DedeBIZ
/
DedeV6
關註 2
收藏 0
複製 0
程式碼 合併請求 0 版本發佈 29 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2626 Commit
3 分支
1.7GB
目錄樹: 251b73097f
分支列表 標籤列表
${ item.name }
Create branch ${ searchTerm }
from '251b73097f'
${ noResults }
DedeV6/src/admin/sys_info.php

165 line
5.7KB
原始文件 Blame 文件歷史 

  1. <?php

  2. /**

  3.  * 系统设置

  4.  *

  5.  * @version        $id:sys_info.php 22:28 2010年7月20日 tianya $

  6.  * @package        DedeBIZ.Administrator

  7.  * @copyright      Copyright (c) 2022 DedeBIZ.COM

  8.  * @license        GNU GPL v2 (https://www.dedebiz.com/license)

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. CheckPurview('sys_Edit');

  13. if (empty($dopost)) $dopost = '';

  14. $configfile = DEDEDATA.'/config.cache.inc.php';

  15. //更新配置函数

  16. function ReWriteConfig()

  17. {

  18.     global $dsql, $configfile;

  19.     if (!is_writeable($configfile)) {

  20.         echo "配置文件{$configfile}不支持写入,无法修改系统配置参数";

  21.         exit();

  22.     }

  23.     $fp = fopen($configfile, 'w');

  24.     flock($fp, 3);

  25.     fwrite($fp, "<"."?php\r\n");

  26.     $dsql->SetQuery("SELECT `varname`,`type`,`value`,`groupid` FROM `#@__sysconfig` ORDER BY aid ASC");

  27.     $dsql->Execute();

  28.     while ($row = $dsql->GetArray()) {

  29.         if ($row['type'] == 'number') {

  30.             $row['value'] = preg_replace("#[^0-9.-]#","", $row['value']);

  31.             if ($row['value'] == '') $row['value'] = 0;

  32.             fwrite($fp, "\${$row['varname']} = ".$row['value'].";\r\n");

  33.         } else {

  34.             $row['value'] = stripslashes($row['value']);

  35.             fwrite($fp, "\${$row['varname']} = '".str_replace(array("'","\\"), '', $row['value'])."';\r\n");

  36.         }

  37.     }

  38.     fwrite($fp, "?".">");

  39.     fclose($fp);

  40. }

  41. //保存配置的改动

  42. if ($dopost == "save") {

  43.     CheckCSRF();

  44.     foreach ($_POST as $k => $v) {

  45.         if (preg_match("#^edit___#", $k)) {

  46.             $v = cn_substrR(${$k}, 1024);

  47.         } else {

  48.             continue;

  49.         }

  50.         $k = preg_replace("#^edit___#", "", $k);

  51.         

  52.         $v = $dsql->Esc($v);

  53.         $k = $dsql->Esc($k);

  54.         $dsql->ExecuteNoneQuery("UPDATE `#@__sysconfig` SET `value`='$v' WHERE varname='$k' ");

  55.     }

  56.     ReWriteConfig();

  57.     ShowMsg("成功修改系统设置", "sys_info.php");

  58.     exit();

  59. }

  60. //添加新变量

  61. else if ($dopost == 'add') {

  62.     CheckCSRF();

  63.     if ($vartype == 'bool' && ($nvarvalue != 'Y' && $nvarvalue != 'N')) {

  64.         ShowMsg("布尔变量值必须为Y或N", "-1");

  65.         exit();

  66.     }

  67.     if ($valtype == 'number') {

  68.         $nvarvalue = preg_replace("[^0-9.]","", $nvarvalue);

  69.     }

  70.     if (trim($nvarname) == '' || preg_match("#[^a-z_]#i", $nvarname)) {

  71.         ShowMsg("变量名称不能为空并且必须为a-z_组成", "-1");

  72.         exit();

  73.     }

  74.     $row = $dsql->GetOne("SELECT varname FROM `#@__sysconfig` WHERE varname LIKE '$nvarname' ");

  75.     if (is_array($row)) {

  76.         ShowMsg("变量名称已经存在", "-1");

  77.         exit();

  78.     }

  79.     $row = $dsql->GetOne("SELECT aid FROM `#@__sysconfig` ORDER BY aid DESC");

  80.     $aid = intval($row['aid']) + 1;

  81.     $varmsg = HtmlReplace($varmsg);

  82.     $inquery = "INSERT INTO `#@__sysconfig` (`aid`,`varname`,`info`,`value`,`type`,`groupid`) VALUES ('$aid','$nvarname','$varmsg','$nvarvalue','$vartype','$vargroup')";

  83.     $rs = $dsql->ExecuteNoneQuery($inquery);

  84.     if (!$rs) {

  85.         ShowMsg("新增变量失败,有非法字符", "sys_info.php?gp=$vargroup");

  86.         exit();

  87.     }

  88.     if (!is_writeable($configfile)) {

  89.         ShowMsg("成功保存变量,由于".$configfile."无法写入,更新配置文件失败", "sys_info.php?gp=$vargroup");

  90.         exit();

  91.     } else {

  92.         ReWriteConfig();

  93.         ShowMsg("成功添加一则变量", "sys_info.php?gp=$vargroup");

  94.         exit();

  95.     }

  96. }

  97. //搜索配置

  98. else if ($dopost == 'search') {

  99.     $keywords = isset($keywords) ? strip_tags($keywords) : '';

  100.     $i = 1;

  101.     $configstr = <<<EOT

  102. <table id="tdSearch" class="table table-borderless">

  103. <thead>

  104.     <tr>

  105.         <td width="25%">变量说明</td>

  106.         <td width="50%">变量值</td>

  107.         <td scope="col">变量名称</td>

  108.     </tr>

  109. </thead>

  110. <tbody>

  111. EOT;

  112.     echo $configstr;

  113.     if ($keywords) {

  114.         $dsql->SetQuery("SELECT * FROM `#@__sysconfig` WHERE info LIKE '%$keywords%' OR varname LIKE '%$keywords%' ORDER BY aid ASC");

  115.         $dsql->Execute();

  116.         while ($row = $dsql->GetArray()) {

  117.             $row['info'] = preg_replace("#{$keywords}#", '<b class="text-danger">'.$keywords.'</b>', $row['info']);

  118.             $row['varname'] = preg_replace("#{$keywords}#", '<b class="text-danger">'.$keywords.'</b>', $row['varname']);

  119.     ?>

  120. <tr>

  121.     <td><?php echo $row['info'];?></td>

  122.     <td>

  123.         <?php

  124.         if ($row['type'] == 'bool') {

  125.             $c1 = '';

  126.             $c2 = '';

  127.             $row['value'] == 'Y' ? $c1 = "checked" : $c2 = "checked";

  128.             echo "<label><input type='radio' name='edit___{$row['varname']}' value='Y' $c1> 是</label> ";

  129.             echo "<label><input type='radio' name='edit___{$row['varname']}' value='N' $c2> 否</label> ";

  130.         } else if ($row['type'] == 'bstring') {

  131.             echo "<textarea name='edit___{$row['varname']}' row='4' id='edit___{$row['varname']}' class='admin-textarea-xl'>".dede_htmlspecialchars($row['value'])."</textarea>";

  132.         } else if ($row['type'] == 'number') {

  133.             echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value='{$row['value']}' class='w-65'>";

  134.         } else {

  135.             echo "<input type='text' name='edit___{$row['varname']}' id='edit___{$row['varname']}' value=\"".dede_htmlspecialchars($row['value'])."\" class='w-65'>";

  136.         }

  137.         ?>

  138.     </td>

  139.     <td><?php echo $row['varname'] ?></td>

  140. </tr>

  141. <?php

  142. }

  143. ?>

  144. </tbody>

  145. </table>

  146. <?php

  147. exit;

  148. }

  149. if ($i == 1) {

  150.     echo '</tbody></table>';

  151. }

  152. exit;

  153. } else if ($dopost == 'make_encode') {

  154.     $chars = 'abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789';

  155.     $hash = '';

  156.     $length = rand(28, 32);

  157.     $max = strlen($chars) - 1;

  158.     for ($i = 0; $i < $length; $i++) {

  159.         $hash .= $chars[mt_rand(0, $max)];

  160.     }

  161.     echo $hash;

  162.     exit();

  163. }

  164. include DedeInclude('templets/sys_info.htm');

  165. ?>