidden<>1 order by sortrank asc limit 0, $line ";
    } else if ($type == 'self') {
        if ($reid == 0) return '';
        $sql = "SELECT id,typename,typedir,isdefault,ispart,defaultname,namerule2,moresite,siteurl,sitepath
            FROM `#@__arctype` WHERE reid='$reid' And ishidden<>1 order by sortrank asc limit 0, $line ";
        $sql = "SELECT * FROM `#@__arctype` WHERE reid='$reid' And ishidden<>1 order by sortrank asc limit 0, $line ";
    }
    //And id<>'$typeid'
    $needRel = false;
    $dtp2 = new DedeTagParse();
    $dtp2->SetNameSpace('field', '[', ']');
    $dtp2->LoadSource($innertext);
    //检查是否有子栏目，并返回rel提示（用于二级菜单）
    if (preg_match('#:rel#', $innertext)) $needRel = true;
    if (empty($sql)) return '';
    $dsql->SetQuery($sql);
    $dsql->Execute();
    $totalRow = $dsql->GetTotalRow();
    //如果用子栏目模式，当没有子栏目时显示同级栏目
    if ($type == 'son' && $reid != 0 && $totalRow == 0) {
        $sql = "SELECT id,typename,typedir,isdefault,ispart,defaultname,namerule2,moresite,siteurl,sitepath
            FROM `#@__arctype` WHERE reid='$reid' And ishidden<>1 order by sortrank asc limit 0, $line ";
        $sql = "SELECT * FROM `#@__arctype` WHERE reid='$reid' And ishidden<>1 order by sortrank asc limit 0, $line ";
        $dsql->SetQuery($sql);
        $dsql->Execute();
    }
@@ -121,17 +106,15 @@ function lib_channel(&$ctag, &$refObj)
            }
            if ($col > 1) $likeType .= "</dd>\r\n";
            $GLOBALS['autoindex']++;
        }
        //Loop Col
        }//Loop Col
        if ($col > 1) {
            $i += $col - 1;
            $likeType .= "    </dl>\r\n";
        }
    }
    //Loop for $i
    }//Loop for $i
    $dsql->FreeResult();
    if ($cacheid != '') {
        WriteCacheBlock($cacheid, $likeType);
    }
    return $likeType;
 }
 }
--- a/src/include/taglib/channelartlist.lib.php
+++ b/src/include/taglib/channelartlist.lib.php
@@ -1,4 +1,5 @@
 <?php if (!defined('DEDEINC')) exit('Request Error!');
 <?php
 if (!defined('DEDEINC')) exit('Request Error!');
 /**
 * 获取当前频道的下级栏目的内容列表标签
 *
@@ -8,13 +9,10 @@
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 require_once(DEDEINC . '/arc.partview.class.php');
 function lib_channelartlist(&$ctag, &$refObj)
 {
    global $dsql, $envs, $_sys_globals;
    //处理标记属性、innertext
    $attlist = 'typeid|0,row|20,cacheid|';
    FillAttsDefault($ctag->CAttribute->Items, $attlist);
@@ -27,15 +25,12 @@ function lib_channelartlist(&$ctag, &$refObj)
        $artlist = GetCacheBlock($cacheid);
        if ($artlist != '') return $artlist;
    }
    if (empty($typeid)) {
        $typeid = (!empty($refObj->TypeLink->TypeInfos['id']) ?  $refObj->TypeLink->TypeInfos['id'] : 0);
    }
    if ($innertext == '') $innertext = GetSysTemplets('part_channelartlist.htm');
    $totalnum = $row;
    if (empty($totalnum)) $totalnum = 20;
    //获得类别ID总数的信息
    $typeids = array();
    if ($typeid == 0 || $typeid == 'top') {
@@ -47,21 +42,25 @@ function lib_channelartlist(&$ctag, &$refObj)
            $tpsql = " id IN($typeid) AND ispart<>2 AND ishidden<>1 ";
        }
    }
    $dsql->SetQuery("SELECT id,typename,typedir,isdefault,ispart,defaultname,namerule2,moresite,siteurl,sitepath 
                                            FROM `#@__arctype` WHERE $tpsql ORDER BY sortrank ASC LIMIT $totalnum");
    $dsql->SetQuery("SELECT * FROM `#@__arctype` WHERE $tpsql ORDER BY sortrank ASC LIMIT $totalnum");
    $dsql->Execute();
    while ($row = $dsql->GetArray()) {
        $typeids[] = $row;
    }
    if (!isset($typeids[0])) return '';
    $GLOBALS['itemindex'] = 0;
    $GLOBALS['itemparity'] = 1;
    for ($i = 0; isset($typeids[$i]); $i++) {
        $GLOBALS['itemindex']++;
        $pv = new PartView($typeids[$i]['id']);
        $pv->Fields['typeurl'] = GetOneTypeUrlA($typeids[$i]);
        //栏目高亮
 		if($typeids[$i]['id'] == $refObj->TypeLink->TypeInfos['id'] || $typeids[$i]['id'] == $refObj->TypeLink->TypeInfos['reid'] || $typeids[$i]['id'] == $refObj->TypeLink->TypeInfos['topid'] || $typeids[$i]['id'] == GetTopid($refObj->TypeLink->TypeInfos['id']) )
 		{
 			$pv->Fields['currentstyle'] = $currentstyle ? $currentstyle : 'current';
 		} else {
 			$pv->Fields['currentstyle'] = '';
 		}
        $pv->SetTemplet($innertext, 'string');
        $artlist .= $pv->GetResult();
        $GLOBALS['itemparity'] = ($GLOBALS['itemparity'] == 1 ? 2 : 1);
@@ -73,4 +72,4 @@ function lib_channelartlist(&$ctag, &$refObj)
        WriteCacheBlock($cacheid, $artlist);
    }
    return $artlist;
 }
 }
--- a/src/include/taglib/type.lib.php
+++ b/src/include/taglib/type.lib.php
@@ -1,4 +1,5 @@
 <?php if (!defined('DEDEINC')) exit('Request Error!');
 <?php
 if (!defined('DEDEINC')) exit('Request Error!');
 /**
 * 指定的单个栏目的链接标签
 *
@@ -8,27 +9,20 @@
 * @license        https://www.dedebiz.com/license
 * @link           https://www.dedebiz.com
 */
 function lib_type(&$ctag, &$refObj)
 {
    global $dsql, $envs;
    $attlist = 'typeid|0';
    FillAttsDefault($ctag->CAttribute->Items, $attlist);
    extract($ctag->CAttribute->Items, EXTR_SKIP);
    $innertext = trim($ctag->GetInnerText());
    if ($typeid == 0) {
        $typeid = (isset($refObj->TypeLink->TypeInfos['id']) ? $refObj->TypeLink->TypeInfos['id'] : $envs['typeid']);
    }
    if (empty($typeid)) return '';
    $row = $dsql->GetOne("SELECT id,typename,typedir,isdefault,ispart,defaultname,namerule2,moresite,siteurl,sitepath 
                          FROM `#@__arctype` WHERE id='$typeid' ");
    $row = $dsql->GetOne("SELECT * FROM `#@__arctype` WHERE id='$typeid' ");
    if (!is_array($row)) return '';
    if (trim($innertext) == '') $innertext = GetSysTemplets("part_type_list.htm");
    $dtp = new DedeTagParse();
    $dtp->SetNameSpace('field', '[', ']');
    $dtp->LoadSource($innertext);
@@ -44,4 +38,4 @@ function lib_type(&$ctag, &$refObj)
        unset($dtp);
        return $revalue;
    }
 }
 }