www.gusucode.com > Catfish(鲶鱼) CMS系统 PHP版 v4.8.21源码程序 > Catfishcms_v4.8.21/application/user/controller/Common.php
<?php /** * Project: Catfish CMS. * Author: A.J <804644245@qq.com> * Copyright: http://www.catfish-cms.com All rights reserved. * Date: 2016/10/16 */ namespace app\user\controller; use app\admin\controller\Tree; use app\common\Operc; use think\Controller; use think\Session; use think\Cookie; use think\Url; use think\Cache; use think\Db; use think\Config; use think\Lang; use think\Hook; use think\Request; class Common extends Controller { protected $session_prefix; protected $lang; protected $cocc; protected $ccc; protected $params = []; protected $plugins = []; protected $options_spare; public function _initialize() { $this->session_prefix = 'catfish'.str_replace(['/','.',' ','-'],['','?','*','|'],Url::build('/')); $this->options_spare = $this->optionsSpare(); $this->lang = Lang::detect(); $this->lang = $this->filterLanguages($this->lang); Lang::load(APP_PATH . 'user/lang/'.$this->lang.'.php'); $this->cocc = 'f2537c2b6878f66fc3bafbeb13cb8932'; $this->ccc = 'Catfish CMS Copyright'; if(isset($this->options_spare['guanbi']) && $this->options_spare['guanbi'] == 1) { $this->closeWeb(); exit(); } } protected function checkUser() { if(!Session::has($this->session_prefix.'user_id') && Cookie::has($this->session_prefix.'user_id') && Cookie::has($this->session_prefix.'user')) { $cookie_user_p = Cache::get('cookie_user_p'); if(Cookie::has($this->session_prefix.'user_p') && $cookie_user_p !== false) { $user = Db::name('users')->where('user_login', Cookie::get($this->session_prefix.'user'))->field('user_pass,user_type')->find(); if(!empty($user) && md5($cookie_user_p.$user['user_pass']) == Cookie::get($this->session_prefix.'user_p')) { Session::set($this->session_prefix.'user_id',Cookie::get($this->session_prefix.'user_id')); Session::set($this->session_prefix.'user',Cookie::get($this->session_prefix.'user')); Session::set($this->session_prefix.'user_type',$user['user_type']); } } } if(!Session::has($this->session_prefix.'user_id')) { $this->redirect(Url::build('/login')); } if(Session::get($this->session_prefix.'user_type') == 1) { $this->redirect(Url::build('/admin')); } $this->assign('login', $this->getUser()); } protected function getUser() { return Session::get($this->session_prefix.'user'); } protected function receive() { if(!isset($this->cocc) || $this->cocc != md5('Copyright owned by catfish CMS')) return false; $data_options = Cache::get('options'); if($data_options == false) { $data_options = Db::name('options')->where('autoload',1)->field('option_name,option_value')->select(); Cache::set('options',$data_options,3600); } $ns = ''; if(Operc::aut()) { $ns = Operc::bdc('IHN0eWxlPSJkaXNwbGF5OiBub25lOyI='); } $version = Config::get('version'); $this->assign('catfish', '<a href="http://www.'.$version['official'].'/" target="_blank" id="catfish"'.$ns.'>'.$version['name'].' '.$version['description'].' '.$version['number'].'</a> '); foreach($data_options as $key => $val) { if($val['option_name'] == 'copyright' || $val['option_name'] == 'statistics') { $this->assign($val['option_name'], unserialize($val['option_value'])); } else if($val['option_name'] == 'pageSettings') { ; } else { $this->assign($val['option_name'], $val['option_value']); } } $menu = Cache::get('menu'); if($menu == false) { $menu = []; $menus = Db::name('nav_cat')->field('navcid,nav_name,active')->order('active desc')->select(); $start = 1; foreach($menus as $key => $val) { $submenu = Db::name('nav')->where('cid',$val['navcid'])->where('status',1)->field('id,parent_id,label,target,href,icon')->order('listorder')->select(); if(!empty($submenu)) { $submenu = $this->checkUrl(Tree::makeTree($submenu)); } $menu['menu'.$start] = $submenu; $start++; } Cache::set('menu',$menu,3600); } $this->assign('menu', $menu); $this->prvtmer($version,$ns); $user = Db::name('users')->where('id',Session::get($this->session_prefix.'user_id'))->find(); $this->assign('user', $user); $domain = Cache::get('domain'); if($domain == false) { $domain = Db::name('options')->where('option_name','domain')->field('option_value')->find(); $domain = $domain['option_value']; Cache::set('domain',$domain,3600); } $this->assign('domain', $domain); $root = ''; $dm = Url::build('/'); if(strpos($dm,'/index.php') !== false) { $root = 'index.php/'; } $this->assign('root', $root); $this->getPlugins(); Hook::add('user_menu_append',$this->plugins); Hook::listen('user_menu_append',$this->params,$this->ccc); if(isset($this->params['user_menu_append'])) { $this->assign('user_menu_append', $this->params['user_menu_append']); } Hook::add('user_menu_top',$this->plugins); Hook::listen('user_menu_top',$this->params,$this->ccc); if(isset($this->params['user_menu_top'])) { $this->assign('user_menu_top', $this->params['user_menu_top']); } Hook::add('user_menu_group_append',$this->plugins); Hook::listen('user_menu_group_append',$this->params,$this->ccc); if(isset($this->params['user_menu_group_append'])) { $this->assign('user_menu_group_append', $this->params['user_menu_group_append']); } Hook::add('user_menu_group_top',$this->plugins); Hook::listen('user_menu_group_top',$this->params,$this->ccc); if(isset($this->params['user_menu_group_top'])) { $this->assign('user_menu_group_top', $this->params['user_menu_group_top']); } Lang::load(APP_PATH . '../public/common/html/404/lang/'.$this->lang.'.php'); return true; } private function filterLanguages($parameter) { $param = strtolower($parameter); if($param == 'zh' || strpos($param,'zh-hans') !== false || strpos($param,'zh-chs') !== false) { Lang::range('zh-cn'); return 'zh-cn'; } else if($param == 'zh-tw' || strpos($param,'zh-hant') !== false || strpos($param,'zh-cht') !== false){ Lang::range('zh-tw'); return 'zh-tw'; } else if(stripos($param,'zh') === false) { $paramsub = substr($param,0,2); switch($paramsub) { case 'de': Lang::range('de-de'); return 'de-de'; break; case 'fr': Lang::range('fr-fr'); return 'fr-fr'; break; case 'ja': Lang::range('ja-jp'); return 'ja-jp'; break; case 'ko': Lang::range('ko-kr'); return 'ko-kr'; break; case 'ru': Lang::range('ru-ru'); return 'ru-ru'; break; default: return $param; } } else { return $param; } } private function getPlugins() { $plugins = Cache::get('plugins'); if($plugins == false) { $plugins = Db::name('options')->where('option_name','plugins')->field('option_value')->find(); if(!empty($plugins)) { $plugins = unserialize($plugins['option_value']); } else { $plugins = []; } Cache::set('plugins',$plugins,3600); } if(!empty($plugins)) { foreach($plugins as $key => $val) { $pluginFile = APP_PATH.'plugins/'.$val.'/'.ucfirst($val).'.php'; if(is_file($pluginFile)) { $plugins[$key] = 'app\\plugins\\'.$val.'\\'.ucfirst($val); Lang::load(APP_PATH . 'plugins/'.$val.'/lang/'.$this->lang.'.php'); } else { unset($plugins[$key]); } } $this->plugins = $plugins; } } private function checkUrl($params) { foreach($params as $key => $val) { if(substr($val['href'],0,4) == 'http' || $this->doNothing($val['href'])) { $params[$key]['zidingyi'] = '1'; } else { $params[$key]['href'] = str_replace(['/index/Index','/id'],'',$val['href']); } if(isset($val['children'])) { $params[$key]['children'] = $this->checkUrl($val['children']); } } return $params; } protected function doNothing($param) { $param = strtolower(trim($param)); if(substr($param,0,1)=='#') { return true; } if(substr($param,0,10)=='javascript') { $param = str_replace(' ','',$param); if($param == 'javascript:;' || $param == 'javascript:void(0)' || $param == 'javascript:void(0);') { return true; } } return false; } protected function isLegalPicture($picture) { if(stripos($picture,'>') === false && strpos($picture,'"') === false && strpos($picture,'\'') === false && stripos($picture,' on') === false) { $pathinfo = pathinfo($picture); if(isset($pathinfo["extension"])) { if(in_array(strtolower($pathinfo["extension"]),['jpeg','jpg','png','gif']) && stripos($pathinfo['dirname'],'/data/') !== false) { return true; } } } return false; } protected function optionsSpare() { $options_spare = Cache::get('options_spare'); if($options_spare == false) { $options_spare = Db::name('options')->where('option_name','spare')->field('option_value')->find(); $options_spare = $options_spare['option_value']; if(!empty($options_spare)) { $options_spare = unserialize($options_spare); } Cache::set('options_spare',$options_spare,3600); } return $options_spare; } private function prvtmer($v,$ns) { if($this->actualDomain()) { $this->assign(base64_decode('Y2F0ZmlzaA=='), base64_decode('PGEgaHJlZj0iaHR0cDovL3d3dy4=').$v['official'].'/" '.base64_decode('dGFyZ2V0PSJfYmxhbmsiIGlkPSJjYXRmaXNoIg==').$ns.'>'.$v['name'].' '.$v['description'].' '.$v['number'].base64_decode('PC9hPiZuYnNwOyZuYnNwOw==')); if(substr(md5($v['name'].$v['official']),15,8) != '88955a62') { $this->redirect(Url::build('/error')); exit(); } } } private function closeWeb() { Session::delete($this->session_prefix.'user_id'); Session::delete($this->session_prefix.'user'); Session::delete($this->session_prefix.'user_type'); Lang::load(APP_PATH . '../public/common/html/close/lang/'.$this->lang.'.php'); $template = $this->receive(); if(Request::instance()->isMobile() && is_file(APP_PATH.'../public/'.$template.'/mobile/close.html')) { $htmls = $this->fetch(APP_PATH.'../public/'.$template.'/mobile/close.html'); } elseif(is_file(APP_PATH.'../public/'.$template.'/close.html')) { $htmls = $this->fetch(APP_PATH.'../public/'.$template.'/close.html'); } else { $htmls = $this->fetch(APP_PATH.'../public/common/html/close/index.html'); } echo $htmls; } private function getver() { $random_verification = Cache::get('random_verification'); if($random_verification == false) { $random_verification = Operc::getc('random_verification'); if(empty($random_verification)) { $random_verification = md5(rand().time()); Operc::setc('random_verification',$random_verification); } Cache::set('random_verification',$random_verification,864000); } return $random_verification; } protected function picpre() { $uid = Session::get($this->session_prefix.'user_id'); $pre = substr(md5($uid.$this->getver()),0,8); return $pre.'-'; } protected function cpicpre($pic) { $picArr = explode('/',$pic); $pic = strstr(end($picArr),'-',true); $uid = Session::get($this->session_prefix.'user_id'); $pre = substr(md5($uid.$this->getver()),0,8); if($pre == $pic) { return true; } return false; } protected function actualDomain() { $dm = $_SERVER['HTTP_HOST']; $dm = str_replace(':','',$dm); $dmArr = explode('.',$dm); if(stripos($dm,'localhost') !== false || $this->isIntArr($dmArr)) { return false; } else { return true; } } private function isIntArr($arr) { foreach($arr as $val) { if(!is_numeric($val)) { return false; } } return true; } }