3 yıl önce · b2d6ff1ac9
--- a/README.md
+++ b/README.md
@@ -1,16 +1,16 @@
 ## DedeBIZ
 ## DedeCMSV6

 国内流行的内容管理系统（CMS）多端全媒体解决方案，DedeBIZ系统基于PHP7.X开发，具有很强的可扩展性，并且完全开放源代码DedeBIZ商业支持采用现流行的Go语言设计开发，让DedeCMS系统拥有简单易用、灵活扩展特性之外更安全、高效模板设计制作简单一直是系统的一大特点，全新的版本延续了之前标签引擎，同时采用响应式模板引擎Bootstrap作为系统模板渲染引擎，让搭建跨终端（移动、PC）全媒体站点更简单
 国内流行的内容管理系统（CMS）多端全媒体解决方案，DedeCMSV6系统基于PHP7.X开发，同时兼容PHP8，具有很强的可扩展性，并且完全开放源代码DedeBIZ商业支持采用现流行的Go语言设计开发，让系统拥有简单易用、灵活扩展特性之外更安全、高效，模板设计制作简单一直是系统的一大特点，全新的版本延续了之前标签引擎，同时采用响应式模板引擎Bootstrap作为系统模板渲染引擎，让搭建跨终端（移动、PC）全媒体站点更简单。

 ## 版本说明

 DedeBIZ.x是一个LTS版本，支持将到2022年10月截止，目前DedeBIZ已经发布，可以[点击下载](https://www.dedebiz.com/download)获取
 DedeCMSV6.x是一个LTS版本，支持将到2022年10月截止，目前DedeCMSV6已经发布，可以[点击下载](https://www.dedebiz.com/download)获取

 ## 参与开源

 访问[代码托管](https://www.dedebiz.com/git)，可以看到我们已经将代码托管在几个知名代码托管平台，可以通过提交Pull requests的方式来贡献您的力量

 ## v6.1 Roadmap
 ## v6.2 Roadmap

 我们将会收集、整理新的功能需求制定新的Roadmap

--- a/docs/changelog.md
+++ b/docs/changelog.md
@@ -6,6 +6,9 @@
 - 修正已知存在的安全问题；
 - 优化系统管理后台界面；
 - 修正sqlite3下的错误；
 - 系统结构调整，更合理规范；
 - 增加编辑器多图上传插件；
 - 修正自定义表单相关错误；

 # v6.0.0
 - 调整DedeCMS目录结构，将原有include中外部访问的内容迁移出去；
@@ -19,8 +22,8 @@
 - 调整会员中心UI，移除对文件上传的支持，增加系统安全性；
 - 移除对Flash的依赖支持，今后版本采用HTML5相关特性；
 - 调整v6版本程序升级相关功能；
 - 兼容PHP7.4，DedeCMS未来的版本以PHP7.X为主，实验性支持PHP8.X；
 - 兼容PHP7.4，未来的版本以PHP7.X为主，实验性支持PHP8.X；
 - 系统支持HTTPS；
 - 默认模板重新设计制作，采用响应式布局；
 - 官方网站页面调整，调整部分内容以适应未来的版本更新；
 - 增加DedeBIZ商业支持，构建更安全、稳定的DedeCMS生态；
 - 增加DedeBIZ商业支持，构建更安全、稳定的织梦生态；
--- a/src/a/.dedekeep
+++ b/src/a/.dedekeep
--- a/src/admin/diy_add.php
+++ b/src/admin/diy_add.php
@@ -34,10 +34,16 @@ if (empty($action)) {
        ShowMsg("可能自定义表单的‘diyid’、‘名称’在数据库中已存在，不能重复使用", "-1");
        exit();
    }
    $query = "SHOW TABLES FROM {$dsql->dbName} ";
    if ($cfg_dbtype=="sqlite") {
        $query = " SELECT name FROM sqlite_master WHERE type='table' ORDER BY name;";
    } else {
        $query = "SHOW TABLES";
    }
    
    $dsql->SetQuery($query);
    $dsql->Execute();
    while ($row = $dsql->getarray()) {
    $dsql->Execute("biz");

    while ($row = $dsql->GetArray("biz")) {
        if (empty($row[0])) $row[0] = '';
        if ($table == $row[0]) {
            showmsg('指定的表在数据库中重复', '-1');
--- a/src/admin/diy_edit.php
+++ b/src/admin/diy_edit.php
@@ -31,7 +31,7 @@ function __Delete()
 else if ($dopost == "delete") {
    @set_time_limit(0);
    CheckPurview('c_Del');
    $row = $dsql->GetOne("SELECT * FROM #@__diyforms WHERE diyid='$diyid'");
    $row = $dsql->GetOne("SELECT * FROM `#@__diyforms` WHERE diyid='$diyid'");
    if (empty($job)) $job = "";
    //确认提示
    if ($job == "") {
@@ -65,5 +65,5 @@ else if ($dopost == "delete") {
 /*----------------
 function edit()
 -----------------*/
 $row = $dsql->GetOne("Select * From #@__diyforms where diyid='$diyid'");
 $row = $dsql->GetOne("SELECT * FROM `#@__diyforms` WHERE diyid='$diyid'");
 include DEDEADMIN."/templets/diy_edit.htm";
--- a/src/admin/diy_field_add.php
+++ b/src/admin/diy_field_add.php
@@ -21,8 +21,8 @@ function Save()
 if ($action == 'save') {
    //模型信息
    $fieldname = strtolower($fieldname);
    $row = $dsql->GetOne("SELECT `table`,`info` FROM #@__diyforms WHERE diyid='$diyid'");
    $fieldset = $row['info'];
    $row = $dsql->GetOne("SELECT `table`,`info` FROM `#@__diyforms` WHERE diyid='$diyid'");
    $fieldset = stripslashes($row['info']);
    require_once(DEDEINC."/dedetag.class.php");
    $dtp = new DedeTagParse();
    $dtp->SetNameSpace("field", "<", ">");
--- a/src/admin/diy_field_edit.php
+++ b/src/admin/diy_field_edit.php
@@ -17,8 +17,8 @@ if (empty($action)) $action = '';
 $mysql_version = $dsql->GetVersion();
 $mysql_versions = explode(".", trim($mysql_version));
 $mysql_version = $mysql_versions[0].".".$mysql_versions[1];
 $row = $dsql->GetOne("SELECT `table`,`info` FROM #@__diyforms WHERE diyid='$diyid'");
 $fieldset = $row['info'];
 $row = $dsql->GetOne("SELECT `table`,`info` FROM `#@__diyforms` WHERE diyid='$diyid'");
 $fieldset = stripslashes($row['info']);
 $trueTable = $row['table'];
 $dtp = new DedeTagParse();
 $dtp->SetNameSpace("field", "<", ">");
--- a/src/admin/diy_list.php
+++ b/src/admin/diy_list.php
@@ -16,7 +16,7 @@ if (empty($diyid)) {
    showMsg("非法操作!", 'javascript:;');
    exit();
 }
 require_once DEDEINC.'/diyform.cls.php';
 require_once DEDEINC.'/diyform.class.php';
 $diy = new diyform($diyid);
 if ($action == 'post') {
    if (empty($do)) {
@@ -31,7 +31,7 @@ if ($action == 'post') {
                exit();
            }
        }
        $diyform = $dsql->getOne("SELECT * FROM #@__diyforms WHERE diyid=$diyid");
        $diyform = $dsql->getOne("SELECT * FROM `#@__diyforms` WHERE diyid=$diyid");
        if (!is_array($diyform)) {
            showmsg("自定义表单不存在", '-1');
            exit();
@@ -96,7 +96,7 @@ if ($action == 'post') {
        include DEDEADMIN.'/templets/diy_edit_content.htm';
    } else if ($do == 2) {
        $dede_fields = empty($dede_fields) ? '' : trim($dede_fields);
        $diyform = $dsql->GetOne("SELECT * FROM #@__diyforms WHERE diyid=$diyid");
        $diyform = $dsql->GetOne("SELECT * FROM `#@__diyforms` WHERE diyid=$diyid");
        $diyco = $dsql->GetOne("SELECT * FROM `$diy->table` WHERE id='$id'");
        if (!is_array($diyform)) {
            showmsg("自定义表单不存在", '-1');
--- a/src/admin/makehtml_homepage.php
+++ b/src/admin/makehtml_homepage.php
@@ -12,10 +12,6 @@ require_once(dirname(__FILE__)."/config.php");
 CheckPurview('sys_MakeHtml');
 require_once(DEDEINC."/archive/partview.class.php");
 if (empty($dopost)) $dopost = '';
 if (!preg_match('#\.htm$#i', trim($templet))) {
    ShowMsg("不是合法的模板文件，后缀必须为.htm", "javascript:;");
    exit();
 }
 if ($dopost == "view") {
    $pv = new PartView();
    $templet = str_replace("{style}", $cfg_df_style, $templet);
--- a/src/admin/mychannel_edit.php
+++ b/src/admin/mychannel_edit.php
@@ -524,7 +524,7 @@ else if ($dopost == 'modifysearch') {
        $intarr = array('int', 'float');
        $textarr = array('textdata', 'textchar', 'text', 'htmltext', 'multitext');
        if ($channel['issystem'] < 0) {
            foreach ($addonfields as $addonfield) {
            foreach ((array)$addonfields as $addonfield) {
                if ($addonfield == 'typeid') {
                    require_once(DEDEINC."/typelink/typelink.class.php");
                    $tl = new TypeLink(0);
--- a/src/admin/mychannel_field_add.php
+++ b/src/admin/mychannel_field_add.php
@@ -43,7 +43,7 @@ if ($action == 'save') {

    //模型信息
    $row = $dsql->GetOne("SELECT fieldset,addtable,issystem FROM `#@__channeltype` WHERE id='$id'");
    $fieldset = $row['fieldset'];
    $fieldset = stripslashes($row['fieldset']);
    $dtp = new DedeTagParse();
    $dtp->SetNameSpace("field", "<", ">");
    $dtp->LoadSource($fieldset);
--- a/src/admin/mychannel_field_edit.php
+++ b/src/admin/mychannel_field_edit.php
@@ -19,7 +19,7 @@ $mysql_version = $dsql->GetVersion();

 //获取模型信息
 $row = $dsql->GetOne("SELECT fieldset,'' as maintable,addtable,issystem FROM `#@__channeltype` WHERE id='$id'");
 $fieldset = $row['fieldset'];
 $fieldset = stripslashes($row['fieldset']);
 $trueTable = $row['addtable'];

 $dtp = new DedeTagParse();
--- a/src/admin/templets/album_add.htm
+++ b/src/admin/templets/album_add.htm
@@ -217,7 +217,7 @@ table{border-collapse:separate}
        </td>
      </tr>
      <tr>
        <td><?php PrintAutoFieldsAdd($cInfos['fieldset'],'autofield'); ?></td>
        <td><?php PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']),'autofield'); ?></td>
      </tr>
      <tr>
        <td height="26" bgcolor="#F9FCEF" class="bline2">&nbsp;<strong>图集选项：</strong></td>
--- a/src/admin/templets/album_edit.htm
+++ b/src/admin/templets/album_edit.htm
@@ -208,7 +208,7 @@ if($cfg_need_typeid2=='Y') {
    <?php } ?>
    <tr>
      <td><?php
        PrintAutoFieldsEdit($cInfos['fieldset'],$addRow,'autofield');
        PrintAutoFieldsEdit(stripslashes($cInfos['fieldset']),$addRow,'autofield');
      ?></td>
    </tr>
    <tr>
--- a/src/admin/templets/archives_add.htm
+++ b/src/admin/templets/archives_add.htm
@@ -201,7 +201,7 @@ table{border-collapse:separate}
      </tr>
      <?php } ?>
      <tr>
        <td><?php PrintAutoFieldsAdd($cInfos['fieldset']); ?></td>
        <td><?php PrintAutoFieldsAdd(stripslashes($cInfos['fieldset'])); ?></td>
      </tr>
      <tr>
        <td width="100%" height="26">
--- a/src/admin/templets/archives_edit.htm
+++ b/src/admin/templets/archives_edit.htm
@@ -196,7 +196,7 @@ table{border-collapse:separate}
      <tr>
        <td>
        <?php
        PrintAutoFieldsEdit($cInfos['fieldset'],$addRow);
        PrintAutoFieldsEdit(stripslashes($cInfos['fieldset']),$addRow);
        ?>
        </td>
      </tr>
--- a/src/admin/templets/archives_sg_add.htm
+++ b/src/admin/templets/archives_sg_add.htm
@@ -168,7 +168,7 @@ table{border-collapse:separate}
    </tr>
     <?php } ?>
    <tr>
     <td><?php PrintAutoFieldsAdd($cInfos['fieldset'],'autofield'); ?></td>
     <td><?php PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']),'autofield'); ?></td>
    </tr>
  </table>
  <table width="98%" border="0" cellspacing="0" cellpadding="0" align="center" bgcolor="#f6f6f6" style="border:1px solid #cfcfcf;border-top:none" class="mb-3">
--- a/src/admin/templets/archives_sg_edit.htm
+++ b/src/admin/templets/archives_sg_edit.htm
@@ -157,7 +157,7 @@ table{border-collapse:separate}
    <tr>
     <td>
      <?php
        PrintAutoFieldsEdit($cInfos['fieldset'],$addRow,'autofield');
        PrintAutoFieldsEdit(stripslashes($cInfos['fieldset']),$addRow,'autofield');
      ?>
     </td>
   </tr>
--- a/src/admin/templets/article_add.htm
+++ b/src/admin/templets/article_add.htm
@@ -250,7 +250,7 @@ table{border-collapse:separate}
        </td>
      </tr>
      <tr>
        <td colspan="2"><?php PrintAutoFieldsAdd($cInfos['fieldset'],'autofield'); ?></td>
        <td colspan="2"><?php PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']),'autofield'); ?></td>
      </tr>
      <tr>
        <td height="26" colspan="2" bgcolor="#F9FCEF" class="bline2">
--- a/src/admin/templets/article_edit.htm
+++ b/src/admin/templets/article_edit.htm
@@ -217,7 +217,7 @@ table{border-collapse:separate}
      <tr>
        <td colspan="2">
          <?php
          PrintAutoFieldsEdit($cInfos['fieldset'],$addRow,'autofield');
          PrintAutoFieldsEdit(stripslashes($cInfos['fieldset']),$addRow,'autofield');
          ?>
        </td>
      </tr>
--- a/src/admin/templets/diy_edit.htm
+++ b/src/admin/templets/diy_edit.htm
@@ -108,7 +108,7 @@ foreach($ds as $d){
 	$dds = explode(',',trim($d));
 	$fieldtypes[$dds[0]] = $dds[1];
 }
 $fieldset = $row['info'];
 $fieldset = stripslashes($row['info']);
 $dtp = new DedeTagParse();
 $dtp->SetNameSpace("field","<",">");
 $dtp->LoadSource($fieldset);
--- a/src/admin/templets/mychannel_edit.htm
+++ b/src/admin/templets/mychannel_edit.htm
@@ -316,7 +316,7 @@ foreach($ds as $d){
 	$dds = explode(',',trim($d));
 	$fieldtypes[$dds[0]] = $dds[1];
 }
 $fieldset = $row['fieldset'];
 $fieldset = stripslashes($row['fieldset']);
 $dtp = new DedeTagParse();
 $dtp->SetNameSpace("field","<",">");
 $dtp->LoadSource($fieldset);
@@ -385,7 +385,7 @@ else
        </td>
        <td width="65%" bgcolor="#FFFFFF">
          <textarea name="fieldset" style="width:99%;height:300px" rows="10"
            id="fieldset"><?php echo $row['fieldset']; ?></textarea>
            id="fieldset"><?php echo stripslashes($row['fieldset']); ?></textarea>
        </td>
      </tr>
    </table>
--- a/src/admin/templets/soft_add.htm
+++ b/src/admin/templets/soft_add.htm
@@ -321,7 +321,7 @@ table{border-collapse:separate}
        </td>
      </tr>
      <tr>
        <td><?php PrintAutoFieldsAdd($cInfos['fieldset'],'autofield'); ?></td>
        <td><?php PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']),'autofield'); ?></td>
      </tr>
      <tr>
        <td height="26" bgcolor="#F9FCEF"" class="bline2"><strong>&nbsp;下载限制：</strong></td>
--- a/src/admin/templets/soft_edit.htm
+++ b/src/admin/templets/soft_edit.htm
@@ -310,7 +310,7 @@ table{border-collapse:separate}
        </td>
      </tr>
      <tr>
        <td><?php PrintAutoFieldsEdit($cInfos['fieldset'],$addRow,'autofield'); ?></td>
        <td><?php PrintAutoFieldsEdit(stripslashes($cInfos['fieldset']),$addRow,'autofield'); ?></td>
      </tr>
      <tr>
        <td height="26" bgcolor="#F9FCEF" class="bline2">&nbsp;<strong>下载限制：</strong></td>
--- a/src/admin/templets/spec_add.htm
+++ b/src/admin/templets/spec_add.htm
@@ -295,7 +295,7 @@ table{border-collapse:separate}
        </td>
      </tr>
      <tr>
        <td><?php PrintAutoFieldsAdd($cInfos['fieldset'],'autofield'); ?></td>
        <td><?php PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']),'autofield'); ?></td>
      </tr>
    </table>
    <table width="98%" border="0" align="center" cellpadding="2" style="border:1px solid #cfcfcf;background:#ffffff;display:none;" cellspacing="2" id="adset">
--- a/src/admin/templets/spec_edit.htm
+++ b/src/admin/templets/spec_edit.htm
@@ -317,7 +317,7 @@ table{border-collapse:separate}
      <tr>
        <td>
        <?php
        PrintAutoFieldsEdit($cInfos['fieldset'],$addRow,'autofield');
        PrintAutoFieldsEdit(stripslashes($cInfos['fieldset']),$addRow,'autofield');
        ?>
        </td>
      </tr>
--- a/src/admin/templets/sys_sql_query.htm
+++ b/src/admin/templets/sys_sql_query.htm
@@ -38,9 +38,15 @@
                  <tr>
                    <td width="35%">
                      <select name="tablename" id="tablename" style="width:100%;height: auto;" size="6">
                        <?php
 $dsql->SetQuery("Show Tables");
 <?php
 if ($cfg_dbtype=="sqlite") {
  $query = "SELECT name FROM sqlite_master WHERE type='table' ORDER BY name;";
 } else {
  $query = "SHOW TABLES FROM {$GLOBALS['cfg_dbname']} ";
 }
 $dsql->SetQuery($query);
 $dsql->Execute('t');

 while($row = $dsql->GetArray('t',MYSQL_BOTH))
 {
 	$dsql->SetQuery("Select count(*) From ".$row[0]);
--- a/src/apps/diy.php
+++ b/src/apps/diy.php
@@ -17,7 +17,7 @@ if (empty($diyid)) {
    showMsg('非法操作!', 'javascript:;');
    exit();
 }
 require_once DEDEINC.'/diyform.cls.php';
 require_once DEDEINC.'/diyform.class.php';
 $diy = new diyform($diyid);
 /*----------------------------
 function Post(){ }
--- a/src/data/admin/ver.txt
+++ b/src/data/admin/ver.txt
@@ -1 +1 @@
 20220305
 20220315
--- a/src/data/admin/verifies.txt
+++ b/src/data/admin/verifies.txt
@@ -1 +1 @@
 20201022
 20220315
--- a/src/system/common.func.php
+++ b/src/system/common.func.php
@@ -46,6 +46,12 @@ if (version_compare(PHP_VERSION, '7.0.0', '>=')) {
        }
    }
 }
 // 一个支持在PHP Cli Server打印的方法
 function var_dump_cli($val){
    ob_start();
    var_dump($val);
    error_log(ob_get_clean(), 4);
 }
 function get_mime_type($filename)
 {
    if (! function_exists('finfo_open'))
@@ -290,7 +296,7 @@ if (file_exists(DEDEINC.'/extend.func.php')) {
 function litimgurls($imgid=0)
 {
    global $lit_imglist,$dsql;
    $row = $dsql->GetOne("SELECT c.addtable FROM #@__archives AS a LEFT JOIN #@__channeltype AS c ON a.channel=c.id where a.id='$imgid'");
    $row = $dsql->GetOne("SELECT c.addtable FROM `#@__archives` AS a LEFT JOIN `#@__channeltype` AS c ON a.channel=c.id where a.id='$imgid'");
    $addtable = trim($row['addtable']);
    $row = $dsql->GetOne("Select imgurls From `$addtable` where aid='$imgid'");
    $ChannelUnit = new ChannelUnit(2,$imgid);
@@ -322,13 +328,13 @@ function AddFilter($channelid, $type=1, $fieldsnamef=array(), $defaulttid=0, $lo
    $tid = $defaulttid ? $defaulttid : $tid;
    if ($id!="")
    {
        $tidsq = $dsql->GetOne(" Select typeid From `#@__archives` where id='$id' ");
        $tidsq = $dsql->GetOne("SELECT typeid FROM `#@__archives` WHERE id='$id' ");
        $tid = $tidsq["typeid"];
    }
    $nofilter = (isset($_REQUEST['TotalResult']) ? "&TotalResult=".$_REQUEST['TotalResult'] : '').(isset($_REQUEST['PageNo']) ? "&PageNo=".$_REQUEST['PageNo'] : '');
    $filterarr = string_filter(stripos($_SERVER['REQUEST_URI'], "list.php?tid=") ? str_replace($nofilter, '', $_SERVER['REQUEST_URI']) : $GLOBALS['cfg_cmsurl']."/apps/list.php?tid=".$tid);
    $cInfos = $dsql->GetOne(" Select * From  `#@__channeltype` where id='$channelid' ");
    $fieldset=$cInfos['fieldset'];
    $cInfos = $dsql->GetOne("SELECT * FROM  `#@__channeltype` WHERE id='$channelid' ");
    $fieldset=stripslashes($cInfos['fieldset']);
    $dtp = new DedeTagParse();
    $dtp->SetNameSpace('field','<','>');
    $dtp->LoadSource($fieldset);
--- a/src/system/common.inc.php
+++ b/src/system/common.inc.php
@@ -257,6 +257,15 @@ $cfg_biz_helpUrl = DEDEBIZURL."/help";
 $cfg_biz_gitUrl = DEDEBIZURL."/git";
 $cfg_biz_dedebizUrl = DEDEBIZURL;
 //引入数据库类
 if (!defined('MYSQL_BOTH')) {
    define('MYSQL_BOTH', MYSQLI_BOTH);
 }
 if (!defined('MYSQL_ASSOC')) {
    define('MYSQL_ASSOC', MYSQLI_ASSOC);
 }
 if (!defined('MYSQL_NUM')) {
    define('MYSQL_NUM', MYSQLI_NUM);
 }
 if ($GLOBALS['cfg_dbtype'] == 'mysql' || $GLOBALS['cfg_dbtype'] == 'mysqli') {
    require_once(DEDEINC.'/database/dedesqli.class.php');
 } else {
--- a/src/system/database/dedesqli.class.php
+++ b/src/system/database/dedesqli.class.php
@@ -31,12 +31,7 @@ $dsql = $dsqli = $db = new DedeSqli(FALSE);
 * @subpackage     DedeBIZ.Libraries
 * @link           https://www.dedebiz.com
 */
 if (!defined('MYSQL_BOTH')) {
    define('MYSQL_BOTH', MYSQLI_BOTH);
 }
 if (!defined('MYSQL_ASSOC')) {
    define('MYSQL_ASSOC', MYSQLI_ASSOC);
 }

 class DedeSqli
 {
    var $linkID;
@@ -60,6 +55,11 @@ class DedeSqli
        $this->isClose = FALSE;
        $this->safeCheck = TRUE;
        $this->pconnect = $pconnect;
        $this->dbHost   =  $GLOBALS['cfg_dbhost'];
        $this->dbUser   =  $GLOBALS['cfg_dbuser'];
        $this->dbPwd    =  $GLOBALS['cfg_dbpwd'];
        $this->dbName   =  $GLOBALS['cfg_dbname'];
        $this->dbPrefix =  $GLOBALS['cfg_dbprefix'];
        if ($nconnect) {
            $this->Init($pconnect);
        }
@@ -73,11 +73,7 @@ class DedeSqli
        $this->linkID = 0;
        //$this->queryString = '';
        //$this->parameters = Array();
        $this->dbHost   =  $GLOBALS['cfg_dbhost'];
        $this->dbUser   =  $GLOBALS['cfg_dbuser'];
        $this->dbPwd    =  $GLOBALS['cfg_dbpwd'];
        $this->dbName   =  $GLOBALS['cfg_dbname'];
        $this->dbPrefix =  $GLOBALS['cfg_dbprefix'];

        $this->result["me"] = 0;
        $this->Open($pconnect);
    }
@@ -488,9 +484,9 @@ EOT;
    //显示数据链接错误信息
    function DisplayError($msg)
    {
        $errorTrackFile = dirname(__FILE__).'/../data/mysqli_error_trace.inc';
        if (file_exists(dirname(__FILE__).'/../data/mysqli_error_trace.php')) {
            @unlink(dirname(__FILE__).'/../data/mysqli_error_trace.php');
        $errorTrackFile = dirname(__FILE__).'/../../data/mysqli_error_trace.inc';
        if (file_exists(dirname(__FILE__).'/../../data/mysqli_error_trace.php')) {
            @unlink(dirname(__FILE__).'/../../data/mysqli_error_trace.php');
        }
        if ($this->showError) {
            $emsg = '';
--- a/src/system/database/dedesqlite.class.php
+++ b/src/system/database/dedesqlite.class.php
@@ -265,7 +265,7 @@ class DedeSqlite
        $this->Execute($id, $sql);
    }
    //执行一个SQL语句,返回前一条记录或仅返回一条记录
    function GetOne($sql = '', $acctype = MYSQLI_ASSOC)
    function GetOne($sql = '', $acctype = SQLITE3_ASSOC)
    {
        global $dsqlite;
        if (!$dsqlite->isInit) {
@@ -495,9 +495,9 @@ EOT;
    //显示数据链接错误信息
    function DisplayError($msg)
    {
        $errorTrackFile = dirname(__FILE__).'/../data/mysqli_error_trace.inc';
        if (file_exists(dirname(__FILE__).'/../data/mysqli_error_trace.php')) {
            @unlink(dirname(__FILE__).'/../data/mysqli_error_trace.php');
        $errorTrackFile = dirname(__FILE__).'/../../data/mysqli_error_trace.inc';
        if (file_exists(dirname(__FILE__).'/../../data/mysqli_error_trace.php')) {
            @unlink(dirname(__FILE__).'/../../data/mysqli_error_trace.php');
        }
        if ($this->showError) {
            $emsg = '';
--- a/src/system/diyform.class.php
+++ b/src/system/diyform.class.php
@@ -3,7 +3,7 @@ if (!defined('DEDEINC')) exit('dedebiz');
 /**
 * 自定义表单解析类
 *
 * @version        $Id: diyform.cls.php 1 10:31 2010年7月6日Z tianya $
 * @version        $Id: diyform.class.php 1 10:31 2010年7月6日Z tianya $
 * @package        DedeBIZ.Libraries
 * @copyright      Copyright (c) 2022, DedeBIZ.COM
 * @license        https://www.dedebiz.com/license
@@ -44,13 +44,13 @@ class diyform
    {
        $this->diyid = $diyid;
        $this->db = $GLOBALS['dsql'];
        $query = "SELECT * FROM #@__diyforms WHERE diyid='{$diyid}'";
        $query = "SELECT * FROM `#@__diyforms` WHERE diyid='{$diyid}'";
        $diyinfo = $this->db->GetOne($query);
        if (!is_array($diyinfo)) {
            showMsg('参数不正确，该自定义表单不存在', 'javascript:;');
            exit();
        }
        $this->info = $diyinfo['info'];
        $this->info = stripslashes($diyinfo['info']);
        $this->name = $diyinfo['name'];
        $this->table = $diyinfo['table'];
        $this->public = $diyinfo['public'];
--- a/src/user/album_add.php
+++ b/src/user/album_add.php
@@ -122,7 +122,7 @@ else if ($dopost == 'save') {
        }

        //这里对前台提交的附加数据进行一次校验
        $fontiterm = PrintAutoFieldsAdd($cInfos['fieldset'], 'autofield', FALSE);
        $fontiterm = PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']), 'autofield', FALSE);
        if ($fontiterm != $inadd_f) {
            ShowMsg("提交表单同系统配置不相符,请重新提交", "-1");
            exit();
--- a/src/user/album_edit.php
+++ b/src/user/album_edit.php
@@ -112,7 +112,7 @@ else if ($dopost == 'save') {
            }
        }
        //这里对前台提交的附加数据进行一次校验
        $fontiterm = PrintAutoFieldsAdd($cInfos['fieldset'], 'autofield', FALSE);
        $fontiterm = PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']), 'autofield', FALSE);
        if ($fontiterm != $inadd_m) {
            ShowMsg("提交表单同系统配置不相符,请重新提交", "-1");
            exit();
--- a/src/user/archives_add.php
+++ b/src/user/archives_add.php
@@ -81,7 +81,7 @@ else if ($dopost == 'save') {
        }

        //这里对前台提交的附加数据进行一次校验
        $fontiterm = PrintAutoFieldsAdd($cInfos['fieldset'], 'autofield', FALSE);
        $fontiterm = PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']), 'autofield', FALSE);
        if ($fontiterm != $inadd_f) {
            ShowMsg("提交表单同系统配置不相符,请重新提交", "-1");
            exit();
--- a/src/user/archives_edit.php
+++ b/src/user/archives_edit.php
@@ -77,7 +77,7 @@ else if ($dopost == 'save') {
        }

        //这里对前台提交的附加数据进行一次校验
        $fontiterm = PrintAutoFieldsAdd($cInfos['fieldset'], 'autofield', FALSE);
        $fontiterm = PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']), 'autofield', FALSE);
        if ($fontiterm != $inadd_m) {
            ShowMsg("提交表单同系统配置不相符,请重新提交", "-1");
            exit();
--- a/src/user/archives_sg_add.php
+++ b/src/user/archives_sg_add.php
@@ -140,7 +140,7 @@ else if ($dopost == 'save') {
        }

        //这里对前台提交的附加数据进行一次校验
        $fontiterm = PrintAutoFieldsAdd($cInfos['fieldset'], 'autofield', FALSE);
        $fontiterm = PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']), 'autofield', FALSE);
        if ($fontiterm != str_replace('`', '', $inadd_f)) {
            ShowMsg("提交表单同系统配置不相符,请重新提交", "-1");
            exit();
--- a/src/user/archives_sg_edit.php
+++ b/src/user/archives_sg_edit.php
@@ -118,7 +118,7 @@ else if ($dopost == 'save') {
        }

        //这里对前台提交的附加数据进行一次校验
        $fontiterm = PrintAutoFieldsAdd($cInfos['fieldset'], 'autofield', FALSE);
        $fontiterm = PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']), 'autofield', FALSE);
        if ($fontiterm != $inadd_m) {
            ShowMsg("提交表单同系统配置不相符,请重新提交", "-1");
            exit();
--- a/src/user/article_add.php
+++ b/src/user/article_add.php
@@ -72,7 +72,7 @@ else if ($dopost == 'save') {
    }

    //这里对前台提交的附加数据进行一次校验
    $fontiterm = PrintAutoFieldsAdd($cInfos['fieldset'], 'autofield', FALSE);
    $fontiterm = PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']), 'autofield', FALSE);
    if ($fontiterm != $inadd_f) {
        ShowMsg("提交表单同系统配置不相符,请重新提交", "-1");
        exit();
--- a/src/user/article_edit.php
+++ b/src/user/article_edit.php
@@ -70,7 +70,7 @@ else if ($dopost == 'save') {
        }

        //这里对前台提交的附加数据进行一次校验
        $fontiterm = PrintAutoFieldsAdd($cInfos['fieldset'], 'autofield', FALSE);
        $fontiterm = PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']), 'autofield', FALSE);

        if ($fontiterm != $inadd_m) {
            ShowMsg("提交表单同系统配置不相符,请重新提交", "-1");
--- a/src/user/soft_add.php
+++ b/src/user/soft_add.php
@@ -102,7 +102,7 @@ else if ($dopost == 'save') {
        }

        //这里对前台提交的附加数据进行一次校验
        $fontiterm = PrintAutoFieldsAdd($cInfos['fieldset'], 'autofield', FALSE);
        $fontiterm = PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']), 'autofield', FALSE);
        if ($fontiterm != $inadd_f) {
            ShowMsg("提交表单同系统配置不相符,请重新提交", "-1");
            exit();
--- a/src/user/soft_edit.php
+++ b/src/user/soft_edit.php
@@ -137,7 +137,7 @@ else if ($dopost == 'save') {
        }

        //这里对前台提交的附加数据进行一次校验
        $fontiterm = PrintAutoFieldsAdd($cInfos['fieldset'], 'autofield', FALSE);
        $fontiterm = PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']), 'autofield', FALSE);
        if ($fontiterm != $inadd_f) {
            ShowMsg("提交表单同系统配置不相符,请重新提交", "-1");
            exit();
--- a/src/user/templets/album_add.htm
+++ b/src/user/templets/album_add.htm
@@ -76,7 +76,7 @@
                  </div>
                  <?php
                    //自定义字段
                    PrintAutoFieldsAdd($cInfos['fieldset'],'autofield');
                    PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']),'autofield');
                  ?>
                  <!-- 表单操作区域 -->
                  <label>图集内容</label>
--- a/src/user/templets/archives_add.htm
+++ b/src/user/templets/archives_add.htm
@@ -74,7 +74,7 @@
                  </div>
                  <?php
                    //自定义字段
                    PrintAutoFieldsAdd($cInfos['fieldset'],'autofield');
                    PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']),'autofield');
                  ?>
                  <!-- 表单操作区域 -->
                  <div class="contentShow postForm">
--- a/src/user/templets/archives_edit.htm
+++ b/src/user/templets/archives_edit.htm
@@ -73,7 +73,7 @@
                  </div>
                  <?php
                    //自定义字段
                    PrintAutoFieldsEdit($cInfos['fieldset'], $addRow, 'autofield');
                    PrintAutoFieldsEdit(stripslashes($cInfos['fieldset']), $addRow, 'autofield');
                  ?>
                  <!-- 表单操作区域 -->
                  <div class="contentShow postForm">
--- a/src/user/templets/archives_sg_add.htm
+++ b/src/user/templets/archives_sg_add.htm
@@ -74,7 +74,7 @@
                  </div>
                  <?php
                    //自定义字段
                    PrintAutoFieldsAdd($cInfos['fieldset'],'autofield');
                    PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']),'autofield');
                  ?>
                  <!-- 表单操作区域 -->
                  <div class="contentShow postForm">
--- a/src/user/templets/archives_sg_edit.htm
+++ b/src/user/templets/archives_sg_edit.htm
@@ -61,7 +61,7 @@
                  </div>
                  <?php
                    //自定义字段
                    PrintAutoFieldsEdit($cInfos['fieldset'], $addRow, 'autofield');
                    PrintAutoFieldsEdit(stripslashes($cInfos['fieldset']), $addRow, 'autofield');
                  ?>
                  <!-- 表单操作区域 -->
                  <div class="contentShow postForm">
--- a/src/user/templets/article_add.htm
+++ b/src/user/templets/article_add.htm
@@ -74,7 +74,7 @@
                  </div>
                  <?php
                    //自定义字段
                    PrintAutoFieldsAdd($cInfos['fieldset'],'autofield');
                    PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']),'autofield');
                  ?>
                  <!-- 表单操作区域 -->
                  <label>详细内容</label>
--- a/src/user/templets/soft_add.htm
+++ b/src/user/templets/soft_add.htm
@@ -184,7 +184,7 @@
                  </div>
                  <?php
                    //自定义字段
                    PrintAutoFieldsAdd($cInfos['fieldset'],'autofield');
                    PrintAutoFieldsAdd(stripslashes($cInfos['fieldset']),'autofield');
                  ?>
                  <!-- 表单操作区域 -->
                  <div class="contentShow postForm">
--- a/src/user/templets/soft_edit.htm
+++ b/src/user/templets/soft_edit.htm
@@ -186,7 +186,7 @@
                  </div>
                  <?php
                    //自定义字段
                    PrintAutoFieldsEdit($cInfos['fieldset'],$addRow,'autofield');
                    PrintAutoFieldsEdit(stripslashes($cInfos['fieldset']),$addRow,'autofield');
                  ?>
                  <!-- 表单操作区域 -->
                  <div class="contentShow postForm">