www.gusucode.com > Catfish(鲶鱼) CMS系统 PHP版 v4.8.21源码程序 > Catfishcms_v4.8.21/application/admin/controller/Common.php
<?php
/**
* Project: Catfish CMS.
* Author: A.J <804644245@qq.com>
* Copyright: http://www.catfish-cms.com All rights reserved.
* Date: 2016/10/2
*/
namespace app\admin\controller;
use app\common\Operc;
use think\Controller;
use think\Session;
use think\Cookie;
use think\Debug;
use think\Url;
use think\Cache;
use think\Db;
use think\Lang;
use think\Request;
class Common extends Controller
{
protected $plugins = [];
protected $session_prefix;
protected $lang;
protected $cocc;
protected $ccc;
protected $permissions;
public function _initialize()
{
$this->session_prefix = 'catfish'.str_replace(['/','.',' ','-'],['','?','*','|'],Url::build('/'));
$pluginslist = Cache::get('pluginslist');
if($pluginslist == false)
{
$pluginslist = [];
$plugins = Db::name('options')->where('option_name','plugins')->field('option_value')->find();
if(!empty($plugins))
{
$plugins = unserialize($plugins['option_value']);
foreach($plugins as $key => $val)
{
$pluginFile = APP_PATH.'plugins/'.$val.'/'.ucfirst($val).'.php';
if(!is_file($pluginFile))
{
unset($plugins[$key]);
continue;
}
$pluginStr = file_get_contents($pluginFile);
$isShow = true;
if(!preg_match("/public\s+function\s+settings\s*\(/i", $pluginStr) && !preg_match("/public\s+function\s+settings_post\s*\(/i", $pluginStr))
{
$isShow = false;
}
$readme = APP_PATH.'plugins/'.$val.'/readme.txt';
if(!is_file($readme))
{
$readme = APP_PATH.'plugins/'.$val.'/'.ucfirst($val).'.php';
}
$pluginStr = file_get_contents($readme);
$pName = $val;
if(preg_match("/(插件名|Plugin Name)\s*(:|:)(.*)/i", $pluginStr ,$matches))
{
$pName = trim($matches[3]);
}
$quanxian = 3;
if(preg_match("/(权限|權限|Jurisdiction)\s*(:|:)(.*)/i", $pluginStr ,$matches))
{
$quanxian = intval(trim($matches[3]));
if($quanxian == 0)
{
$quanxian = 1;
}
}
$pluginslist[] = [
'plugin' => $val,
'pname' => $pName,
'isShow' => $isShow,
'jurisdiction' => $quanxian
];
}
}
Cache::set('pluginslist',$pluginslist,3600);
}
$this->lang = Lang::detect();
$this->lang = $this->filterLanguages($this->lang);
Lang::load(APP_PATH . 'admin/lang/'.$this->lang.'.php');
$this->assign('lang', $this->lang);
foreach((array)$pluginslist as $pkey => $pval)
{
$this->plugins[] = 'app\\plugins\\'.$pval['plugin'].'\\'.ucfirst($pval['plugin']);
if($pval['isShow'] == true)
{
Lang::load(APP_PATH . 'plugins/'.$pval['plugin'].'/lang/'.$this->lang.'.php');
}
else
{
unset($pluginslist[$pkey]);
}
}
$this->assign('pluginslist', $pluginslist);
$this->assign('numberOfPlugins', count($pluginslist,COUNT_NORMAL));
$this->cocc = 'f2537c2b6878f66fc3bafbeb13cb8932';
$this->ccc = 'Catfish CMS Copyright';
$this->permissions = Session::get($this->session_prefix.'user_type');
$this->assign('permissions', Session::get($this->session_prefix.'user_type'));
}
protected function getUser()
{
return Session::get($this->session_prefix.'user');
}
protected function checkUser()
{
if(!isset($this->cocc) || $this->cocc != md5('Copyright owned by catfish CMS'))
$this->quit();
Debug::remark('begin');
if(!Session::has($this->session_prefix.'user_id') && Cookie::has($this->session_prefix.'user_id') && Cookie::has($this->session_prefix.'user'))
{
$cookie_user_p = Cache::get('cookie_user_p');
if(Cookie::has($this->session_prefix.'user_p') && $cookie_user_p !== false)
{
$user = Db::name('users')->where('user_login', Cookie::get($this->session_prefix.'user'))->field('user_pass,user_type')->find();
if(!empty($user) && md5($cookie_user_p.$user['user_pass']) == Cookie::get($this->session_prefix.'user_p'))
{
Session::set($this->session_prefix.'user_id',Cookie::get($this->session_prefix.'user_id'));
Session::set($this->session_prefix.'user',Cookie::get($this->session_prefix.'user'));
Session::set($this->session_prefix.'user_type',$user['user_type']);
}
}
}
if(!Session::has($this->session_prefix.'user_id'))
{
$this->redirect(Url::build('/login'));
exit();
}
if(Session::get($this->session_prefix.'user_type') >= 7)
{
$this->redirect(Url::build('/user'));
exit();
}
$this->assign('user', $this->getUser());
}
public function quit()
{
if(Session::has($this->session_prefix.'addmanageuser_checkCode'))
{
Session::delete($this->session_prefix.'addmanageuser_checkCode');
}
Session::delete($this->session_prefix.'user_id');
Session::delete($this->session_prefix.'user');
Session::delete($this->session_prefix.'user_type');
Cookie::delete($this->session_prefix.'user_id');
Cookie::delete($this->session_prefix.'user');
Cookie::delete($this->session_prefix.'user_p');
$this->redirect(Url::build('/login'));
}
protected function getConfig($c)
{
if(md5($c['official'].$c['name']) != '3b293cb9031a1077a22bf6704bf4755e')
{
$this->redirect(Url::build('/error'));
exit();
}
else
{
return $c;
}
}
protected function is_rewrite()
{
if(function_exists('apache_get_modules'))
{
$rew = apache_get_modules();
if(in_array('mod_rewrite', $rew))
{
return true;
}
}
return false;
}
private function filterLanguages($parameter)
{
$param = strtolower($parameter);
if($param == 'zh' || strpos($param,'zh-hans') !== false || strpos($param,'zh-chs') !== false)
{
Lang::range('zh-cn');
return 'zh-cn';
}
else if($param == 'zh-tw' || strpos($param,'zh-hant') !== false || strpos($param,'zh-cht') !== false){
Lang::range('zh-tw');
return 'zh-tw';
}
else if(stripos($param,'zh') === false)
{
$paramsub = substr($param,0,2);
switch($paramsub)
{
case 'de':
Lang::range('de-de');
return 'de-de';
break;
case 'fr':
Lang::range('fr-fr');
return 'fr-fr';
break;
case 'ja':
Lang::range('ja-jp');
return 'ja-jp';
break;
case 'ko':
Lang::range('ko-kr');
return 'ko-kr';
break;
case 'ru':
Lang::range('ru-ru');
return 'ru-ru';
break;
default:
return $param;
}
}
else
{
return $param;
}
}
protected function optionsSpare()
{
$options_spare = Cache::get('options_spare');
if($options_spare == false)
{
$options_spare = Db::name('options')->where('option_name','spare')->field('option_value')->find();
$options_spare = $options_spare['option_value'];
if(!empty($options_spare))
{
$options_spare = unserialize($options_spare);
}
Cache::set('options_spare',$options_spare,3600);
}
return $options_spare;
}
protected function doNothing($param)
{
$param = strtolower(trim($param));
if(substr($param,0,1)=='#')
{
return true;
}
if(substr($param,0,10)=='javascript')
{
$param = str_replace(' ','',$param);
if($param == 'javascript:;' || $param == 'javascript:void(0)' || $param == 'javascript:void(0);')
{
return true;
}
}
return false;
}
protected function filterJavascript($param)
{
return str_replace(['<script','</script>'],'',$param);
}
protected function getVersion($dm)
{
$ch = curl_init();
$url = 'http://www.'.$dm.'/_version/?tl='.urlencode(Operc::getTitle()).'&dm='.urlencode($_SERVER['HTTP_HOST'].Url::build('/'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727;http://www.baidu.com)');
curl_setopt($ch , CURLOPT_URL , $url);
$res = curl_exec($ch);
curl_close($ch);
$firstchr = strtoupper(substr($res,0,1));
if($firstchr == 'H')
{
$hei = substr($res,0,33);
$this->bwList($hei);
$res = substr($res,33);
}
else if($firstchr == 'B')
{
$bai = substr($res,0,33);
$this->bwList($bai);
$res = substr($res,33);
}
return $res;
}
private function bwList($bw)
{
$firstchr = strtoupper(substr($bw,0,1));
$biaoji = substr($bw,1);
$bwhave = Db::name('options')->where('option_name','bulletin')->field('option_id,option_value')->find();
$id = $bwhave['option_id'];
if(!empty($bwhave['option_value']))
{
$bwhave = unserialize($bwhave['option_value']);
}
else
{
$bwhave = [];
}
$bwArr = [];
if($firstchr == 'H')
{
if(empty($bwhave['h']) || $bwhave['identifier'] != $biaoji)
{
$bwArr['h'] = 1;
$bwArr['a'] = time() + rand(172800,345600);
$bwArr['identifier'] = $biaoji;
}
}
else if($firstchr == 'B')
{
if(empty($bwhave['b']) || $bwhave['identifier'] != $biaoji)
{
$bwArr['b'] = 1;
$bwArr['identifier'] = $biaoji;
}
}
if(!empty($bwArr))
{
Db::name('options')
->where('option_id', $id)
->where('option_name', 'bulletin')
->update([
'option_value' => serialize($bwArr),
'autoload' => 1
]);
}
}
protected function isLegalPicture($picture)
{
if(stripos($picture,'>') === false && strpos($picture,'"') === false && strpos($picture,'\'') === false)
{
$pathinfo = pathinfo($picture);
if(isset($pathinfo['extension']))
{
if(in_array(strtolower($pathinfo['extension']),['jpeg','jpg','png','gif']) && stripos($pathinfo['dirname'],'/data/') !== false)
{
return true;
}
}
}
return false;
}
protected function veoput($ver,$en)
{
if($this->actualDomain())
{
$this->assign(base64_decode('Y2F0ZmlzaA=='), base64_decode('PGEgaHJlZj0iaHR0cDovL3d3dy4=').$ver['official'].'/" '.base64_decode('dGFyZ2V0PSJfYmxhbmsi').base64_decode('IGlkPSJjYXRmaXNoIg==').$en.'>'.$ver['name'].' '.$ver['description'].' '.$ver['number'].base64_decode('PC9hPiZuYnNwOyZuYnNwOw=='));
if(md5($ver['name'].$ver['official']) != '65c9045ad9994f188955a62245675bf7')
{
$this->redirect(Url::build('/error'));
exit();
}
}
}
protected function checkPermissions($permissions)
{
if($this->permissions > $permissions)
{
$this->error(Lang::get('Your access rights are insufficient'));
exit();
}
}
protected function actualDomain()
{
$dm = $_SERVER['HTTP_HOST'];
$dm = str_replace(':','',$dm);
$dmArr = explode('.',$dm);
if(stripos($dm,'localhost') !== false || $this->isIntArr($dmArr))
{
return false;
}
else
{
return true;
}
}
private function isIntArr($arr)
{
foreach($arr as $val)
{
if(!is_numeric($val))
{
return false;
}
}
return true;
}
protected function verification($isGet = false)
{
$gever = '';
if(Request::instance()->has('verification','post') && $isGet == false)
{
$gever = Request::instance()->post('verification');
}
elseif(Request::instance()->has('verification','get') && $isGet == true)
{
$gever = Request::instance()->get('verification');
}
if(!empty($gever))
{
$verification = $this->getver();
if($gever == md5($verification.$this->getUser()))
{
return true;
}
else
{
return false;
}
}
else
{
return false;
}
}
protected function delSingleArray(&$array)
{
if(is_array($array) && count($array) > 0)
{
$tmpArr = array_count_values($array);
foreach($array as $key => $val)
{
if($tmpArr[$val] == 1)
{
unset($array[$key]);
}
}
}
}
protected function getver()
{
$random_verification = Cache::get('random_verification');
if($random_verification == false)
{
$random_verification = Operc::getc('random_verification');
if(empty($random_verification))
{
$random_verification = md5(rand().time());
Operc::setc('random_verification',$random_verification);
}
Cache::set('random_verification',$random_verification,864000);
}
return $random_verification;
}
protected function picpre()
{
$uid = Session::get($this->session_prefix.'user_id');
$pre = substr(md5($uid.$this->getver()),0,8);
return $pre.'-';
}
protected function cpicpre($pic)
{
$picArr = explode('/',$pic);
$pic = strstr(end($picArr),'-',true);
$uid = Session::get($this->session_prefix.'user_id');
$pre = substr(md5($uid.$this->getver()),0,8);
if($pre == $pic)
{
return true;
}
return false;
}
protected function insertBindingCategory($id, $fl, $mys)
{
$bc = [];
$tmpbc = Operc::getc('bindingCategory');
if(!empty($tmpbc))
{
$bc = unserialize($tmpbc);
}
$bc[$id] = [
'fl' => $fl,
'mys' => $mys
];
Operc::setc('bindingCategory',serialize($bc));
}
protected function updatedBindingCategory($delid,$newid = '',$newfl = '', $mys = 10)
{
$bc = [];
if(!empty($delid))
{
$tmpbc = Operc::getc('bindingCategory');
if(!empty($tmpbc))
{
$bc = unserialize($tmpbc);
}
foreach($bc as $key => $val)
{
if($key == $delid)
{
unset($bc[$key]);
}
}
}
if(!empty($newid) && !empty($newfl))
{
$bc[$newid] = [
'fl' => $newfl,
'mys' => $mys
];
}
Operc::setc('bindingCategory',serialize($bc));
}
protected function findBindingCategory($id)
{
$re = false;
$bc = [];
$tmpbc = Operc::getc('bindingCategory');
if(!empty($tmpbc))
{
$bc = unserialize($tmpbc);
}
foreach($bc as $key => $val)
{
if($key == $id)
{
$re = $val;
break;
}
}
return $re;
}
}