www.gusucode.com > 迪恩Kids育儿母婴商业版【整站带数据】源码程序 > 迪恩Kids育儿母婴商业版【整站带数据】/web/source/admincp/cloud/cloud_security.php
<?php /** * [Discuz!] (C)2001-2099 Comsenz Inc. * This is NOT a freeware, use is subject to license terms * * $Id: cloud_security.php 36284 2016-12-12 00:47:50Z nemohou $ */ if(!defined('IN_DISCUZ') || !defined('IN_ADMINCP')) { exit('Access Denied'); } $op = trim($_GET['op']); $_GET['anchor'] = in_array($_GET['anchor'], array('index', 'setting', 'thread', 'post', 'member', 'reportOperation', 'reopen')) ? $_GET['anchor'] : 'index'; $pt = in_array($_GET['anchor'], array('thread', 'post')) ? $_GET['anchor'] : 'thread'; $current = array($_GET['anchor'] => 1); $operateresultmap = array( '0' => 1, '-1' => 0, '-5' => 0 ); $securitynav = array(); $securitynav[0] = array('security_index', 'cloud&operation=security&anchor=index', $current['index']); $securitynav[1] = array('security_blanklist', 'cloud&operation=security&anchor=setting', $current['setting']); $securitynav[2] = array('security_thread_list', 'cloud&operation=security&anchor=thread', $current['thread']); $securitynav[3] = array('security_post_list', 'cloud&operation=security&anchor=post', $current['post']); $securitynav[4] = array('security_member_list', 'cloud&operation=security&anchor=member', $current['member']); if (!$_G['inajax']) { cpheader(); shownav('safe', 'menu_cloud_security', 'security_'.$_GET['anchor'].'_list'); showsubmenu('menu_cloud_security', $securitynav); } $tpp = !empty($_GET['tpp']) ? $_GET['tpp'] : '20'; $start_limit = ($page - 1) * $tpp; require_once libfile('function/discuzcode'); require_once libfile('function/core'); $datas = $data = $eviluids = $evilPids = $evilTids = $members = $thread = $post = ''; if($_GET['anchor'] != 'reopen') { $apps = $appService->getCloudApps(); if(empty($apps) || empty($apps[$operation]) || $apps[$operation]['status'] == 'close') { cpmsg('security_reopen', '', 'succeed'); } } if ($_GET['anchor'] == 'index') { $utilService = Cloud::loadClass('Service_Util'); $signUrl = $utilService->generateSiteSignUrl(array('v' => 2)); $utilService->redirect($cloudDomain.'/security/stats/list/?' . $signUrl); } elseif ($_GET['anchor'] == 'setting') { if (!submitcheck('settingsubmit')) { loadcache('setting'); $evilthreads = C::t('common_setting')->fetch('cloud_security_stats_thread'); $evilposts = C::t('common_setting')->fetch('cloud_security_stats_post'); $evilmembers = C::t('common_setting')->fetch('cloud_security_stats_member'); $usergroupswhitelist = $_G['setting']['security_usergroups_white_list']; $groupselect = array(); foreach (C::t('common_usergroup')->fetch_all_not(array('6','7')) as $group) { $group['type'] = $group['type'] == 'special' && $group['radminid'] ? 'specialadmin' : $group['type']; $groupselect[$group['type']] .= "<option value=\"$group[groupid]\" ".(in_array($group['groupid'], $usergroupswhitelist) ? 'selected' : '').">$group[grouptitle]</option>\n"; } $groupselect = '<optgroup label="'.$lang['usergroups_member'].'">'.$groupselect['member'].'</optgroup>'. ($groupselect['special'] ? '<optgroup label="'.$lang['usergroups_special'].'">'.$groupselect['special'].'</optgroup>' : ''). ($groupselect['specialadmin'] ? '<optgroup label="'.$lang['usergroups_specialadmin'].'">'.$groupselect['specialadmin'].'</optgroup>' : ''). '<optgroup label="'.$lang['usergroups_system'].'">'.$groupselect['system'].'</optgroup>'; $forumswhitelist = $_G['setting']['security_forums_white_list']; require_once libfile('function/forumlist'); loadcache('forums'); $forumselect = str_replace('%', '%%', forumselect(FALSE, 0, $forumswhitelist, TRUE)); showformheader('cloud&operation=security&anchor=setting'); showtableheader('security_white_list_setting', '', '', 2); showsetting('security_usergroup_white_list', '', '', '<select name="groupid[]" multiple="multiple" size="10">'.$groupselect.'</select>'); showsetting('security_forum_white_list', '', '', '<select name="fid[]" multiple="multiple" size="10">'.$forumselect.'</select>'); showsubmit('settingsubmit'); showtablefooter(); showformfooter(); } else { $usergroups = $_POST['groupid']; $forums = $_POST['fid']; $updateData = array( 'security_usergroups_white_list' => serialize($usergroups), 'security_forums_white_list' => serialize($forums) ); C::t('common_setting')->update_batch($updateData); updatecache('setting'); cpmsg('setting_update_succeed', 'action=cloud&operation=security&anchor='.$_GET['anchor'], 'succeed'); } } elseif ($_GET['anchor'] == 'thread') { $count = C::t('#security#security_evilpost')->count_by_type('1'); $multipage = multi($count, $tpp, $page, ADMINSCRIPT.'?action=cloud&operation=security&anchor=thread'); list($datas, $evilTids) = getEvilList('thread', $start_limit, $tpp); echo "<p><a href='###' onclick='$(\"recyclebinform\").submit();'>{$lang['security_recyclebin_thread']}</a></p>"; showformheader('recyclebin&operation=search', 'style="display: none;"', 'recyclebinform'); showhiddenfields(array('security' => 1, 'searchsubmit' => 1)); showformfooter(); showtableheader('', '', 'id = "security_list"'); showsubtitle(array('security_subject', 'security_forum', 'security_author', 'security_thread_status')); foreach($datas as $key => $value) { if(!$value['message']) { $subjectstyle = 'class = "threadopt"'; } else { $subjectstyle = ''; } $value['message'] = convertMessage($value); $modthreadkey = modauthkey($value['tid']); $viewlink = $value['message'] ? '<a href="forum.php?mod=redirect&goto=findpost&ptid='.$value['tid'].'&pid='.$value['pid'].'&modthreadkey='.$modthreadkey.'" target="_blank" title="'.$lang['security_view_thread'].'">'.$value['subject'].'</a>' : ''; $thread = array(convertSubjectandIP($value, $viewlink), getNamebyFid($value['fid']), convertAuthorAndDate($value), //convertIdtoStr($value['eviltype']), convertIdtoStr($value['invisible'], 'adminoperate')); showtagheader('tbody', '', true, 'hover'); showtablerow($subjectstyle, array('width = "400px"'), $thread); $value['message'] ? showtablerow('class="threadopt" style = "display: none;" id = "mod_'.$value['tid'].'_row_'.$key.'"', 'colspan = "6"', $value['message']) : ''; showtagfooter('tbody'); } if ($multipage) { showtablerow('', 'colspan = "6"', $multipage); } showtablefooter(); } elseif($_GET['anchor'] == 'post') { $count = C::t('#security#security_evilpost')->count_by_type('0'); $multipage = multi($count, $tpp, $page, ADMINSCRIPT.'?action=cloud&operation=security&anchor=post'); list($datas, $evilPids) = getEvilList('post', $start_limit, $tpp); echo "<p><a href='###' onclick='$(\"recyclebinpostform\").submit();'>{$lang['security_recyclebin_post']}</a></p>"; showformheader('recyclebinpost&operation=search', 'style="display: none;"', 'recyclebinpostform'); showhiddenfields(array('security' => 1, 'searchsubmit' => 1)); showformfooter(); showtableheader('', '', 'id = "security_list"'); showsubtitle(array('security_subject', 'security_forum', 'security_author', 'security_post_status')); foreach($datas as $key => $value) { if(!$value['message']) { $subjectstyle = 'class = "threadopt"'; } else { $subjectstyle = ''; } $value['message'] = convertMessage($value); $modthreadkey = modauthkey($value['tid']); $thread = array(convertSubjectandIP($value), getNamebyFid($value['fid']), convertAuthorAndDate($value), //convertIdtoStr($value['eviltype']), convertIdtoStr($value['invisible'], 'adminoperate'), $viewlink); showtagheader('tbody', '', true, 'hover'); showtablerow($subjectstyle,array('width = "400px"'), $thread); $value['message'] ? showtablerow('class="threadopt" style="display: none;" id = "mod_'.$value['tid'].'_row_'.$key.'"', 'colspan = "6"', $value['message']) : ''; showtagfooter('tbody'); } if ($multipage) { showtablerow('', 'colspan = "6"', $multipage); } showtablefooter(); } elseif($_GET['anchor'] == 'member') { showtips('security_member_tips'); if($_GET['ignoreuid']) { C::t('#security#security_eviluser')->delete(intval($_GET['ignoreuid'])); } $memberperpage = $_G['setting']['memberperpage']; $start_limit = ($page - 1) * $memberperpage; $count = C::t('#security#security_eviluser')->count(); $multipage = multi($count, $memberperpage, $page, ADMINSCRIPT.'?action=cloud&operation=security&anchor=member'); list($datas, $eviluids) = getEvilList('user', $start_limit, $memberperpage); showformheader('recyclebinpost&operation=search', 'style="display: none;"', 'recyclebinmember'); showhiddenfields(array('security' => 1, 'searchsubmit' => 1)); echo "\n<input type=\"hidden\" name=\"authors\" id=\"authors\" value=\"\">"; showformfooter(); showformheader("members&operation=clean", ''); showtableheader(); showsubtitle(array('','security_members_name', 'members_edit_info', 'security_thread_member_group', 'security_createtime', '', '', '')); foreach($datas as $value) { if ($value['username']) { $username = '<a href="home.php?mod=space&uid='.$value['uid'].'&do=profile" target="_blank" title="'.$title.'">'.$value['username'].'</a>'; } else { $username = $lang['security_userdeleted']."(uid:{$value['uid']})"; } $del = '<input type="checkbox" name="uidarray[]" value="'.$value['uid'].'"'.($value['adminid'] == 1 ? 'disabled' : '').' class="checkbox">'; $optmember = '<a href="'.ADMINSCRIPT.'?action=members&operation=ban&uid='.$value['uid'].'" target="_blank">'.cplang('members_ban').'</a>'; $ignorethis = '<a href="'.ADMINSCRIPT.'?action=cloud&operation=security&anchor=member&ignoreuid='.$value['uid'].'&page='.$page.'">'.cplang('security_member_ignore_this').'</a>'; $createtime = date('Y-m-d', $value['createtime']); $evilthreads = '<a href="javascript:void(0);" onclick="searchevilpost_member(\''.$value['username'].'\', 1);return false;">'.cplang('security_thread_list').'</a>'; $evilposts = '<a href="javascript:void(0);" onclick="searchevilpost_member(\''.$value['username'].'\', 2);return false;">'.cplang('security_post_list').'</a>'; $member = array($del, $username, convertMemberInfo($value), $value['grouptitle'], $createtime, $evilthreads, $evilposts, $optmember, $ignorethis); showtablerow('',array('class="td25"'),$member); } showsubmit('deletesubmit', cplang('delete'), '', '', $multipage); showtablefooter(); showformfooter(); } elseif($_GET['anchor'] == 'reopen') { Cloud::loadFile('Service_Client_Cloud'); $Cloud_Service_Client_Cloud = new Cloud_Service_Client_Cloud; $return = $Cloud_Service_Client_Cloud->appOpenWithRegister('security'); if($return['errCode']) { cpmsg($return['errMessage'], 'action=cloud&operation=security&anchor=index', 'error'); } else { dheader('location: '.ADMINSCRIPT.'?action=cloud&operation=security&anchor=index'); } } echo " <script type='text/javascript'> function searchevilpost_member(username, type) { $('recyclebinmember').action= '".ADMINSCRIPT."?'+(type == 1 ? 'action=recyclebin&operation=search' : 'action=recyclebinpost&operation=search'); $('authors').value=username; $('recyclebinmember').submit(); return false; } </script>"; $jsScript = <<<EOF <script type='text/javascript'> function toggle_mod(id) { if($(id).style.display == 'none') { $(id).style.display = ''; } else { $(id).style.display = 'none'; } return false; } function security_foldall() { var trs = $('security_list').getElementsByTagName('TR'); for(var i in trs) { if(trs[i].id && trs[i].id.match(/mod_(\d+)_row_(\d+)/) != null) { trs[i].style.display = "none"; } } } function security_exfoldall() { var trs = $('security_list').getElementsByTagName('TR'); for(var i in trs) { if(trs[i].id && trs[i].id.match(/mod_(\d+)_row_(\d+)/) != null) { trs[i].style.display = ""; } } } </script> EOF; echo $jsScript; function convertIdtoStr($id, $type = 'security_type', $subtype = 'thread') { global $lang; if ($type == 'security_type') { $id = min(6, $id); $result = $lang['security_type_'.$id]; } elseif($type == 'checkreported') { $result = $id ? $lang['security_isreported_yes'] : $lang['security_isreported_no']; } elseif($type == 'adminoperate') { if ($id === null) { return $lang['security_opreateresult_2']; } if (in_array($subtype, array('thread', 'post'))) { global $operateresultmap; $result = $lang['security_opreateresult_'.$operateresultmap[$id]]; } elseif ($subtype == 'member') { global $nooperategroup; if (in_array($id, $nooperategroup)) { $result = $lang['security_opreateresult_0']; } else { $result = $lang['security_opreateresult_1']; } } } return $result; } function convertMemberInfo($value) { global $lang; $result = ''; if ($value['username']) { $result = $lang['members_edit_regdate'] . ': ' . dgmdate($value['regdate']) . '<br/>'; $result .= $lang['members_edit_regip'] . ': ' . $value['regip'] . ' ' . convertip($value['regip']) . '<br/>'; $result .= 'Email: ' . $value['email']; } else { $result = '<p style="margin:14px 0;">' . $lang['security_userdeleted'] . '</p>'; } return $result; } function convertOperate($id = 0) { $ids = array('1' => 'delete', '2' => 'restore'); if (!$ids[$id]) { return false; } return $ids[$id]; } function getEvilList($type, $start, $ppp) { $datas = $data = ''; $evilids = array(); if ($type == 'member') { $type = 'user'; } if ($type == 'user') { $query = C::t('#security#security_eviluser')->fetch_range($start, $ppp); $idtype = 'uid'; } elseif($type == 'thread') { $query = C::t('#security#security_evilpost')->fetch_range_by_type('1', $start, $ppp); $idtype = 'pid'; } elseif($type == 'post') { $query = C::t('#security#security_evilpost')->fetch_range_by_type('0', $start, $ppp); $idtype = 'pid'; } foreach ($query as $data) { $datas[$data[$idtype]] = $data; $evilids[] = $data[$idtype]; if ($data['tid']) { $evilTids[] = $data['tid']; $threadPid[$data['tid']][] = $data['pid']; } } if (is_array($evilTids)) { $evilTids = array_unique($evilTids); } if (!$evilids) { return false; } if ($type == 'user') { $usergroups = array(); foreach (C::t('common_usergroup')->range() as $group) { $usergroups[$group['groupid']] = $group['grouptitle']; } $regips = C::t('common_member_status')->fetch_all($evilids); $query = C::t('common_member')->fetch_all($evilids); foreach ($query as $key => $user) { if(!empty($user) && !in_array($user['groupid'], array(4,5,6))) { $query[$key]['regip'] = $regips[$key]['regip']; } } if(count($evilids) != count($query)) { $deleviluids = array(); foreach($evilids as $key => $eviluid) { if(empty($query[$eviluid])) { $deleviluids[] = $eviluid; unset($evilids[$key]); } } C::t('#security#security_eviluser')->delete($deleviluids); } } elseif($type == 'thread' || $type == 'post') { $query = C::t('forum_thread')->fetch_all_by_tid($evilTids); } foreach ($query as $data) { if ($type == 'thread' || $type == 'post') { foreach($threadPid[$data['tid']] as $pid) { $isFirst = ($type == 'thread') ? 1 : 0; $postData = C::t('forum_post')->fetch($data['posttableid'], $pid); if ($postData['pid']) { $datas[$postData['pid']] = array_merge($datas[$postData['pid']], $postData); if ($type == 'post') { $datas[$postData['pid']]['subject'] = $data['subject']; } } } } else { $data['grouptitle'] = $usergroups[$data['groupid']]; $datas[$data[$idtype]] = array_merge($datas[$data[$idtype]], $data); } } return array($datas, $evilids); } function getNamebyFid($fid) { global $_G; if (!$fid) { return false; } $forumInfo = C::t('forum_forum')->fetch_all_name_by_fid($fid); $name = $forumInfo[$fid]['name']; $name = "<a href='forum.php?mod=forumdisplay&fid=$fid' target='_blank'>".$name."</a>"; return $name; } function convertSubjectandIP($value, $viewlink = '') { global $lang; if ($viewlink) { $result = '<h3>'.$viewlink.'</h3>'; } else { $result = '<h3><a title="'.$lang['security_clicktotoggle'].'" href="javascript:;" onclick="return toggle_mod(\'mod_'.$value['tid'].'_row_'.$value['pid'].'\');" target="_blank">'.$value['subject'].'</a></h3>'; } $result .= '<p>'.$value['useip'].' '.convertip($value['useip']).' ( pid : '.$value['pid'].' ) </p>'; if (!$value['message']) { return $lang['security_postdeleted']."(tid:{$value['tid']} pid:{$value['pid']})"; } return $result; } function convertMessage($value) { global $lang; if (!$value['message']) { return false; } $value['message'] = discuzcode($value['message'], 0, 0, sprintf('%00b', $value['htmlon']), 1, 1, 1, 0); $value['message'] = '<div style="overflow: auto; overflow-x: hidden; max-height:120px; height:auto !important; height:100px; word-break: break-all;">'.$value['message'].'</div>'; return $value['message']; } function convertAuthorAndDate($value) { if (!$value['author']) { return false; } $result = "<a href='home.php?mod=space&uid={$value[authorid]}&do=profile' target='_blank'>" . $value['author'] . "</a>" . '<p>'; $result .= dgmdate($value['dateline']); $result .= '</a>'; return $result; } function getDataToReport($operateType, $datatosync, $datas) { $datatoreport = array(); foreach($datatosync as $operateresult => $ids) { foreach($ids as $id) { if(!$datas[$id]['isreported']) { $data = array( 'operateType' => $operateType, 'operate' => $operateresult == 'validate' ? 'restore' : 'delete', 'operateId' => $id, 'uid' => $datas[$id]['authorid'] ? $datas[$id]['authorid'] : $datas[$id]['uid'], ); $data['openId'] = getOpenId($data['uid']); $data['clientIp'] = $datas[$id]['userip'] ? $datas[$id]['userip'] : getMemberIp($data['uid']); if ($operateType != 'member') { $data['tid'] = $datas[$id]['tid']; $data['pid'] = $datas[$id]['pid']; $data['fid'] = $datas[$id]['fid']; } array_push($datatoreport, $data); } } } return $datatoreport; }