|
|
<?php |
|
|
namespace app\admin\controller; |
|
|
use think\Db; |
|
|
|
|
|
class Template extends Base |
|
|
{ |
|
|
public function __construct() |
|
|
{ |
|
|
parent::__construct(); |
|
|
} |
|
|
|
|
|
public function index() |
|
|
{ |
|
|
$param = input(); |
|
|
$path = $param['path']; |
|
|
$path = str_replace('\\','',$path); |
|
|
$path = str_replace('/','',$path); |
|
|
|
|
|
if(empty($path)){ |
|
|
$path = '.@template'; |
|
|
} |
|
|
|
|
|
if(substr($path,0,10) != ".@template") { $path = ".@template"; } |
|
|
if(count( explode(".@",$path) ) > 2) { |
|
|
$this->error(lang('illegal_request')); |
|
|
return; |
|
|
} |
|
|
|
|
|
$uppath = substr($path,0,strrpos($path,"@")); |
|
|
$ischild = 0; |
|
|
if ($path !=".@template"){ |
|
|
$ischild = 1; |
|
|
} |
|
|
|
|
|
$config = config('maccms.site'); |
|
|
if($param['current']==1){ |
|
|
$path = '.@template@' . $config['template_dir'] .'@' . $config['html_dir'] ; |
|
|
$ischild = 0; |
|
|
$pp = str_replace('@','/',$path); |
|
|
$filters = $pp.'/*'; |
|
|
} |
|
|
elseif($param['label']==1){ |
|
|
$path = '.@template@' . $config['template_dir'] .'@' . $config['html_dir'] ; |
|
|
$ischild = 0; |
|
|
$pp = str_replace('@','/',$path); |
|
|
$filters = $pp.'/label/*'; |
|
|
} |
|
|
elseif($param['ads']==1){ |
|
|
$path = '.@template@' . $config['template_dir'] .'@' . $config['html_dir'] ; |
|
|
$ischild = 0; |
|
|
$pp = str_replace('@','/',$path); |
|
|
$filters = $pp.'/ads/*'; |
|
|
} |
|
|
else{ |
|
|
$pp = str_replace('@','/',$path); |
|
|
$filters = $pp.'/*'; |
|
|
} |
|
|
|
|
|
$this->assign('curpath',$path); |
|
|
$this->assign('uppath',$uppath); |
|
|
$this->assign('ischild',$ischild); |
|
|
|
|
|
$num_path = 0; |
|
|
$num_file = 0; |
|
|
$sum_size = 0; |
|
|
$files = []; |
|
|
|
|
|
if(is_dir($pp)) { |
|
|
$farr = glob($filters); |
|
|
if ($farr) { |
|
|
foreach ($farr as $f) { |
|
|
|
|
|
if(is_dir($f)) { |
|
|
$num_path++; |
|
|
$tmp_path = str_replace('./template/', '.@template/', $f); |
|
|
$tmp_path = str_replace('/', '@', $tmp_path); |
|
|
$tmp_name = str_replace($path . '@', '', $tmp_path); |
|
|
$ftime = filemtime($f); |
|
|
|
|
|
$files[] = ['isfile' => 0, 'name' => $tmp_name, 'path' => $tmp_path, 'note'=>lang('dir'), 'time' => $ftime]; |
|
|
} |
|
|
elseif(is_file($f)) { |
|
|
$num_file++; |
|
|
$fsize = filesize($f); |
|
|
$sum_size += $fsize; |
|
|
$fsize = mac_format_size($fsize); |
|
|
$ftime = filemtime($f); |
|
|
$tmp_path = mac_convert_encoding($f, "UTF-8", "GB2312"); |
|
|
|
|
|
$path_info = @pathinfo($f); |
|
|
$tmp_path = $path_info['dirname']; |
|
|
$tmp_name = $path_info['basename']; |
|
|
|
|
|
$files[] = ['isfile' => 1, 'name' => $tmp_name, 'path' => $tmp_path, 'fullname'=> $tmp_path.'/'.$tmp_name, 'size' => $fsize,'note'=>lang('file'), 'time' => $ftime]; |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
$this->assign('sum_size',mac_format_size($sum_size)); |
|
|
$this->assign('num_file',$num_file); |
|
|
$this->assign('num_path',$num_path); |
|
|
$this->assign('files',$files); |
|
|
|
|
|
$this->assign('title',lang('admin/template/title')); |
|
|
return $this->fetch('admin@template/index'); |
|
|
} |
|
|
|
|
|
public function ads() |
|
|
{ |
|
|
$adsdir = $GLOBALS['config']['site']['ads_dir']; |
|
|
if(empty($adsdir)){ |
|
|
$adsdir='ads'; |
|
|
} |
|
|
$path = './template/'.$GLOBALS['config']['site']['template_dir'].'/'.$adsdir ; |
|
|
if(!file_exists($path)){ |
|
|
mac_mkdirss($path); |
|
|
} |
|
|
|
|
|
$filters = $path.'/*.js'; |
|
|
$num_file=0; |
|
|
$sum_size=0; |
|
|
$farr = glob($filters); |
|
|
if ($farr) { |
|
|
foreach ($farr as $f) { |
|
|
if(is_file($f)) { |
|
|
$num_file++; |
|
|
$fsize = filesize($f); |
|
|
$sum_size += $fsize; |
|
|
$fsize = mac_format_size($fsize); |
|
|
$ftime = filemtime($f); |
|
|
$tmp_path = mac_convert_encoding($f, "UTF-8", "GB2312"); |
|
|
|
|
|
$path_info = @pathinfo($f); |
|
|
$tmp_path = $path_info['dirname']; |
|
|
$tmp_name = $path_info['basename']; |
|
|
|
|
|
$files[] = ['isfile' => 1, 'name' => $tmp_name, 'path' => $tmp_path, 'fullname'=> $tmp_path.'/'.$tmp_name, 'size' => $fsize,'note'=>lang('file'), 'time' => $ftime]; |
|
|
} |
|
|
} |
|
|
} |
|
|
$this->assign('curpath',$path); |
|
|
$this->assign('sum_size',mac_format_size($sum_size)); |
|
|
$this->assign('num_file',$num_file); |
|
|
$this->assign('files',$files); |
|
|
$this->assign('title',lang('admin/template/ads/title')); |
|
|
return $this->fetch('admin@template/ads'); |
|
|
} |
|
|
|
|
|
public function info() |
|
|
{ |
|
|
$param = input(); |
|
|
|
|
|
$fname = $param['fname']; |
|
|
$fpath = $param['fpath']; |
|
|
|
|
|
if( empty($fpath)){ |
|
|
$this->error(lang('param_err').'1'); |
|
|
return; |
|
|
} |
|
|
$fpath = str_replace('@','/',$fpath); |
|
|
$fullname = $fpath .'/' .$fname; |
|
|
$fullname = str_replace('\\','/',$fullname); |
|
|
|
|
|
if( (substr($fullname,0,10) != "./template") || count( explode("./",$fullname) ) > 2) { |
|
|
$this->error(lang('param_err').'2'); |
|
|
return; |
|
|
} |
|
|
$path = pathinfo($fullname); |
|
|
if(!empty($fname)) { |
|
|
$extarr = array('html', 'htm', 'js', 'xml'); |
|
|
if (!in_array($path['extension'], $extarr)) { |
|
|
$this->error(lang('admin/template/ext_safe_tip')); |
|
|
return; |
|
|
} |
|
|
} |
|
|
|
|
|
$filter = '<\?|php|eval|server|assert|get|post|request|cookie|session|input|env|config|call|global|dump|print|phpinfo|fputs|fopen|global|chr|strtr|pack|system|gzuncompress|shell|base64|file|proc|preg|call|ini|{:|{$|{~|{-|{+|{/'; |
|
|
$this->assign('filter',$filter); |
|
|
|
|
|
if (Request()->isPost()) { |
|
|
$validate = \think\Loader::validate('Token'); |
|
|
if(!$validate->check($param)){ |
|
|
return $this->error($validate->getError()); |
|
|
} |
|
|
|
|
|
$validate = \think\Loader::validate('Template'); |
|
|
if(!$validate->check($param)){ |
|
|
return $this->error($validate->getError()); |
|
|
} |
|
|
|
|
|
$fcontent = $param['fcontent']; |
|
|
$r = mac_reg_replace($fcontent,$filter,"*"); |
|
|
if($fcontent !== $r){ |
|
|
$this->error(lang('admin/template/php_safe_tip')); |
|
|
return; |
|
|
} |
|
|
$res = @fwrite(fopen($fullname,'wb'),$fcontent); |
|
|
|
|
|
if($res===false){ |
|
|
return $this->error(lang('save_err')); |
|
|
} |
|
|
return $this->success(lang('save_ok')); |
|
|
} |
|
|
|
|
|
$fcontent = @file_get_contents($fullname); |
|
|
$fcontent = str_replace('</textarea>','</textarea>',$fcontent); |
|
|
$this->assign('fname',$fname); |
|
|
$this->assign('fpath',$fpath); |
|
|
$this->assign('fcontent',$fcontent); |
|
|
|
|
|
return $this->fetch('admin@template/info'); |
|
|
} |
|
|
|
|
|
public function del() |
|
|
{ |
|
|
$param = input(); |
|
|
$fname = $param['fname']; |
|
|
if(!empty($fname)){ |
|
|
if(!is_array($fname)){ |
|
|
$fname = [$fname]; |
|
|
} |
|
|
foreach($fname as $a){ |
|
|
$a = str_replace('\\','/',$a); |
|
|
|
|
|
if( (substr($a,0,10) != "./template") || count( explode("./",$a) ) > 2) { |
|
|
|
|
|
} |
|
|
else{ |
|
|
$a = mac_convert_encoding($a,"UTF-8","GB2312"); |
|
|
if(file_exists($a)){ @unlink($a); } |
|
|
} |
|
|
} |
|
|
} |
|
|
return $this->success(lang('del_ok')); |
|
|
} |
|
|
|
|
|
public function wizard() |
|
|
{ |
|
|
$this->assign('title',lang('admin/template/wizard/title')); |
|
|
return $this->fetch('admin@template/wizard'); |
|
|
} |
|
|
|
|
|
} |
|
|
|
