1. [代码]Destoon 核心
<?php
/*
[Destoon B2B System] Copyright (c) 2008-2011 Destoon.COM
This is NOT a freeware, use is subject to license.txt
*/
defined('IN_DESTOON') or exit('Access Denied');
function dhtmlspecialchars($string) {
return is_array($string) ? array_map('dhtmlspecialchars', $string) : str_replace('&', '&', htmlspecialchars($string, ENT_QUOTES));
}
function daddslashes($string) {
if(!is_array($string)) return addslashes($string);
foreach($string as $key => $val) $string[$key] = daddslashes($val);
return $string;
}
function dstripslashes($string) {
if(!is_array($string)) return stripslashes($string);
foreach($string as $key => $val) $string[$key] = dstripslashes($val);
return $string;
}
function dsafe($string) {
if(is_array($string)) {
return array_map('dsafe', $string);
} else {
if(strlen($string) < 20) return $string;
$match = array("/&#([a-z0-9]+)([;]*)/i", "/(j[\s\r\n\t]*a[\s\r\n\t]*v[\s\r\n\t]*a[\s\r\n\t]*s[\s\r\n\t]*c[\s\r\n\t]*r[\s\r\n\t]*i[\s\r\n\t]*p[\s\r\n\t]*t|jscript|js|vbscript|vbs|about|expression|script|frame|link|import)/i", "/on(mouse|exit|error|click|dblclick|key|load|unload|change|move|submit|reset|cut|copy|select|start|stop)/i");
$replace = array("", "<d>\\1</d>", "on\n\\1");
return preg_replace($match, $replace, $string);
}
}
function dtrim($string, $js = false) {
$string = str_replace(array(chr(10), chr(13)), array('', ''), $string);
return $js ? str_replace("'", "\'", $string) : $string;
}
function dheader($url) {
global $DT;
if(!defined('DT_ADMIN') && $DT['defend_reload']) sleep($DT['defend_reload']);
exit(header('location:'.$url));
}
function dmsg($dmsg = '', $dforward = '') {
if(!$dmsg && !$dforward) {
$dmsg = get_cookie('dmsg');
if($dmsg) {
echo '<script type="text/javascript">showmsg(\''.$dmsg.'\');</script>';
set_cookie('dmsg', '');
}
} else {
set_cookie('dmsg', $dmsg);
$dforward = preg_replace("/(.*)([&?]rand=[0-9]*)(.*)/i", "\\1\\3", $dforward);
$dforward = str_replace('.php&', '.php?', $dforward);
$dforward = strpos($dforward, '?') === false ? $dforward.'?rand='.mt_rand(10, 99) : str_replace('?', '?rand='.mt_rand(10, 99).'&', $dforward);
dheader($dforward);
}
}
function dalert($dmessage = errmsg, $dforward = '', $extend = '') {
global $CFG, $DT;
exit(include template('alert', 'message'));
}
function dsubstr($string, $length, $suffix = '', $start = 0) {
if($start) {
$tmp = dsubstr($string, $start);
$string = substr($string, strlen($tmp));
}
$strlen = strlen($string);
if($strlen <= $length) return $string;
$string = str_replace(array('"', '<', '>'), array('"', '<', '>'), $string);
$length = $length - strlen($suffix);
$str = '';
if(strtolower(DT_CHARSET) == 'utf-8') {
$n = $tn = $noc = 0;
while($n < $strlen) {
$t = ord($string{$n});
if($t == 9 || $t == 10 || (32 <= $t && $t <= 126)) {
$tn = 1; $n++; $noc++;
} elseif(194 <= $t && $t <= 223) {
$tn = 2; $n += 2; $noc += 2;
} elseif(224 <= $t && $t <= 239) {
$tn = 3; $n += 3; $noc += 2;
} elseif(240 <= $t && $t <= 247) {
$tn = 4; $n += 4; $noc += 2;
} elseif(248 <= $t && $t <= 251) {
$tn = 5; $n += 5; $noc += 2;
} elseif($t == 252 || $t == 253) {
$tn = 6; $n += 6; $noc += 2;
} else {
$n++;
}
if($noc >= $length) break;
}
if($noc > $length) $n -= $tn;
$str = substr($string, 0, $n);
} else {
for($i = 0; $i < $length; $i++) {
$str .= ord($string{$i}) > 127 ? $string{$i}.$string{++$i} : $string{$i};
}
}
$str = str_replace(array('"', '<', '>'), array('"', '<', '>'), $str);
return $str == $string ? $str : $str.$suffix;
}
function encrypt($txt, $key = '') {
$rnd = md5(microtime());
$len = strlen($txt);
$ren = strlen($rnd);
$ctr = 0;
$str = '';
for($i = 0; $i < $len; $i++) {
$ctr = $ctr == $ren ? 0 : $ctr;
$str .= $rnd[$ctr].($txt[$i] ^ $rnd[$ctr++]);
}
return str_replace('=', '', base64_encode(kecrypt($str, $key)));
}
function decrypt($txt, $key = '') {
$txt = kecrypt(base64_decode($txt), $key);
$len = strlen($txt);
$str = '';
for($i = 0; $i < $len; $i++) {
$tmp = $txt[$i];
$str .= $txt[++$i] ^ $tmp;
}
return $str;
}
function kecrypt($txt, $key) {
$key = md5($key);
$len = strlen($txt);
$ken = strlen($key);
$ctr = 0;
$str = '';
for($i = 0; $i < $len; $i++) {
$ctr = $ctr == $ken ? 0 : $ctr;
$str .= $txt[$i] ^ $key[$ctr++];
}
return $str;
}
function strtohex($str) {
$hex = '';
for($i = 0; $i < strlen($str); $i++) {
$hex .= dechex(ord($str[$i]));
}
return $hex;
}
function hextostr($hex) {
$str = '';
for($i = 0; $i < strlen($hex) - 1; $i += 2) {
$str .= chr(hexdec($hex[$i].$hex[$i+1]));
}
return $str;
}
function dround($var, $precision = 2, $sprinft = false) {
$var = round(floatval($var), $precision);
if($sprinft) $var = sprintf('%.'.$precision.'f', $var);
return $var;
}
function dalloc($i, $n = 5000) {
return ceil($i/$n);
}
function strip_sql($string) {
$search = array("/union[\s|\t]/i","/select[\s|\t]/i","/update[\s|\t]/i","/outfile[\s|\t]/i","/ascii/i","/[\s|\t]or[\s|\t]/i","/\/\*/i");
$replace = array('union ','select ','update ','outfile ','ascii ',' or ', '');
return is_array($string) ? array_map('strip_sql', $string) : preg_replace($search, $replace, $string);
}
function strip_nr($string, $js = false) {
$string = str_replace(array(chr(13), chr(10), "\n", "\r", "\t", ' '),array('', '', '', '', '', ''), $string);
if($js) $string = str_replace("'", "\'", $string);
return $string;
}
function template($template = 'index', $dir = '') {
global $CFG;
$to = $dir ? DT_CACHE.'/tpl/'.$dir.'-'.$template.'.php' : DT_CACHE.'/tpl/'.$template.'.php';
$isfileto = is_file($to);
if($CFG['template_refresh'] || !$isfileto) {
if($dir) $dir = $dir.'/';
$from = DT_ROOT.'/template/'.$CFG['template'].'/'.$dir.$template.'.htm';
if($CFG['template'] != 'default' && !is_file($from)) {
$from = DT_ROOT.'/template/default/'.$dir.$template.'.htm';
}
if(!$isfileto || filemtime($from) > filemtime($to) || (filesize($to) == 0 && filesize($from) > 0)) {
require_once DT_ROOT.'/include/template.func.php';
template_compile($from, $to);
}
}
return $to;
}
function ob_template($template, $dir = '') {
extract($GLOBALS, EXTR_SKIP);
ob_start();
include template($template, $dir);
$contents = ob_get_contents();
ob_clean();
return $contents;
}
function message($dmessage = errmsg, $dforward = 'goback', $dtime = 1) {
global $CFG, $DT;
if(!$dmessage && $dforward && $dforward != 'goback') dheader($dforward);
exit(include template('message', 'message'));
}
function login() {
global $_userid, $MODULE, $DT_URL, $DT;
$_userid or dheader($MODULE[2]['linkurl'].$DT['file_login'].'?forward='.rawurlencode($DT_URL));
}
function random($length, $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz') {
$hash = '';
$max = strlen($chars) - 1;
for($i = 0; $i < $length; $i++) {
$hash .= $chars[mt_rand(0, $max)];
}
return $hash;
}
function set_cookie($var, $value = '', $time = 0) {
global $CFG, $DT_TIME;
$time = $time > 0 ? $time : (empty($value) ? $DT_TIME - 3600 : 0);
$port = $_SERVER['SERVER_PORT'] == '443' ? 1 : 0;
$var = $CFG['cookie_pre'].$var;
return setcookie($var, $value, $time, $CFG['cookie_path'], $CFG['cookie_domain'], $port);
}
function get_cookie($var) {
global $CFG;
$var = $CFG['cookie_pre'].$var;
return isset($_COOKIE[$var]) ? $_COOKIE[$var] : '';
}
function get_table($moduleid, $data = 0) {
global $DT_PRE, $MODULE;
$module = $MODULE[$moduleid]['module'];
if($data) {
return in_array($module, array('article', 'info')) ? $DT_PRE.$module.'_data_'.$moduleid : $DT_PRE.$module.'_data';
} else {
return in_array($module, array('article', 'info')) ? $DT_PRE.$module.'_'.$moduleid : $DT_PRE.$module;
}
}
function get_process($fromtime, $totime) {
global $DT_TIME;
if($fromtime && $DT_TIME < $fromtime) return 1;
if($totime && $DT_TIME > $totime) return 3;
return 2;
}
function send_message($touser, $title, $content, $typeid = 4, $fromuser = '') {
global $db, $DT_TIME, $DT_IP;
if($touser == $fromuser) return false;
if(check_name($touser) && $title && $content) {
$title = addslashes($title);
$content = addslashes($content);
$r = $db->get_one("SELECT black FROM {$db->pre}member WHERE username='$touser'");
if($r) {
if($r['black'] && $typeid != 4) {
$blacks = explode(' ', $r['black']);
$_from = $fromuser ? $fromuser : 'Guest';
if(in_array($_from, $blacks)) return false;
}
$db->query("INSERT INTO {$db->pre}message (title,typeid,touser,fromuser,content,addtime,ip,status) VALUES ('$title', $typeid, '$touser','$fromuser','$content','$DT_TIME','$DT_IP',3)");
$db->query("UPDATE {$db->pre}member SET message=message+1 WHERE username='$touser'");
if($fromuser) {
$db->query("INSERT INTO {$db->pre}message (title,typeid,content,fromuser,touser,addtime,ip,status) VALUES ('$title','$typeid','$content','$fromuser','$touser','$DT_TIME','$DT_IP','2')");
}
return true;
}
}
return false;
}
function send_mail($mail_to, $mail_subject, $mail_body, $mail_from = '', $mail_sign = true) {
global $DT;
require_once DT_ROOT.'/include/mail.func.php';
$result = dmail(trim($mail_to), $mail_subject, $mail_body, $mail_from, $mail_sign);
$success = $result == 'SUCCESS' ? 1 : 0;
if($DT['mail_log']) {
global $DT_TIME, $db;
$status = $success ? 3 : 2;
$note = $success ? '' : addslashes($result);
$mail_subject = stripslashes($mail_subject);
$mail_body = stripslashes($mail_body);
$mail_subject = addslashes($mail_subject);
$mail_body = addslashes($mail_body);
$db->query("INSERT INTO {$db->pre}mail_log (email,title,content,addtime,status,note) VALUES ('$mail_to','$mail_subject','$mail_body','$DT_TIME','$status','$note')");
}
return $success;
}
function strip_sms($message) {
global $DT;
$message = strip_tags($message);
$message = preg_replace("/&([a-z]{1,});/", '', $message);
$message = str_replace(' ', '', $message);
if($DT['sms_sign']) $message .= $DT['sms_sign'];
return $message;
}
function send_sms($mobile, $message, $word = 0, $time = 0) {
global $db, $DT, $DT_TIME, $DT_IP, $_username;
if(!$DT['sms'] || !$DT['sms_uid'] || !$DT['sms_key']) return false;
$word or $word = word_count($message);
$sms_message = rawurlencode(convert($message, DT_CHARSET, 'UTF-8'));
$data = 'sms_uid='.$DT['sms_uid'].'&sms_key='.$DT['sms_key'].'&sms_charset='.DT_CHARSET.'&sms_mobile='.$mobile.'&sms_message='.$sms_message.'&sms_time='.$time;
$header = "POST /send.php HTTP/1.0\r\n";
$header .= "Accept: */*\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: ".strlen($data)."\r\n\r\n";
$DT['sms_host'] or $DT['sms_host'] = 'sms';
$fp = fsockopen($DT['sms_host'].'.destoon.com', 8820);
$code = '';
if($fp) {
fputs($fp, $header.$data);
while(!feof($fp)) {
$code .= fgets($fp, 1024);
}
fclose($fp);
if($code && strpos($code, 'destoon_sms_code=') !== false) {
$code = explode('destoon_sms_code=', $code);
$code = $code[1];
} else {
$code = 'Can Not Connect SMS Server';
}
} else {
$code = 'Can Not Connect SMS Server';
}
$db->query("INSERT INTO {$db->pre}sms (mobile,message,word,editor,sendtime,code) VALUES ('$mobile','$message','$word','$_username','$DT_TIME','$code')");
return $code;
}
function word_count($string) {
$string = convert($string, DT_CHARSET, 'gbk');
$length = strlen($string);
$count = 0;
for($i = 0; $i < $length; $i++) {
$t = ord($string[$i]);
if($t > 127) $i++;
$count++;
}
return $count;
}
function cache_read($file, $dir = '', $mode = '') {
$file = $dir ? DT_CACHE.'/'.$dir.'/'.$file : DT_CACHE.'/'.$file;
if(!is_file($file)) return array();
return $mode ? file_get($file) : include $file;
}
function cache_write($file, $string, $dir = '') {
if(is_array($string)) $string = "<?php defined('IN_DESTOON') or exit('Access Denied'); return ".strip_nr(var_export($string, true))."; ?>";
$file = $dir ? DT_CACHE.'/'.$dir.'/'.$file : DT_CACHE.'/'.$file;
$strlen = file_put($file, $string);
return $strlen;
}
function cache_delete($file, $dir = '') {
$file = $dir ? DT_CACHE.'/'.$dir.'/'.$file : DT_CACHE.'/'.$file;
return file_del($file);
}
function cache_clear($str, $type = '', $dir = '') {
$dir = $dir ? DT_CACHE.'/'.$dir.'/' : DT_CACHE.'/';
$files = glob($dir.'*');
if(is_array($files)) {
if($type == 'dir') {
foreach($files as $file) {
if(is_dir($file)) {dir_delete($file);} else {if(file_ext($file) == $str) file_del($file);}
}
} else {
foreach($files as $file) {
if(!is_dir($file) && strpos(basename($file), $str) !== false) file_del($file);
}
}
}
}
function content_table($moduleid, $itemid, $split, $table_data = '') {
if($split) {
return split_table($moduleid, $itemid);
} else {
$table_data or $table_data = get_table($moduleid, 1);
return $table_data;
}
}
function split_table($moduleid, $itemid) {
global $DT_PRE;
$part = split_id($itemid);
return $DT_PRE.$moduleid.'_'.$part;
}
function split_id($id) {
return $id > 0 ? ceil($id/500000) : 1;
}
function ip2area($ip) {
$area = '';
if(is_ip($ip)) {
$tmp = explode('.', $ip);
if($tmp[0] == 10 || $tmp[0] == 127 || ($tmp[0] == 192 && $tmp[1] == 168) || ($tmp[0] == 172 && ($tmp[1] >= 16 && $tmp[1] <= 31))) {
$area = 'LAN';
} elseif($tmp[0] > 255 || $tmp[1] > 255 || $tmp[2] > 255 || $tmp[3] > 255) {
$area = 'Unkonw';
} else {
require_once DT_ROOT.'/include/ip.func.php';
$area = convertip($ip);
}
}
$area = convert($area, 'gbk', DT_CHARSET);
return $area;
}
function banip($IP) {
global $DT_IP, $DT_TIME;
$ban = false;
foreach($IP as $v) {
if($v['totime'] && $v['totime'] < $DT_TIME) continue;
if($v['ip'] == $DT_IP) { $ban = true; break; }
if(preg_match("/^".str_replace('*', '[0-9]{1,3}', $v['ip'])."$/", $DT_IP)) { $ban = true; break; }
}
if($ban) message(lang('include->msg_ip_ban', array($DT_IP)));
}
function banword($WORD, $string, $extend = true) {
$string = stripslashes($string);
foreach($WORD as $v) {
$v[0] = preg_quote($v[0]);
$v[0] = str_replace('/', '\/', $v[0]);
$v[0] = str_replace("\*", ".*", $v[0]);
if($v[2] && $extend) {
if(preg_match("/".$v[0]."/i", $string)) dalert(lang('include->msg_word_ban'));
} else {
if($string == '') break;
if(preg_match("/".$v[0]."/i", $string)) $string = preg_replace("/".$v[0]."/i", $v[1], $string);
}
}
return addslashes($string);
}
function get_env($type) {
switch($type) {
case 'ip':
isset($_SERVER['HTTP_X_FORWARDED_FOR']) or $_SERVER['HTTP_X_FORWARDED_FOR'] = '';
isset($_SERVER['REMOTE_ADDR']) or $_SERVER['REMOTE_ADDR'] = '';
isset($_SERVER['HTTP_CLIENT_IP']) or $_SERVER['HTTP_CLIENT_IP'] = '';
if($_SERVER['HTTP_X_FORWARDED_FOR'] && $_SERVER['REMOTE_ADDR']) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
if(strpos($ip, ',') !== false) {
$tmp = explode(',', $ip);
$ip = trim(end($tmp));
}
if(is_ip($ip)) return $ip;
}
if(is_ip($_SERVER['HTTP_CLIENT_IP'])) return $_SERVER['HTTP_CLIENT_IP'];
if(is_ip($_SERVER['REMOTE_ADDR'])) return $_SERVER['REMOTE_ADDR'];
return 'unknown';
break;
case 'self':
return isset($_SERVER['PHP_SELF']) ? $_SERVER['PHP_SELF'] : (isset($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME'] : $_SERVER['ORIG_PATH_INFO']);
break;
case 'referer':
return isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
break;
case 'domain':
return $_SERVER['SERVER_NAME'];
break;
case 'scheme':
return $_SERVER['SERVER_PORT'] == '443' ? 'https://' : 'http://';
break;
case 'port':
return $_SERVER['SERVER_PORT'] == '80' ? '' : ':'.$_SERVER['SERVER_PORT'];
break;
case 'url':
if(isset($_SERVER['REQUEST_URI'])) {
$uri = $_SERVER['REQUEST_URI'];
} else {
$uri = $_SERVER['PHP_SELF'];
if(isset($_SERVER['argv'])) {
if(isset($_SERVER['argv'][0])) $uri .= '?'.$_SERVER['argv'][0];
} else {
$uri .= '?'.$_SERVER['QUERY_STRING'];
}
}
$uri = dhtmlspecialchars($uri);
return get_env('scheme').$_SERVER['HTTP_HOST'].(strpos($_SERVER['HTTP_HOST'], ':') === false ? get_env('port') : '').$uri;
break;
}
}
function convert($str, $from = 'utf-8', $to = 'gb2312') {
if(!$str) return '';
$from = strtolower($from);
$to = strtolower($to);
if($from == $to) return $str;
$from = str_replace('gbk', 'gb2312', $from);
$to = str_replace('gbk', 'gb2312', $to);
$from = str_replace('utf8', 'utf-8', $from);
$to = str_replace('utf8', 'utf-8', $to);
if($from == $to) return $str;
$tmp = array();
if(function_exists('iconv')) {
if(is_array($str)) {
foreach($str as $key => $val) {
$tmp[$key] = iconv($from, $to."//IGNORE", $val);
}
return $tmp;
} else {
return iconv($from, $to."//IGNORE", $str);
}
} else if(function_exists('mb_convert_encoding')) {
if(is_array($str)) {
foreach($str as $key => $val) {
$tmp[$key] = mb_convert_encoding($val, $to, $from);
}
return $tmp;
} else {
return mb_convert_encoding($str, $to, $from);
}
} else {
require_once DT_ROOT.'/include/convert.func.php';
return dconvert($str, $to, $from);
}
}
function get_type($item, $cache = 0) {
$types = array();
if($cache) {
$types = cache_read('type-'.$item.'.php');
} else {
global $db;
$result = $db->query("SELECT * FROM {$db->pre}type WHERE item='$item' ORDER BY listorder ASC,typeid DESC ");
while($r = $db->fetch_array($result)) {
$types[$r['typeid']] = $r;
}
}
return $types;
}
function get_cat($catid) {
global $db;
$catid = intval($catid);
return $catid ? $db->get_one("SELECT * FROM {$db->pre}category WHERE catid=$catid") : array();
}
function cat_pos($CAT, $str = ' » ', $target = '') {
global $MODULE, $db;
if(!$CAT) return '';
$arrparentids = $CAT['arrparentid'].','.$CAT['catid'];
$arrparentid = explode(',', $arrparentids);
$pos = '';
$target = $target ? ' target="_blank"' : '';
$CATEGORY = array();
$result = $db->query("SELECT catid,moduleid,catname,linkurl FROM {$db->pre}category WHERE catid IN ($arrparentids)");
while($r = $db->fetch_array($result)) {
$CATEGORY[$r['catid']] = $r;
}
foreach($arrparentid as $catid) {
if(!$catid || !isset($CATEGORY[$catid])) continue;
$pos .= '<a href="'.$MODULE[$CATEGORY[$catid]['moduleid']]['linkurl'].$CATEGORY[$catid]['linkurl'].'"'.$target.'>'.$CATEGORY[$catid]['catname'].'</a>'.$str;
}
$_len = strlen($str);
if($str && substr($pos, -$_len, $_len) === $str) $pos = substr($pos, 0, strlen($pos)-$_len);
return $pos;
}
function cat_url($catid) {
global $MODULE, $db;
$r = $db->get_one("SELECT moduleid,linkurl FROM {$db->pre}category WHERE catid=$catid");
return $r ? $MODULE[$r['moduleid']]['linkurl'].$r['linkurl'] : '';
}
function get_area($areaid) {
global $db;
$areaid = intval($areaid);
return $db->get_one("SELECT * FROM {$db->pre}area WHERE areaid=$areaid");
}
function area_pos($areaid, $str = ' » ', $deep = 0) {
if($areaid) {
global $AREA;
} else {
global $L;
return $L['allcity'];
}
$AREA or $AREA = cache_read('area.php');
$arrparentid = $AREA[$areaid]['arrparentid'] ? explode(',', $AREA[$areaid]['arrparentid']) : array();
$arrparentid[] = $areaid;
$pos = '';
if($deep) $i = 1;
foreach($arrparentid as $areaid) {
if(!$areaid || !isset($AREA[$areaid])) continue;
if($deep) {
if($i > $deep) continue;
$i++;
}
$pos .= $AREA[$areaid]['areaname'].$str;
}
$_len = strlen($str);
if($str && substr($pos, -$_len, $_len) === $str) $pos = substr($pos, 0, strlen($pos)-$_len);
return $pos;
}
function get_maincat($catid, $moduleid, $level = -1) {
global $db;
$condition = $catid ? "parentid=$catid" : "moduleid=$moduleid AND parentid=0";
if($level >= 0) $condition .= " AND level=$level";
$cat = array();
$result = $db->query("SELECT catid,catname,child,style,linkurl,item FROM {$db->pre}category WHERE $condition ORDER BY listorder,catid ASC", 'CACHE');
while($r = $db->fetch_array($result)) {
$cat[] = $r;
}
return $cat;
}
function get_mainarea($areaid) {
global $db;
$areaid = intval($areaid);
$are = array();
$result = $db->query("SELECT areaid,areaname FROM {$db->pre}area WHERE parentid=$areaid ORDER BY listorder,areaid ASC", 'CACHE');
while($r = $db->fetch_array($result)) {
$are[] = $r;
}
return $are;
}
function get_user($value, $key = 'username', $from = 'userid') {
global $db;
$r = $db->get_one("SELECT `$from` FROM {$db->pre}member WHERE `$key`='$value'");
return $r[$from];
}
function check_group($groupid, $groupids) {
if(!$groupids || $groupid == 1) return true;
if($groupid == 4) $groupid = 3;
return in_array($groupid, explode(',', $groupids));
}
function tohtml($htmlfile, $module = '', $parameter = '') {
defined('TOHTML') or define('TOHTML', true);
extract($GLOBALS, EXTR_SKIP);
if($parameter) parse_str($parameter);
include $module ? DT_ROOT.'/module/'.$module.'/'.$htmlfile.'.htm.php' : DT_ROOT.'/include/'.$htmlfile.'.htm.php';
}
function set_style($string, $style = '', $tag = 'span') {
if(preg_match("/^#[0-9a-zA-Z]{6}$/", $style)) $style = 'color:'.$style;
return $style ? '<'.$tag.' style="'.$style.'">'.$string.'</'.$tag.'>' : $string;
}
function crypt_action($action) {
global $DT_IP;
return md5(md5($action.DT_KEY.$DT_IP));
}
function captcha($captcha, $enable = 1, $return = false) {
global $DT_IP, $DT, $session;
if($enable) {
if($DT['captcha_cn']) {
if(strlen($captcha) < 4) {
$msg = lang('include->captcha_missed');
return $return ? $msg : message($msg);
}
} else {
if(!preg_match("/^[0-9a-z]{4,}$/i", $captcha)) {
$msg = lang('include->captcha_missed');
return $return ? $msg : message($msg);
}
}
if(!is_object($session)) $session = new dsession();
if(!isset($_SESSION['captchastr'])) {
$msg = lang('include->captcha_expired');
return $return ? $msg : message($msg);
}
if($_SESSION['captchastr'] != md5(md5(strtoupper($captcha).DT_KEY.$DT_IP))) {
$msg = lang('include->captcha_error');
return $return ? $msg : message($msg);
}
unset($_SESSION['captchastr']);
} else {
return '';
}
}
function question($answer, $enable = 1, $return = false) {
global $DT_IP, $session;
if($enable) {
if(!$answer) {
$msg = lang('include->answer_missed');
return $return ? $msg : message($msg);
}
$answer = stripslashes($answer);
if(!is_object($session)) $session = new dsession();
if(!isset($_SESSION['answerstr'])) {
$msg = lang('include->question_expired');
return $return ? $msg : message($msg);
}
if($_SESSION['answerstr'] != md5(md5($answer.DT_KEY.$DT_IP))) {
$msg = lang('include->answer_error');
return $return ? $msg : message($msg);
}
unset($_SESSION['answerstr']);
} else {
return '';
}
}
function pages($total, $page = 1, $perpage = 20, $demo = '', $step = 2) {
global $DT_URL, $DT, $L;
if($total <= $perpage) return '';
$items = $total;
$total = ceil($total/$perpage);
if($page < 1 || $page > $total) $page = 1;
if($demo) {
$demo_url = $demo;
$home_url = str_replace('{destoon_page}', '1', $demo_url);
} else {
if(defined('DT_REWRITE') && $DT['rewrite'] && $_SERVER["SCRIPT_NAME"]) {
$demo_url = $_SERVER["SCRIPT_NAME"];
$demo_url = str_replace('//', '/', $demo_url);//Fix Nginx
$mark = false;
if(substr($demo_url, -4) == '.php') {
if(strpos($_SERVER['QUERY_STRING'], '.html') === false) {
$qstr = '';
if($_SERVER['QUERY_STRING']) {
if(substr($_SERVER['QUERY_STRING'], -5) == '.html') {
$qstr = '-'.substr($_SERVER['QUERY_STRING'], 0, -5);
} else {
parse_str($_SERVER['QUERY_STRING'], $qs);
foreach($qs as $k=>$v) {
$qstr .= '-'.$k.'-'.rawurlencode($v);
}
}
}
$demo_url = substr($demo_url, 0, -4).'-htm-page-{destoon_page}'.$qstr.'.html';
} else {
$demo_url = substr($demo_url, 0, -4).'-htm-'.$_SERVER['QUERY_STRING'];
$mark = true;
}
} else {
$mark = true;
}
if($mark) {
if(strpos($demo_url, '%') === false) $demo_url = rawurlencode($demo_url);
$demo_url = str_replace(array('%2F', '%3A'), array('/', ':'), $demo_url);
if(strpos($demo_url, '-page-') !== false) {
$demo_url = preg_replace("/page-([0-9]+)/", 'page-{destoon_page}', $demo_url);
} else {
$demo_url = str_replace('.html', '-page-{destoon_page}.html', $demo_url);
}
}
$home_url = str_replace('-page-{destoon_page}', '-page-1', $demo_url);
} else {
$DT_URL = str_replace('&', '&', $DT_URL);
$demo_url = $home_url = preg_replace("/(.*)([&?]page=[0-9]*)(.*)/i", "\\1\\3", $DT_URL);
$s = strpos($demo_url, '?') === false ? '?' : '&';
$demo_url = $demo_url.$s.'page={des'.'toon_page}';
}
}
$pages = '';
include DT_ROOT.'/api/pages.'.($DT['pages_mode'] ? 'sample' : 'default').'.php';
return $pages;
}
function listpages($CAT, $total, $page = 1, $perpage = 20, $step = 2) {
global $DT, $MOD, $L;
if($total <= $perpage) return '';
$items = $total;
$total = ceil($total/$perpage);
if($page < 1 || $page > $total) $page = 1;
$home_url = $MOD['linkurl'].$CAT['linkurl'];
$demo_url = $MOD['linkurl'].listurl($CAT, '{destoon_page}');
$pages = '';
include DT_ROOT.'/api/pages.'.($DT['pages_mode'] ? 'sample' : 'default').'.php';
return $pages;
}
function showpages($item, $total, $page = 1) {
global $MOD, $L;
$pages = '';
$home_url = $MOD['linkurl'].itemurl($item);
$demo_url = $MOD['linkurl'].itemurl($item, '{destoon_page}');
$_page = $page <= 1 ? $total : ($page - 1);
$url = $_page == 1 ? $home_url : str_replace('{destoon_page}', $_page, $demo_url);
$pages .= '<input type="hidden" id="des'.'toon_previous" value="'.$url.'"/><a href="'.$url.'" title="'.$L['prev_page'].'"> « </a> ';
for($_page = 1; $_page <= $total; $_page++) {
$url = $_page == 1 ? $home_url : str_replace('{destoon_page}', $_page, $demo_url);
$pages .= $page == $_page ? '<strong> '.$_page.' </strong> ' : ' <a href="'.$url.'"> '.$_page.' </a> ';
}
$_page = $page >= $total ? 1 : $page + 1;
$url = $_page == 1 ? $home_url : str_replace('{destoon_page}', $_page, $demo_url);
$pages .= '<a href="'.$url.'" title="'.$L['next_page'].'"> » </a> <input type="hidden" id="des'.'toon_next" value="'.$url.'"/>';
return $pages;
}
function linkurl($linkurl, $absurl = 1) {
global $CFG;
if($absurl) {
if(strpos($linkurl, '://') !== false) return $linkurl;
return strpos($linkurl, $CFG['path']) === 0 ? $CFG['url'].substr($linkurl, strlen($CFG['path'])) : $CFG['url'].$linkurl;
} else {
if(strpos($linkurl, '://') !== false) return strpos($linkurl, $CFG['url']) === 0 ? $CFG['path'].substr($linkurl, strlen($CFG['url'])) : $linkurl;
return strpos($linkurl, $CFG['path']) === 0 ? $linkurl : $CFG['path'].$linkurl;
}
}
function imgurl($imgurl = '', $absurl = 1) {
return $imgurl ? $imgurl : DT_SKIN.'image/nopic.gif';
}
function userurl($username, $qstring = '', $domain = '') {
global $CFG, $DT, $MODULE;
$URL = '';
$subdomain = 0;
if($CFG['com_domain']) $subdomain = substr($CFG['com_domain'], 0, 1) == '.' ? 1 : 2;
if($username) {
if($subdomain || $domain) {
$URL = $domain ? 'http://'.$domain.'/' : ($subdomain == 1 ? 'http://'.($DT['com_www'] ? 'www.' : '').$username.$CFG['com_domain'].'/' : 'http://'.$CFG['com_domain'].'/'.$username.'/');
if($qstring) {
parse_str($qstring, $q);
if(isset($q['file'])) {
$URL .= $CFG['com_dir'] ? $q['file'].'/' : 'company/'.$q['file'].'/';
unset($q['file']);
}
if($q) {
if($DT['rewrite']) {
foreach($q as $k=>$v) {
$v = rawurlencode($v);
$URL .= $k.'-'.$v.'-';
}
$URL = substr($URL, 0, -1).'.shtml';
} else {
$URL .= 'index.php?';
$i = 0;
foreach($q as $k=>$v) {
$v = rawurlencode($v);
$URL .= ($i++ == 0 ? '' : '&').$k.'='.$v;
}
}
}
}
} else if($DT['rewrite']) {
$URL = DT_PATH.'com/'.$username.'/';
if($qstring) {
parse_str($qstring, $q);
if(isset($q['file'])) {
$URL .= $CFG['com_dir'] ? $q['file'].'/' : 'company/'.$q['file'].'/';
unset($q['file']);
}
if($q) {
foreach($q as $k=>$v) {
$v = rawurlencode($v);
$URL .= $k.'-'.$v.'-';
}
$URL = substr($URL, 0, -1).'.html';
}
}
} else {
$URL = DT_PATH.'index.php?homepage='.$username;
if($qstring) $URL = $URL.'&'.$qstring;
}
} else {
$URL = linkurl($MODULE[4]['linkurl'], 1).'guest.php';
}
return $URL;
}
function userinfo($username, $cache = '', $fields = '*') {
global $db;
return $db->get_one("SELECT $fields FROM {$db->pre}member m, {$db->pre}company c WHERE m.userid=c.userid AND m.username='$username'", $cache);
}
function memberinfo($username, $cache = '', $fields = '*') {
global $db;
return $db->get_one("SELECT $fields FROM {$db->pre}member WHERE username='$username'", $cache);
}
function listurl($CAT, $page = 0) {
global $DT, $MOD, $L;
include DT_ROOT.'/api/url.inc.php';
$catid = $CAT['catid'];
$file_ext = $DT['file_ext'];
$index = $DT['index'];
$catdir = $CAT['catdir'];
$catname = file_vname($CAT['catname']);
$prefix = $MOD['htm_list_prefix'];
$urlid = $MOD['list_html'] ? $MOD['htm_list_urlid'] : $MOD['php_list_urlid'];
$ext = $MOD['list_html'] ? 'htm' : 'php';
isset($urls[$ext]['list'][$urlid]) or $urlid = 0;
$url = $urls[$ext]['list'][$urlid];
$url = $page ? $url['page'] : $url['index'];
eval("\$listurl = \"$url\";");
if(substr($listurl, 0, 1) == '/') $listurl = substr($listurl, 1);
return $listurl;
}
function itemurl($item, $page = 0) {
global $DT, $MOD, $L;
if($MOD['show_html'] && $item['filepath']) {
if($page === 0) return $item['filepath'];
$ext = file_ext($item['filepath']);
return str_replace('.'.$ext, '_'.$page.'.'.$ext, $item['filepath']);
}
include DT_ROOT.'/api/url.inc.php';
$file_ext = $DT['file_ext'];
$index = $DT['index'];
$itemid = $item['itemid'];
$title = file_vname($item['title']);
$addtime = $item['addtime'];
$catid = $item['catid'];
$year = date('Y', $addtime);
$month = date('m', $addtime);
$day = date('d', $addtime);
$prefix = $MOD['htm_item_prefix'];
$urlid = $MOD['show_html'] ? $MOD['htm_item_urlid'] : $MOD['php_item_urlid'];
$ext = $MOD['show_html'] ? 'htm' : 'php';
$alloc = dalloc($itemid);
$url = $urls[$ext]['item'][$urlid];
$url = $page ? $url['page'] : $url['index'];
if(strpos($url, 'cat') !== false && $catid) {
$cate = get_cat($catid);
$catdir = $cate['catdir'];
$catname = $cate['catname'];
}
eval("\$itemurl = \"$url\";");
if(substr($itemurl, 0, 1) == '/') $itemurl = substr($itemurl, 1);
return $itemurl;
}
function rewrite($url, $encode = 0) {
global $DT, $CFG;
if(!$DT['rewrite']) return $url;
if(strpos($url, '.php?') === false || strpos($url, '=') === false) return $url;
$url = str_replace(array('+', '-'), array('%20', '%20'), $url);
$url = str_replace(array('.php?', '&', '='), array('-htm-', '-', '-'), $url).'.html';
return $url;
}
function timetodate($time = 0, $type = 6) {
if(!$time) {global $DT_TIME; $time = $DT_TIME;}
$types = array('Y-m-d', 'Y', 'm-d', 'Y-m-d', 'm-d H:i', 'Y-m-d H:i', 'Y-m-d H:i:s');
if(isset($types[$type])) $type = $types[$type];
return date($type, $time);
}
function log_write($message, $type = 'php') {
global $DT_IP, $DT_TIME, $_username;
if(!DT_DEBUG) return;
$DT_IP or $DT_IP = get_env('ip');
$DT_TIME or $DT_TIME = time();
$user = $_username ? $_username : 'guest';
$log = "<$type>\n";
$log .= "\t<time>".date('Y-m-d H:i:s', $DT_TIME)."</time>\n";
$log .= "\t<ip>".$DT_IP."</ip>\n";
$log .= "\t<user>".$user."</user>\n";
$log .= "\t<file>".$_SERVER['SCRIPT_NAME']."</file>\n";
$log .= "\t<querystring>".str_replace('&', '&', $_SERVER['QUERY_STRING'])."</querystring>\n";
$log .= "\t<message>".$message."\t</message>\n";
$log .= "</$type>";
file_put(DT_ROOT.'/file/log/'.date('Ym', $DT_TIME).'/'.$type.'-'.date('Y.m.d H.i.s', $DT_TIME).'-'.strtolower(random(10)).'.xml', $log);
}
function load($file) {
$ext = file_ext($file);
if($ext == 'css') {
echo '<link rel="stylesheet" type="text/css" href="'.DT_SKIN.$file.'" />';
} else if($ext == 'js') {
echo '<script type="text/javascript" src="'.DT_PATH.'file/script/'.$file.'"></script>';
} else if($ext == 'htm') {
$file = str_replace('ad_m', 'ad_t6_m', $file);
if(is_file(DT_CACHE.'/htm/'.$file)) {
$content = file_get(DT_CACHE.'/htm/'.$file);
if(substr($content, 0, 4) == '<!--') $content = substr($content, 17);
echo $content;
} else {
echo '';
}
} else if($ext == 'lang') {
$file = str_replace('.lang', '.inc.php', $file);
return DT_ROOT.'/lang/'.DT_LANG.'/'.$file;
}
}
function ad($id, $cid = 0, $kw = '', $tid = 0) {
global $cityid;
if($tid) {
if($kw) {
$file = 'ad_t'.$tid.'_m'.$id.'_k'.urlencode($kw);
} else if($cid) {
$file = 'ad_t'.$tid.'_m'.$id.'_c'.$cid;
} else {
$file = 'ad_t'.$tid.'_m'.$id;
}
$a3 = 'ad_'.$id.'_d'.$tid.'.htm';
} else {
$file = 'ad_'.$id;
$a3 = 'ad_'.$id.'_d0.htm';
}
$a1 = $file.'_'.$cityid.'.htm';
if(is_file(DT_CACHE.'/htm/'.$a1)) return load($a1);
$a2 = $file.'_0.htm';
if(is_file(DT_CACHE.'/htm/'.$a2)) return load($a2);
if(is_file(DT_CACHE.'/htm/'.$a3)) return load($a3);
}
function lang($str, $arr = array()) {
if(strpos($str, '->') !== false) {
$t = explode('->', $str);
include load($t[0].'.lang');
$str = $L[$t[1]];
}
if($arr) {
foreach($arr as $k=>$v) {
$str = str_replace('{V'.$k.'}', $v, $str);
}
}
return $str;
}
function check_name($username) {
if(strpos($username, '__') !== false || strpos($username, '--') !== false) return false;
return preg_match("/^[a-z0-9]{1}[a-z0-9_\-]{0,}[a-z0-9]{1}$/", $username);
}
function check_post() {
if(strtoupper($_SERVER['REQUEST_METHOD']) != 'POST') return false;
return check_referer();
}
function check_referer() {
global $DT_REF, $CFG, $DT;
if($DT['check_referer']) {
if(!$DT_REF) return false;
$R = parse_url($DT_REF);
if($CFG['cookie_domain'] && strpos($R['host'], $CFG['cookie_domain']) !== false) return true;
if($CFG['com_domain'] && strpos($R['host'], $CFG['com_domain']) !== false) return true;
if($DT['safe_domain']) {
$tmp = explode('|', $DT['safe_domain']);
foreach($tmp as $v) {
if(strpos($R['host'], $v) !== false) return true;
}
}
$U = parse_url(DT_PATH);
if(strpos($R['host'], str_replace('www.', '.', $U['host'])) !== false) return true;
return false;
} else {
return true;
}
}
function is_robot() {
if(strpos($_SERVER['HTTP_USER_AGENT'], '://') === false && preg_match("/(MSIE|Netscape|Opera|Konqueror|Mozilla)/i", $_SERVER['HTTP_USER_AGENT'])) {
return false;
} else if(preg_match("/(Spider|Bot|Crawl|Slurp|lycos|robozilla)/i", $_SERVER['HTTP_USER_AGENT'])) {
return true;
} else {
return false;
}
}
function is_ip($ip) {
return preg_match("/^([0-9]{1,3}\.){3}[0-9]{1,3}$/", $ip);
}
function is_md5($password) {
return preg_match("/^[a-z0-9]{32}$/", $password);
}
function debug() {
global $db, $debug_starttime;
$mtime = explode(' ', microtime());
$s = number_format(($mtime[1] + $mtime[0] - $debug_starttime), 3);
echo 'Processed in '.$s.' second(s), '.$db->querynum.' queries';
if(function_exists('memory_get_usage')) echo ', Memory '.round(memory_get_usage()/1024/1024, 2).' M';
}
//For 3.x
function extendurl($func) {
global $MODULE, $EXT;
$key = $func.'_url';
return $EXT[$key] ? $EXT[$key] : $MODULE[1]['linkurl'].$func.'/';
}
function extend_setting($key = '') {
global $EXT;
return $key ? $EXT[$key] : $EXT;
}
?>
陳述
本文內容由網友自願投稿,版權歸原作者所有。本站不承擔相應的法律責任。如發現涉嫌抄襲或侵權的內容,請聯絡admin@php.cn
熱AI工具
Undresser.AI Undress
人工智慧驅動的應用程序,用於創建逼真的裸體照片
AI Clothes Remover
用於從照片中去除衣服的線上人工智慧工具。
Undress AI Tool
免費脫衣圖片
Clothoff.io
AI脫衣器
AI Hentai Generator
免費產生 AI 無盡。
熱門文章
R.E.P.O.能量晶體解釋及其做什麼(黃色晶體)
1 個月前By尊渡假赌尊渡假赌尊渡假赌
R.E.P.O.最佳圖形設置
1 個月前By尊渡假赌尊渡假赌尊渡假赌
刺客信條陰影:貝殼謎語解決方案
3 週前ByDDD
Windows 11 KB5054979中的新功能以及如何解決更新問題
2 週前ByDDD
威爾R.E.P.O.有交叉遊戲嗎?
1 個月前By尊渡假赌尊渡假赌尊渡假赌
熱工具
Dreamweaver CS6
視覺化網頁開發工具
Atom編輯器mac版下載
最受歡迎的的開源編輯器
禪工作室 13.0.1
強大的PHP整合開發環境
SublimeText3 Mac版
神級程式碼編輯軟體(SublimeText3)
DVWA
Damn Vulnerable Web App (DVWA) 是一個PHP/MySQL的Web應用程序,非常容易受到攻擊。它的主要目標是成為安全專業人員在合法環境中測試自己的技能和工具的輔助工具,幫助Web開發人員更好地理解保護網路應用程式的過程,並幫助教師/學生在課堂環境中教授/學習Web應用程式安全性。 DVWA的目標是透過簡單直接的介面練習一些最常見的Web漏洞,難度各不相同。請注意,該軟體中
