├── ecmsapi
├── _cache
│ └── README.txt
├── _common
│ ├── function.php
│ └── conf.php
├── _mod
│ └── README.txt
├── _temp
│ └── README.txt
├── _src
│ └── README.txt
├── _addons
│ └── api_management
│ │ └── _admin
│ │ ├── act
│ │ ├── api
│ │ │ ├── delete.php
│ │ │ └── edit.php
│ │ ├── mod.php
│ │ ├── api.php
│ │ ├── mod
│ │ │ ├── delete.php
│ │ │ ├── function.php
│ │ │ ├── index.php
│ │ │ └── edit.php
│ │ ├── power.php
│ │ ├── function.php
│ │ └── index.php
│ │ ├── common.php
│ │ └── ace.js.php
├── _class
│ ├── cache
│ │ ├── CacheYac.php
│ │ ├── CacheRedis.php
│ │ └── CacheFile.php
│ ├── EapiCache.php
│ ├── EapiToken.php
│ ├── EapiCheck.php
│ ├── EapiView.php
│ ├── EapiAddons.php
│ ├── EapiFun.php
│ ├── EapiDb.php
│ ├── EapiUpload.php
│ ├── EapiFile.php
│ ├── EapiUser.php
│ └── EapiTable.php
├── _extend
│ ├── EapiExtendBaijiahao.php
│ ├── EapiExtendGzh.php
│ ├── fpay
│ │ └── FpayXunhu.php
│ └── EapiExtendFpay.php
├── index.php
└── EcmsApi.php
├── .DS_Store
├── README.md
├── LICENSE.md
└── e
└── admin
└── ecmsapi
└── index.php
/ecmsapi/_cache/README.txt:
--------------------------------------------------------------------------------
1 | 缓存目录,需可读写权限
--------------------------------------------------------------------------------
/ecmsapi/_common/function.php:
--------------------------------------------------------------------------------
1 | 'mod',
4 | 'act' => 'act',
5 | );
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # 在线文档
2 |
3 | 文档地址:[https://ecms.maiyapai.com/](https://ecms.maiyapai.com/)
4 |
5 | # v0.x版本(非BUG不再维护)
6 |
7 | 旧的版本 https://github.com/fonhen/dgapi
8 |
--------------------------------------------------------------------------------
/ecmsapi/_addons/api_management/_admin/act/api/delete.php:
--------------------------------------------------------------------------------
1 |
17 |
--------------------------------------------------------------------------------
/ecmsapi/_addons/api_management/_admin/act/mod.php:
--------------------------------------------------------------------------------
1 | get('name' , '' , 'trim');
6 |
7 | // 获取操作方式
8 | $do = $api->get('do' , 'index' , 'trim');
9 |
10 | $mods = adminGetApiModByName();
11 |
12 | if($do !== 'edit' && $name === ''){
13 | printerror2('未指定模块名称');
14 | }
15 |
16 | if($name !== '' && !isset($mods[$name])){
17 | printerror2('指定模块不存在');
18 | }
19 |
20 |
21 |
22 |
23 | // 获取当前模型的信息
24 | $mod = $name !== '' ? $mods[$name] : [
25 | 'name' => '',
26 | 'open' => 1,
27 | 'description' => '',
28 | 'list' => []
29 | ];
30 |
31 |
32 | $file = __DIR__ . '/mod/' . $do . '.php';
33 |
34 | if(is_file($file)){
35 | include($file);
36 | }else{
37 | printerror2('参数错误');
38 | }
39 |
40 |
41 | ?>
--------------------------------------------------------------------------------
/ecmsapi/_addons/api_management/_admin/act/api.php:
--------------------------------------------------------------------------------
1 | get('m' , '' , 'trim');
6 |
7 | if($m === ''){
8 | printerror2('未指定模块名称');
9 | }
10 |
11 | // 获取接口名称
12 | $name = $api->get('name' , '' , 'trim');
13 |
14 | // 获取操作方式
15 | $do = $api->get('do' , 'index' , 'trim');
16 |
17 |
18 | $mods = adminGetApiModByName($m);
19 |
20 | if(!isset($mods[$m])){
21 | printerror2('指定模块不存在');
22 | }
23 |
24 | // 获取当前模型的信息
25 | $mod = $mods[$m];
26 |
27 |
28 | if($name !== '' && !isset($mod['list'][$name])){
29 | printerror2('指定接口不存在');
30 | }
31 |
32 | // 获取当前模块下的接口
33 | $apiList = $mod['list'];
34 |
35 |
36 | // 当前模型的路径
37 | $modDir = ECMS_PATH . 'ecmsapi/_mod/' . $m . '/';
38 |
39 |
40 | $file = __DIR__ . '/api/' . $do . '.php';
41 |
42 | if(is_file($file)){
43 | include($file);
44 | }else{
45 | printerror2('参数错误');
46 | }
--------------------------------------------------------------------------------
/ecmsapi/_addons/api_management/_admin/act/mod/delete.php:
--------------------------------------------------------------------------------
1 | cachepre = isset($conf['cachepre']) ? $conf['cachepre'] : 'ecmsapi_';
11 | $this->yac = new Yac($this->cachepre);
12 | }
13 | public function connect(){
14 |
15 | }
16 | public function set($k, $v, $life) {
17 | return $this->yac->set($k, $v, $life);
18 | }
19 | public function get($k) {
20 | $r = $this->yac->get($k);
21 | if($r === false) $r = null;
22 | return $r;
23 | }
24 | public function delete($k) {
25 | return $this->yac->delete($k);
26 | }
27 | public function truncate() {
28 | $this->yac->flush();
29 | return true;
30 | }
31 | public function getError(){
32 | return $this->error;
33 | }
34 | public function __destruct() {
35 |
36 | }
37 | }
38 | ?>
--------------------------------------------------------------------------------
/LICENSE.md:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2018 fonhen
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/ecmsapi/_class/EapiCache.php:
--------------------------------------------------------------------------------
1 | api = $api;
13 | if(!empty($type) && is_string($type)){
14 | $this->type = trim($type);
15 | }
16 | }
17 |
18 | public function get($name)
19 | {
20 | return $this->cache($this->type)->get($name);
21 | }
22 |
23 | public function set($name , $value , $time = 0)
24 | {
25 | return $this->cache($this->type)->set($name , $value , $time);
26 | }
27 |
28 | public function delete($name)
29 | {
30 | return $this->cache($this->type)->delete($name);
31 | }
32 |
33 | public function truncate()
34 | {
35 | return $this->cache($this->type)->truncate();
36 | }
37 |
38 | public function cache($name , $conf = [] , $cache = true)
39 | {
40 | $this->type = $name;
41 | $className = 'Cache'.ucfirst($name);
42 | if(!class_exists($className , false)){
43 | require( dirname(__FILE__) . '/cache/'.$className.'.php');
44 | }
45 | if(false === $cache){
46 | return new $className($conf);
47 | }else{
48 | if(!isset($this->classCache[$name])){
49 | $this->classCache[$name] = new $className($conf);
50 | }
51 | return $this->classCache[$name];
52 | }
53 | }
54 |
55 |
56 | }
--------------------------------------------------------------------------------
/e/admin/ecmsapi/index.php:
--------------------------------------------------------------------------------
1 | get('addons' , '' , 'trim');
28 |
29 | // 当前插件的控制器文件
30 | $act = $api->get('act' , 'index' , 'trim');
31 |
32 | // 插件当前链接
33 | $addonLink = 'index.php' . $ecms_hashur['whehref'] . '&addons=' . $addonName;
34 |
35 | try{
36 | // 获取当前插件对象
37 | $addonClass = $api->load('addons' , $addonName , false);
38 | }catch(Exception $e){
39 | printerror2($e->getMessage());
40 | }
41 |
42 | $addonFolder = $addonClass->getAdminFolder();
43 | $addonFolderLink = $addonClass->getAdminFolderLink();
44 |
45 | $commonFile = $addonFolder . 'common.php';
46 | if(is_file($commonFile)){
47 | include $commonFile;
48 | }
49 |
50 | $filepath = $addonFolder . '/act/'.$act.'.php';
51 |
52 | if(is_file($filepath)){
53 | include($filepath);
54 | }else{
55 | printerror2('参数错误');
56 | }
57 |
58 | db_close();
59 | $empire=null;
60 | ?>
--------------------------------------------------------------------------------
/ecmsapi/_addons/api_management/_admin/ace.js.php:
--------------------------------------------------------------------------------
1 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
61 |
--------------------------------------------------------------------------------
/ecmsapi/_class/cache/CacheRedis.php:
--------------------------------------------------------------------------------
1 | config = array_merge([
11 | 'port' => 6379,
12 | 'host' => '127.0.0.1',
13 | 'auth' => '',
14 | 'pre' => 'ecmsapi_'
15 | ] , $conf);
16 |
17 | try {
18 | if(!extension_loaded("Redis")){
19 | throw new \Exception("请先安装Redis扩展");
20 | }
21 | $this->redis = new \Redis();
22 | $this->redis->connect($this->config['host'], $this->config['post']);
23 | if($this->config['auth'] && !$this->redis->auth($this->config['auth'])){
24 | throw new \Exception("请使用正确的auth");
25 | }
26 | }catch (\Exception $e){
27 | exit('Redis: '.$e->getMessage());
28 | }
29 | }
30 |
31 |
32 | public function get($name = ''){
33 | $name = $this->name($name);
34 | $value = $this->redis->get($name);
35 | return false === $value ? NULL : unserialize($value);
36 | }
37 |
38 | public function set($name = '' , $value = '' , $time = 0){
39 | $name = $this->name($name);
40 | $value = serialize($value);
41 | $result = $this->redis->set($name , $value);
42 | if($time > 0 && $result){
43 | $this->redis->expire($name , $time);
44 | }
45 | return $result;
46 | }
47 |
48 | public function delete($name = ''){
49 | $name = $this->name($name);
50 | return $this->redis->del($name);
51 | }
52 |
53 | public function truncate(){
54 | $keys = $this->redis->keys($this->name('*'));
55 | foreach($keys as $key){
56 | $this->redis->del($key);
57 | }
58 | return true;
59 | }
60 |
61 | public function getError(){
62 | return $this->error;
63 | }
64 |
65 | protected function name($name = ''){
66 | return $this->config['pre'].$name;
67 | }
68 |
69 |
70 |
71 |
72 |
73 | }
--------------------------------------------------------------------------------
/ecmsapi/_extend/EapiExtendBaijiahao.php:
--------------------------------------------------------------------------------
1 | '',
6 | 'app_token' => ''
7 | );
8 |
9 | protected $uri = 'https://baijiahao.baidu.com/builderinner/open/resource/';
10 |
11 | protected $api = null;
12 |
13 | public function __construct($config = [] , $api = null){
14 | $this->config = array_merge($this->config, $config);
15 | $this->api = $api;
16 | }
17 |
18 | public function setOption($name = '' , $value = '')
19 | {
20 | if(is_array($name)){
21 | $this->config = array_merge($this->config, $name);
22 | }else if(is_string($name) && isset($this->config[$name])){
23 | $this->config[$name] = $value;
24 | }
25 | return $this;
26 | }
27 |
28 | public function curl($uri , $data)
29 | {
30 | $ch = curl_init();
31 | curl_setopt($ch, CURLOPT_URL, $uri);
32 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
33 | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
34 | curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
35 | curl_setopt($ch, CURLOPT_POST, 1);
36 | curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
37 | $output = curl_exec($ch);
38 | curl_close($ch);
39 | $json = json_decode($output , true);
40 | if($json && isset($json['errno'])){
41 | return $json;
42 | }else{
43 | return null;
44 | }
45 | }
46 |
47 | public function appid($data = [])
48 | {
49 | $conf = [
50 | 'app_id' => $this->config['app_id'],
51 | 'app_token' => $this->config['app_token']
52 | ];
53 | return array_merge($conf , $data);
54 | }
55 |
56 | /*
57 | * 获取接口数据
58 | * @param $name 接口类型 通过 https://baijiahao.baidu.com/docs/#/normalcomplex/developer/serviceIntroduction 查询
59 | * @param $data 接口数据 无需传 app_id 与 app_token
60 | * @return Array
61 | */
62 | public function query($name = '' , $data = [])
63 | {
64 | $data = $this->appid($data);
65 | $uri = $this->uri . $name;
66 | return $this->curl($uri , $data);
67 | }
68 | }
--------------------------------------------------------------------------------
/ecmsapi/_addons/api_management/_admin/act/power.php:
--------------------------------------------------------------------------------
1 | isPost()){
5 |
6 | $gids = $api->post('gid');
7 |
8 | if(empty($gids)){
9 | printerror2('请至少设置一个管理组');
10 | }
11 |
12 | if(!is_array($gids)){
13 | printerror2('非法操作');
14 | }
15 |
16 | $temp = [];
17 | foreach($gids as $v){
18 | $temp[] = (int)$v;
19 | }
20 |
21 | if(false === file_put_contents($adminApiInstall , implode(',' , $temp))){
22 | printerror2('设置失败,请检查权限。');
23 | }
24 | printerror2('设置成功');
25 | }
26 |
27 |
28 |
29 | $sql = $empire->query("select groupid,groupname from {$dbtbpre}enewsgroup order by groupid limit 100");
30 | ?>
31 |
32 |
33 |
34 |
35 | API管理
36 |
37 |
38 |
39 |
40 |
41 | |
42 | 位置:API管理 > 权限管理
43 | |
44 |
45 |
46 |
71 |
72 |
--------------------------------------------------------------------------------
/ecmsapi/_addons/api_management/_admin/act/function.php:
--------------------------------------------------------------------------------
1 | isPost()){
14 | $code = $api->post('code' , '' , 'trim');
15 | $code = htmlspecialchars_decode($code);
16 |
17 | $result = file_put_contents($functionFile , $code);
18 |
19 | if(false === $result){
20 | printerror2('请检查 _common 目录权限是否可写');
21 | }else{
22 | printerror2('操作成功');
23 | }
24 |
25 | }
26 |
27 | $code = file_get_contents($functionFile);
28 | if(false === $code){
29 | printerror2('请检查_common 目录权限是否可读');
30 | }
31 |
32 |
33 | ?>
34 |
35 |
36 |
37 |
38 | API管理
39 |
40 |
41 |
42 |
43 |
44 | |
45 | 位置:API管理 > 全局自定义函数库
46 | |
47 |
48 |
49 |
69 |
72 |
73 |
--------------------------------------------------------------------------------
/ecmsapi/_class/cache/CacheFile.php:
--------------------------------------------------------------------------------
1 | dir = $dir;
13 | if(isset($conf['pre'])){
14 | $this->pre = $conf['pre'];
15 | }
16 | }
17 |
18 | public function connect(){
19 |
20 | }
21 |
22 | public function set($name, $value, $time = 0) {
23 | $data = [
24 | 'timeout' => $time,
25 | 'ctime' => time(),
26 | 'value' => $value
27 | ];
28 | return file_put_contents($this->filepath($name) , serialize($data));
29 | }
30 |
31 | public function get($name) {
32 | $file = $this->filepath($name);
33 |
34 | if(!is_file($file)){
35 | return null;
36 | }
37 | $code = file_get_contents($file);
38 | if(false === $code){
39 | $this->error = '权限不足';
40 | return null;
41 | }
42 | $data = unserialize($code);
43 | if(empty($data) || !isset($data['timeout'])){
44 | unlink($file);
45 | return null;
46 | }
47 | if($data['timeout'] !== 0 && time() - $data['timeout'] > $data['ctime']){
48 | unlink($file);
49 | return null;
50 | }else{
51 | return $data['value'];
52 | }
53 | }
54 |
55 | public function delete($name) {
56 | return unlink($this->filepath($name));
57 | }
58 |
59 | public function truncate(){
60 | $dh=opendir($this->dir);
61 | while ($file=readdir($dh)) {
62 | if($file!="." && $file!="..") {
63 | $filepath = $this->dir . "/" . $file;
64 | if(!is_dir($filepath)) {
65 | unlink($filepath);
66 | }
67 | }
68 | }
69 | closedir($dh);
70 | return true;
71 | }
72 |
73 | public function getError(){
74 | return $this->error;
75 | }
76 |
77 | protected function filepath($name)
78 | {
79 | return $this->dir . md5($this->pre.$name) . '.cache';
80 | }
81 |
82 | }
83 | ?>
--------------------------------------------------------------------------------
/ecmsapi/_addons/api_management/_admin/act/mod/function.php:
--------------------------------------------------------------------------------
1 | isPost()){
14 | $code = $api->post('code' , '' , 'trim');
15 | $code = htmlspecialchars_decode($code);
16 |
17 | $result = file_put_contents($functionFile , $code);
18 |
19 | if(false === $result){
20 | printerror2('请检查 _mod 目录权限是否可写');
21 | }else{
22 | printerror2('操作成功');
23 | }
24 |
25 | }
26 |
27 | $code = file_get_contents($functionFile);
28 | if(false === $code){
29 | printerror2('请检查 _mod 目录权限是否可读');
30 | }
31 |
32 |
33 | ?>
34 |
35 |
36 |
37 |
38 | API管理
39 |
40 |
41 |
42 |
43 |
44 | |
45 | 位置:API管理 > > 自定义函数库
46 | |
47 |
48 |
49 |
69 |
72 |
73 |
--------------------------------------------------------------------------------
/ecmsapi/_class/EapiToken.php:
--------------------------------------------------------------------------------
1 | 'token',
8 | 'time' => 'time',
9 | 'timeout' => 600,
10 | 'key' => 'ecmsapitoken'
11 | ];
12 |
13 | public function __construct($conf = [] , $api)
14 | {
15 | $this->api = $api;
16 | $this->config = array_merge($this->config, $conf);
17 | }
18 |
19 | public function getOption($name = '')
20 | {
21 | if(empty($name)){
22 | return $this->config;
23 | }else{
24 | return isset($this->config[$name]) ? $this->config[$name] : null;
25 | }
26 | }
27 |
28 | public function setOption($name = '' , $value = '')
29 | {
30 | if(is_array($name)){
31 | $this->config = array_merge($this->config, $name);
32 | }elseif(is_string($name) && isset($this->config[$name])){
33 | $this->config[$name] = $value;
34 | }
35 | return $this;
36 | }
37 |
38 | public function param($param = null , $type = true)
39 | {
40 | $param = !is_array($param) ? $_REQUEST : $param;
41 | if(true === $type && isset($param[$this->config['token']])){
42 | unset($param[$this->config['token']]);
43 | }
44 | return $param;
45 | }
46 |
47 | public function build($param = null)
48 | {
49 | $param = $this->param($param);
50 | ksort($param);
51 | return md5($this->query($param , false) . '&token=' . $this->config['key']);
52 | }
53 |
54 | public function query($param = null , $type = true)
55 | {
56 | $param = $this->param($param);
57 | $str = '';
58 | foreach($param as $k=>$v){
59 | $str .= $str ? '&'.$k.'='.$v : $k.'='.$v;
60 | }
61 | if(true === $type){
62 | $str .= '&'.$this->config['token'].'='.$this->build($param);
63 | }
64 | return $str;
65 | }
66 |
67 | public function check($param = null){
68 | $param = $this->param($param , false);
69 | $token = isset($param[$this->config['token']]) ? $param[$this->config['token']] : '';
70 | $time = isset($param[$this->config['time']]) ? (int)$param[$this->config['time']] : 0;
71 | if($time > 0 && !empty($token) && $this->build($param) === $token){
72 | return time() - $time <= $this->config['timeout'] ? 1 : -1;
73 | }else{
74 | return 0;
75 | }
76 | }
77 | }
--------------------------------------------------------------------------------
/ecmsapi/_class/EapiCheck.php:
--------------------------------------------------------------------------------
1 | api = $api;
10 | }
11 |
12 | // 对官方验证码的验证 1:成功 , -1:超时 0:失败
13 | public function code($name , $val = '' , $ecms = 0)
14 | {
15 | global $public_r;
16 | list($cktime , $pass , $code) = explode(',',getcvar($name , $ecms));
17 | $time = time();
18 | if($cktime > $time || $time - $cktime > $public_r['keytime']*60){
19 | return -1;
20 | }
21 | $checkpass=md5('d!i#g?o-d-'.md5(md5($name.'E.C#M!S^e-'.$val).'-E?m!P.i#R-e'.$cktime).$public_r['keyrnd'].'P#H!o,m^e-e');
22 | if( empty($val) || $checkpass !== $pass ){
23 | return 0;
24 | }else{
25 | return 1;
26 | }
27 | }
28 |
29 | //时间验证
30 | public function timeclosedo($ecms){
31 | global $public_r;
32 | if(stristr($public_r['timeclosedo'],','.$ecms.',') && strstr($public_r['timeclose'],','.date('G').',')){
33 | return false;
34 | }
35 | return true;
36 | }
37 |
38 | //IP验证
39 | public function ip($doing){
40 | global $public_r;
41 | $pr = $this->api->load('db')->one('[!db.pre!]enewspublic' , 'opendoip,closedoip,doiptype' , '1=1');
42 | if(!strstr($pr['doiptype'],','.$doing.',')){
43 | return true;
44 | }
45 | $userip=egetip();
46 | //允许IP
47 | if($pr['opendoip']){
48 | $close=1;
49 | foreach(explode("\n",$pr['opendoip']) as $ctrlip){
50 | if(preg_match("/^(".preg_quote(($ctrlip=trim($ctrlip)),'/').")/",$userip)){
51 | $close=0;
52 | break;
53 | }
54 | }
55 | if($close==1){
56 | return false;
57 | }
58 | }
59 | //禁止IP
60 | if($pr['closedoip']){
61 | foreach(explode("\n",$pr['closedoip']) as $ctrlip){
62 | if(preg_match("/^(".preg_quote(($ctrlip=trim($ctrlip)),'/').")/",$userip)){
63 | return false;
64 | }
65 | }
66 | }
67 | return true;
68 | }
69 |
70 | //来源验证
71 | public function posturl(){
72 | global $public_r;
73 | if($public_r['canposturl']){
74 | $r=explode("\r\n",$public_r['canposturl']);
75 | $count=count($r);
76 | $b=0;
77 | for($i=0;$i<$count;$i++){
78 | if(strstr($_SERVER['HTTP_REFERER'],$r[$i])){
79 | $b=1;
80 | break;
81 | }
82 | }
83 | if($b==0){
84 | return false;
85 | }
86 | }
87 | return true;
88 | }
89 |
90 | }
--------------------------------------------------------------------------------
/ecmsapi/_addons/api_management/_admin/act/index.php:
--------------------------------------------------------------------------------
1 |
7 |
8 |
9 |
10 |
11 | API接口管理 - 管理中心
12 |
13 |
21 |
22 |
23 |
24 |
25 |
26 | |
27 | 位置:API管理 > 管理首页
28 | |
29 |
30 |
37 | |
38 |
39 |
40 |
41 |
42 |
49 | $r):?>
50 |
53 |
54 | |
55 | |
56 | |
57 | |
58 |
59 | 管理
60 |
61 | 编辑
62 |
63 | 删除
64 | |
65 |
66 |
67 |
68 |
69 |
70 | |
71 | 当前没有可管理的模块
72 | |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
--------------------------------------------------------------------------------
/ecmsapi/_class/EapiView.php:
--------------------------------------------------------------------------------
1 | '',
8 | 'pagekey' => '',
9 | 'pagedes' => ''
10 | ];
11 | protected $conf = [];
12 |
13 | public function __construct($conf = [] , $api)
14 | {
15 | $this->api = $api;
16 | $this->conf = $conf;
17 | }
18 |
19 | public function assign($name = '' , $value = null)
20 | {
21 | if(is_array($name)){
22 | $this->assign = array_merge($this->assign , $name);
23 | }else if(is_string($name)){
24 | $name = trim($name);
25 | if($name !== ''){
26 | $this->assign[$name] = $value;
27 | }
28 | }
29 | return $this;
30 | }
31 |
32 | // 获取模板内容
33 | protected function text($tempid = 0)
34 | {
35 | $v = $this->api->load('db')->one('[!db.pre!]enewsclasstemp' , '*' , 'tempid='.$tempid);
36 | return false !== $v ? $v['temptext'] : '';
37 | }
38 |
39 | // 替换公共变量
40 | protected function replaceVars($text)
41 | {
42 | global $public_r;
43 | $text = str_replace('[!--news.url--]', $public_r['newsurl'], $text);
44 | $text = str_replace('[!--pagetitle--]' , $this->assign['pagetitle'] , $text);
45 | $text = str_replace('[!--pagekey--]' , $this->assign['pagekey'] , $text);
46 | $text = str_replace('[!--pagedes--]' , $this->assign['pagedes'] , $text);
47 | $text = stripSlashes($text);
48 | return $text;
49 | }
50 |
51 |
52 | public function view($tempid = 0 , $cachetime = 0, $assign = []){
53 | global $link,$empire,$dbtbpre,$public_r,$public_diyr,$class_r,$class_tr,$class_zr,$level_r,$enews_r,$fun_r,$message_r,$qmessage_r,$ecms_config,$emod_r,$emod_pubr,$etable_r;
54 | $_templateFile = ECMS_PATH . 'e/data/tmp/dt_tempclasstemp'.$tempid.'.php';
55 | // 缓存文件
56 | if(!file_exists($_templateFile)){
57 | $text = $this->text($tempid);
58 | $text=stripSlashes($text);
59 | $text=ReplaceTempvar($text);//替换全局模板变量
60 | //替换标签
61 | $text=DoRepEcmsLoopBq($text);
62 | $text=RepBq($text);
63 | //写文件
64 | WriteFiletext($_templateFile,AddCheckViewTempCode().$text);
65 | unset($text);
66 | }
67 | // 兼容之前(包含cachetime)的参数写法
68 | if(is_array($cachetime)){
69 | $assign = $cachetime;
70 | }
71 | $this->assign($assign);
72 | unset($tempid);
73 | unset($cachetime);
74 | unset($assign);
75 | extract($this->assign);
76 | $api = $this->api; // 将api释放到模板
77 | //读取文件内容
78 | ob_start();
79 | include($_templateFile);
80 | $string = ob_get_contents();
81 | ob_end_clean();
82 | $string = RepExeCode($string);//解析代码
83 | $string = $this->replaceVars($string);
84 | return $string;
85 | }
86 | }
--------------------------------------------------------------------------------
/ecmsapi/_addons/api_management/_admin/act/mod/index.php:
--------------------------------------------------------------------------------
1 |
7 |
8 |
9 |
10 |
11 |
12 | API管理
13 |
14 |
22 |
23 |
24 |
25 |
26 | |
27 | 位置:API管理 > > 接口列表
28 | |
29 |
30 |
35 | |
36 |
37 |
38 |
39 |
40 |
41 |
49 | $v):?>
50 |
51 |
52 | | [预览] |
53 | |
54 | |
55 | |
56 | |
57 |
58 | 编辑
59 |
60 | 删除
61 | |
62 |
63 |
64 |
65 |
66 |
67 | |
68 | 当前没有接口
69 | |
70 |
71 |
72 |
73 |
74 |
75 |
76 | 注:预览功能,仅仅只是简单的仿问到模块的接口上,其它参数请自行拼写
77 |
78 |
79 |
--------------------------------------------------------------------------------
/ecmsapi/index.php:
--------------------------------------------------------------------------------
1 | json(['code' => $code , 'message' => $message , 'data' => $data]);
30 | }
31 | }
32 |
33 |
34 | $link = db_connect();
35 | $empire = new mysqlquery();
36 | $api = new EcmsApi();
37 |
38 |
39 | define('ECMSAPI_MOD' , strtolower($api->param('mod' , '' , 'trim')));
40 | define('ECMSAPI_ACT' , strtolower($api->param('act' , '' , 'trim')));
41 | define('ECMSAPI_ADDON' , strtolower($api->param('addon' , '' , 'trim')));
42 |
43 | if(ECMSAPI_ADDON === '' && (ECMSAPI_MOD === '' || ECMSAPI_ACT === '')){
44 | api_die('参数错误');
45 | }
46 |
47 | // 支持命名空间,自动加载
48 | spl_autoload_register(function($name){
49 | $autoLoadPath = ECMS_PATH . 'ecmsapi/' (ECMSAPI_ADDON === '' ? '_mod/' . ECMSAPI_MOD : '_addons/' . ECMSAPI_ADDON) . '/_src/';
50 | $file = $autoLoadPath . str_replace('\\' , DIRECTORY_SEPARATOR , $name) . '.php';
51 | if(file_exists($file)){
52 | include($file);
53 | }
54 | });
55 |
56 | if(ECMSAPI_ADDON === ''){
57 |
58 | require('./_common/function.php');
59 | $modConf = api_mod_conf(ECMSAPI_MOD);
60 | if(false === $modConf){
61 | api_die('模块加载出错');
62 | }
63 | if(!$modConf['open']){
64 | api_die('模块禁止访问');
65 | }
66 |
67 | if(!isset($modConf['list'][ECMSAPI_ACT])){
68 | api_die('方法'.ECMSAPI_ACT.'未定义');
69 | }
70 | if(!$modConf['list'][ECMSAPI_ACT]['open']){
71 | api_die('方法'.ECMSAPI_ACT.'已禁用');
72 | }
73 | $actPath = './_mod/'.ECMSAPI_MOD.'/'.ECMSAPI_ACT.'.php';
74 | if(!is_file($actPath)){
75 | api_die('方法'.ECMSAPI_ACT.'加载出错');
76 | }
77 | $funPath = './_mod/'.ECMSAPI_MOD.'/_function.php';
78 | if(is_file($funPath)){
79 | require($funPath);
80 | }
81 | require($actPath);
82 |
83 | }else{
84 |
85 | // 插件方式
86 | try{
87 | $addonClass = $api->load('addons' , ECMSAPI_ADDON , false);
88 | $runFile = $addonClass->path('_home/_run.php');
89 | }catch(Exception $e){
90 | api_die($e->getMessage());
91 | }
92 |
93 | if(!is_file($runFile)){
94 | api_die('插件'.ECMSAPI_ADDON.'加载出错');
95 | }
96 |
97 | require($runFile);
98 |
99 |
100 | }
101 |
102 | db_close();
103 | $empire = null;
104 | $api = null;
--------------------------------------------------------------------------------
/ecmsapi/_addons/api_management/_admin/act/mod/edit.php:
--------------------------------------------------------------------------------
1 | isPost()){
5 |
6 | $key = $api->post('key' , '' , 'trim');
7 |
8 |
9 | $mod['name'] = $api->post('name' , '' , 'trim');
10 | if($mod['name'] === ''){
11 | printerror2('模块名称不能为空');
12 | }
13 |
14 | if($key === ''){
15 | printerror2('模块标记不能为空');
16 | }
17 |
18 | $key = strtolower($key);
19 |
20 | if(!preg_match("/^[a-z0-9]+$/" , $key)){
21 | printerror2('模块标记只能由字母与数字组成');
22 | }
23 |
24 | if($key !== $name && isset($mods[$key])){
25 | printerror2('模块标记已被占用');
26 | }
27 |
28 |
29 | $path = ECMS_PATH . 'ecmsapi/_mod/';
30 |
31 | if($key !== $name){
32 | if($name === ''){
33 | $result = mkdir($path . $key , 0777);
34 | }else{
35 | $result = rename($path . $name , $path . $key);
36 | }
37 | if(false === $result){
38 | printerror2('模块目录保存失败 请检查 _mod 目录权限');
39 | }
40 | }
41 |
42 | $mod['description'] = $api->post('description' , '' , 'trim');
43 | $mod['open'] = $api->post('open' , 0 , 'intval');
44 |
45 |
46 | $result = adminBuildConfig($path . $key . '/_conf.php' , $mod);
47 |
48 | if(false === $result){
49 | printerror2('操作失败 请检查 _mod 目录权限');
50 | }else{
51 | printerror2('操作成功' , $addonLink);
52 | }
53 | }
54 |
55 | ?>
56 |
57 |
58 |
59 |
60 | 接口管理
61 |
62 |
63 |
64 |
65 |
66 | |
67 | 位置:API管理 >
68 | |
69 |
70 |
71 |
100 |
101 |
102 |
--------------------------------------------------------------------------------
/ecmsapi/_class/EapiAddons.php:
--------------------------------------------------------------------------------
1 | api = $api;
11 | $this->name($name);
12 | }
13 |
14 | protected function dir()
15 | {
16 | $dir = __DIR__ . '/../_addons/';
17 | return realpath($dir);
18 | }
19 |
20 | protected function getPath($path = '')
21 | {
22 |
23 | if($path === ''){
24 | return $path;
25 | }
26 |
27 | $path = str_replace('\\' , '/' , $path);
28 |
29 | while(false !== strpos($path , './')){
30 | $path = str_replace('./' , '/' , $path);
31 | }
32 | while(false !== strpos($path , '//')){
33 | $path = str_replace('//' , '/' , $path);
34 | }
35 |
36 | $path = trim(trim($path) , '/');
37 |
38 | return $path;
39 | }
40 |
41 | // 设置插件名称
42 | public function name($name = null)
43 | {
44 | if(null === $name){
45 | return $this->name;
46 | }
47 | $this->name = $this->getPath($name);
48 |
49 | if($this->name === ''){
50 | throw new \Exception("请指定插件名称");
51 | }
52 | return $this;
53 | }
54 |
55 | // 创建配置目录
56 | public function mkdir($path = '')
57 | {
58 | $dir = $this->path($path);
59 | if(!is_dir($dir)){
60 | mkdir($dir , 0777 , true);
61 | }
62 | return realpath($dir);
63 | }
64 |
65 | // 删除配置目录
66 | public function rmdir($path = '')
67 | {
68 | $path = $this->getPath($path);
69 | $dir = $this->dir() . '/' . $this->name . '/' . $path;
70 | $dh = opendir($dir);
71 | while ($v = readdir($dh) ) {
72 | if($v == '.' || $v == '..'){
73 | continue;
74 | }
75 | $file = $dir . "/" . $v;
76 | if(is_dir($file)){
77 | $this->rmdir($path . '/' . $v);
78 | }else{
79 | unlink($file);
80 | }
81 | }
82 | rmdir($dir);
83 | closedir($dh);
84 | }
85 |
86 | public function path($file = '')
87 | {
88 | $file = $this->getPath($file);
89 | return $this->dir() . '/' . $this->name . ( $file !=='' ? '/' . $file : '');
90 | }
91 |
92 |
93 | // 生成或读取配置文件
94 | public function config($name = null , $value = null)
95 | {
96 | $configDir = $this->mkdir('_config');
97 | if(false === $configDir){
98 | throw new \Exception("请检查 _config 目录权限");
99 | }
100 | if(!is_string($name)){
101 | $files = glob($configDir . '/*.config.php');
102 | $config = [];
103 | foreach($files as $file){
104 | $key = basename($file);
105 | $key = substr($key , 0 , strlen($key) - 11);
106 | $config[$key] = require($file);
107 | }
108 | return $config;
109 | }
110 |
111 | $file = $configDir . '/' . $name . '.config.php';
112 |
113 | if(null === $value){
114 | return is_file($file) ? require($file) : [];
115 | }else if(is_array($value)){
116 | $content = "dir() . '/' . $this->name . '/_admin/';
128 | }
129 |
130 | // 获取后台目录相对链接
131 | public function getAdminFolderLink()
132 | {
133 | return '../../../ecmsapi/_addons/' . $this->name . '/';
134 | }
135 |
136 |
137 |
138 |
139 | }
--------------------------------------------------------------------------------
/ecmsapi/_class/EapiFun.php:
--------------------------------------------------------------------------------
1 | api = $api;
10 | }
11 |
12 | public function toInt($num = 0 , $min = 0 , $max = 0)
13 | {
14 | $num = (int)$num;
15 | $min = (int)$min;
16 | $max = (int)$max;
17 | $num = $num < $min ? $min : $num;
18 | if($max > $min){
19 | $num = $num > $max ? $max : $num;
20 | }
21 | return $num;
22 | }
23 |
24 | public function toString($val = '' , $defaults = '')
25 | {
26 | $val = trim($val);
27 | return $val !== '' ? $val : $defaults;
28 | }
29 |
30 | public function toNumArray($value , $separator = ''){
31 | if(!is_array($value)){
32 | if($separator === ''){
33 | $separator = ',';
34 | $value = str_replace(['$' , '|' , ' ' , ',' , '、' , '/' , '\\' , '' , '#'] , $separator , $value);
35 | }
36 | $value = explode($separator , $value);
37 | }
38 | $value = array_filter($value , function(&$v){
39 | $v = abs((int)$v);
40 | return $v;
41 | });
42 | $value = array_flip(array_flip($value));
43 | return $value;
44 | }
45 |
46 | public function toStrArray($value , $separator = ''){
47 | if(!is_array($value)){
48 | if($separator === ''){
49 | $separator = ',';
50 | $value = str_replace(['$' , '|' , ' ' , ',' , '、' , '/' , '\\' , '' , '#'] , $separator , $value);
51 | }
52 | $value = explode($separator , $value);
53 | }
54 | $value = array_filter($value , function(&$v){
55 | $v = trim($v);
56 | return $v;
57 | });
58 | $value = array_flip(array_flip($value));
59 | return $value;
60 | }
61 |
62 | public function isEmail($value = '')
63 | {
64 | $rule = "/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/";
65 | return $this->regex($rule , $value);
66 | }
67 |
68 | public function isMobile($value = '')
69 | {
70 | $rule = "/^((13[0-9])|(14[5,7,9])|(15[^4])|(18[0-9])|(17[0,1,3,5,6,7,8]))\d{8}$/";
71 | return $this->regex($rule , $value);
72 | }
73 |
74 | public function regex($rule = '' , $code = '')
75 | {
76 | return !!preg_match($rule , $code);
77 | }
78 |
79 | public function json($code , $data , $message = '' , $option = 0)
80 | {
81 | if(is_string($data)){
82 | $message = $message === '' ? $data : $message;
83 | $data = [];
84 | }else if(!is_array($data)){
85 | $data = [];
86 | }
87 | return $this->api->json([
88 | 'code' => $code,
89 | 'data' => $data,
90 | 'message' => $message
91 | ] , $option);
92 | }
93 |
94 | public function jsonp($code , $data , $message = '' , $cb = 'callback', $option = 0)
95 | {
96 | if(is_string($data)){
97 | $message = $message === '' ? $data : $message;
98 | $data = [];
99 | }else if(!is_array($data)){
100 | $data = [];
101 | }
102 | return $this->api->jsonp([
103 | 'code' => $code,
104 | 'data' => $data,
105 | 'message' => $message
106 | ] , $cb , $option);
107 | }
108 |
109 | public function getAttrs($text , $mode = true)
110 | {
111 | $text = $mode ? str_replace(array("\r\n", "\r", "\n"), "||||||", $text) : $text;
112 | $temp = explode('||||||' , $text);
113 | $result = [];
114 | foreach($temp as $v){
115 | $v = trim($v);
116 | if($v !== ''){
117 | $result[] = explode('::::::' , $v);
118 | }
119 | }
120 | return $result;
121 | }
122 |
123 | public function getError()
124 | {
125 | return $this->error;
126 | }
127 |
128 | }
--------------------------------------------------------------------------------
/ecmsapi/_extend/EapiExtendGzh.php:
--------------------------------------------------------------------------------
1 | '',
6 | "aeskey" => ''
7 | );
8 |
9 | private $api = null;
10 |
11 | public function __construct($config = [] , $api = null){
12 | $this->config = array_merge($this->config, $config);
13 | $this->api = $api;
14 | }
15 |
16 | public function __get($name) {
17 | if(isset($this->config[$name])){
18 | return $this->config[$name];
19 | }else{
20 | return false;
21 | }
22 | }
23 |
24 | public function __set($name,$value){
25 | if(isset($this->config[$name])){
26 | $this->config[$name] = $value;
27 | }
28 | }
29 |
30 | /* 微信公众号认证 */
31 | public function check(){
32 | if(isset($_GET['echostr'])){
33 | $timestamp = $this->api->get('timestamp');
34 | $nonce = $this->api->get('nonce');
35 |
36 | $arr = array($this->token, $timestamp, $nonce);
37 | sort($arr, SORT_STRING);
38 | $code = sha1(implode('',$arr));
39 |
40 | header('Content-Type: text');
41 | echo $this->api->get('signature') === $code ? $this->api->get('echostr') : '';
42 | exit;
43 | }
44 | }
45 |
46 | /* 返回微信数据 */
47 | public function getPost(){
48 | $post = file_get_contents("php://input");
49 | if(empty($post)){
50 | return false;
51 | }else{
52 | return $this->xml_to_arr($post);
53 | }
54 | }
55 |
56 | /* 返回图文消息 */
57 | public function textpic($datas = array() , $post){
58 | if(!$post){
59 | $post = $this->getPost();
60 | }
61 | if(!empty($post) && !empty($datas)){
62 | $xml = ''.time().''.count($datas).'';
63 | foreach($datas as $v){
64 | $xml .= '- <![CDATA['.$v["title"].']]>
';
65 | }
66 | $xml .= '';
67 | $this->xml($xml);
68 | }
69 | }
70 |
71 | /* 返回文字消息 */
72 | public function text($content = '' , $post){
73 | if(!$post){
74 | $post = $this->getPost();
75 | }
76 | if(!empty($post) && !empty($content)){
77 | $xml = ''.time().'';
78 | $this->xml($xml);
79 | }
80 | }
81 |
82 | /* 输出xml */
83 | protected function xml($xml){
84 | header('Content-Type: text/xml; charset=utf-8');
85 | echo $xml;
86 | exit;
87 | }
88 |
89 |
90 | protected function xml_to_arr($xml){
91 | $arr1 = array('ToUserName' , 'FromUserName' , 'MsgType' , 'Content');
92 | $arr2 = array('MsgId' , 'CreateTime');
93 | $arr = array();
94 | foreach($arr1 as $v){
95 | $arr[$v] = $this->str_cut($xml , '<'.$v.'>');
96 | }
97 | foreach($arr2 as $v){
98 | $arr[$v] = $this->str_cut($xml , '<'.$v.'>' , '');
99 | }
100 | return $arr;
101 | }
102 |
103 | protected function str_cut($str , $startCode = '' , $endCode = ''){
104 | if($startCode == ''){
105 | return $str;
106 | }
107 | $arr = explode($startCode , $str);
108 | if(!isset($arr[1])){
109 | return '';
110 | }
111 | if($endCode == ''){
112 | return $arr[1];
113 | }else{
114 | $arr = explode($endCode , $arr[1]);
115 | return $arr[0];
116 | }
117 | }
118 | }
--------------------------------------------------------------------------------
/ecmsapi/_extend/fpay/FpayXunhu.php:
--------------------------------------------------------------------------------
1 | appId = $conf['appId'];
12 | }
13 | if(isset($conf['appSecret'])){
14 | $this->appSecret = $conf['appSecret'];
15 | }
16 | }
17 |
18 | public function qrcode($conf = [])
19 | {
20 | $params = [
21 | 'version' => '1.1',
22 | 'appid' => $this->appId,
23 | 'trade_order_id' => $conf['orderid'],
24 | 'total_fee' => $conf['price'],
25 | 'title' => $conf['info'],
26 | 'time' => time(),
27 | 'notify_url' => $conf['notify'],
28 | 'nonce_str' => time(),
29 | ];
30 | $params['hash'] = $this->createHash($params);
31 | $url = 'https://api.xunhupay.com/payment/do.html';
32 |
33 | $json = json_decode($this->curl($url , $params) , true);
34 |
35 | if(false !== $json && $json['errcode'] === 0){
36 | return $json['url_qrcode'];
37 | }else{
38 | $this->error = '获取二维码失败';
39 | return false;
40 | }
41 | }
42 |
43 | /* 获取支付地址 */
44 | public function redirect($conf = [])
45 | {
46 | $params = [
47 | 'version' => '1.1',
48 | 'appid' => $this->appId,
49 | 'trade_order_id' => $conf['orderid'],
50 | 'total_fee' => $conf['price'],
51 | 'title' => $conf['info'],
52 | 'time' => time(),
53 | 'notify_url' => $conf['notify'],
54 | 'nonce_str' => time(),
55 | 'redirect' => 'Y'
56 | ];
57 | if(isset($conf['return_url'])){
58 | $params['return_url'] = $conf['return_url'];
59 | }
60 | if(isset($conf['callback_url'])){
61 | $params['callback_url'] = $conf['callback_url'];
62 | }
63 | $params['hash'] = $this->createHash($params);
64 | $url = 'https://api.xunhupay.com/payment/do.html';
65 |
66 | $link = $url . '?' . http_build_query($params);
67 | return $link;
68 | }
69 |
70 | /* 异步验证 */
71 | public function notify($data)
72 | {
73 | foreach ($data as $k=>$v){
74 | $data[$k] = stripslashes($v);
75 | }
76 | if(!isset($data['hash']) || !isset($data['trade_order_id'])){
77 | return false;
78 | }
79 | $hash = $this->createHash($data);
80 |
81 | if( $data['hash'] != $hash ){
82 | return false;
83 | }
84 | if( isset($data['status']) && $data['status']=='OD' ){
85 | return $data['trade_order_id'];
86 | }else{
87 | return false;
88 | }
89 | }
90 |
91 | public function createHash($datas){
92 | ksort($datas);
93 | reset($datas);
94 | $pre =array();
95 | foreach ($datas as $key => $data){
96 | if( is_null($data) || $data==='' || $key == 'hash'){
97 | continue;
98 | }
99 | $pre[$key] = stripslashes($data);
100 | }
101 | $arg = '';
102 | $qty = count($pre);
103 | $index=0;
104 | foreach ($pre as $key=>$val){
105 | $arg.="$key=$val";
106 | if($index++<($qty-1)){
107 | $arg.="&";
108 | }
109 | }
110 | return md5($arg . $this->appSecret);
111 |
112 | }
113 |
114 |
115 | public function curl($url , $params , $header = [])
116 | {
117 | $ch = curl_init();
118 | curl_setopt($ch, CURLOPT_URL, $url);
119 | curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
120 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
121 | curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
122 | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
123 | curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
124 | curl_setopt($ch, CURLOPT_POST, 1);
125 | curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
126 | $code = curl_exec($ch);
127 | curl_close($ch);
128 | return $code;
129 | }
130 |
131 |
132 | public function getError()
133 | {
134 | return $this->error;
135 | }
136 | }
--------------------------------------------------------------------------------
/ecmsapi/_addons/api_management/_admin/act/api/edit.php:
--------------------------------------------------------------------------------
1 | isPost()){
3 |
4 |
5 | $data = [];
6 | $data['name'] = $api->post('name' , '' , 'trim');
7 | $data['open'] = $api->post('open' , 0 , 'intval');
8 | $data['description'] = $api->post('description' , '' , 'trim');
9 |
10 | if($data['name'] === ''){
11 | printerror2('接口名称不能为空');
12 | }
13 |
14 | $key = $api->post('key' , '' , 'trim');
15 | if($key === ''){
16 | printerror2('接口文件名不能为空');
17 | }
18 |
19 | if(!preg_match("/^[a-z0-9\.]+$/" , $key)){
20 | printerror2('接口文件名只能由字母与数字组成');
21 | }
22 |
23 | if($name !== $key && isset($apiList[$key])){
24 | printerror2('接口文件名已被占用');
25 | }
26 |
27 | if($name !== $key && $name !== ''){
28 | unset($apiList[$name]);
29 | rename($modDir . $name . '.php' , $modDir . $key . '.php');
30 | }
31 |
32 |
33 |
34 | $apiList[$key] = $data;
35 | $mod['list'] = $apiList;
36 |
37 | $result = adminBuildConfig($modDir .'_conf.php' , $mod);
38 |
39 | if(false === $result){
40 | printerror2('操作失败 请检查 _mod 目录仅限');
41 | }
42 |
43 | $code = $api->post('code' , '' , 'trim');
44 |
45 | $result = file_put_contents($modDir . $key . '.php' , htmlspecialchars_decode($code));
46 |
47 | if(false === $result){
48 | printerror2('操作失败 请检查 _mod 目录仅限');
49 | }else{
50 | printerror2('操作成功' , $addonLink . '&act=api&m='.$m.'&do=edit&name='.$key);
51 | }
52 |
53 | }
54 |
55 | $data = $name === '' ? [
56 | 'name' => '',
57 | 'open' => 1,
58 | 'description' => ''
59 | ] : $apiList[$name];
60 |
61 | if($name === ''){
62 | $code = '';
63 | }else{
64 | $file = $modDir . $name . '.php';
65 | $code = file_get_contents($file);
66 | if(false === $code){
67 | printerror2('接口文件数据获取失败');
68 | }
69 | }
70 |
71 | $titlelink = '添加接口';
72 | if($name !== ''){
73 | $titlelink = ''.$data['name'].'';
74 | }
75 |
76 | ?>
77 |
78 |
79 |
80 |
81 | API管理
82 |
83 |
84 |
85 |
86 |
87 | |
88 | 位置:API管理 > >
89 | |
90 |
91 |
92 |
93 |
126 |
129 |
130 |
--------------------------------------------------------------------------------
/ecmsapi/_class/EapiDb.php:
--------------------------------------------------------------------------------
1 | empire = $empire;
16 | $this->dbtbpre = $dbtbpre;
17 | $this->api = $api;
18 | }
19 |
20 | public function startTrans()
21 | {
22 | $this->errno = 0;
23 | $this->query('begin;');
24 | }
25 |
26 | public function endTrans()
27 | {
28 | if( $this->errno > 0){
29 | $this->query('rollback;');
30 | $this->errno = 0;
31 | return false;
32 | }else{
33 | $this->query('commit;');
34 | return true;
35 | }
36 | }
37 |
38 | public function query($sql , $exit = false){
39 | $sql = $this->sql($sql);
40 | $obj = !$exit ? $this->empire->query1($sql) : $this->empire->query($sql);
41 | if(is_bool($obj)){
42 | !$obj AND $this->errno++;
43 | return $obj;
44 | }
45 | $result = [];
46 | while($r = $this->empire->fetch($obj)){
47 | $data = [];
48 | foreach($r as $i=>$v){
49 | if(is_string($i)){
50 | $data[$i] = $v;
51 | }
52 | }
53 | $result[] = $data;
54 | }
55 | return $result;
56 | }
57 |
58 | public function select($table , $field = '*' , $map = '0' , $pagination = '20,1' , $orderby = '')
59 | {
60 | $temp = explode(',' , $pagination.',1,1');
61 | $limit = (int)$temp[0];
62 | $limit = $limit > 0 ? $limit : 20;
63 | $limit = $limit > 2000 ? 2000 : $limit;
64 | $page = (int)$temp[1];
65 | $page = $page > 1 ? $page : 1;
66 | $offset = ($page-1) * $limit;
67 | $orderby = $orderby ? 'order by '.$orderby : '';
68 | $field = trim($field) !== '' ? trim($field) : '*';
69 | $sql = "select {$field} from `{$table}` where {$map} {$orderby} limit {$offset},{$limit};";
70 | return $this->query($sql , false);
71 | }
72 |
73 | public function insert($table , $data = [])
74 | {
75 | if(empty($table) || empty($data) || !is_array($data)){
76 | return false;
77 | }
78 | $field = "";
79 | $value = "";
80 | foreach($data as $f=>$v){
81 | $field .= ",`" . $f . "`";
82 | $value .= ",'" . $v ."'";
83 | }
84 | $field = substr($field , 1);
85 | $value = substr($value , 1);
86 | $sql = "insert into `{$table}` ({$field}) values ({$value});";
87 | $res = $this->query($sql , false);
88 | if(true === $res){
89 | return $this->empire->lastid();
90 | }else{
91 | return false;
92 | }
93 | }
94 |
95 | public function insertAll($table , $datas)
96 | {
97 | if(empty($table) || empty($datas) || !is_array($datas)){
98 | return false;
99 | }
100 | $field = "";
101 | $values = "";
102 | $num = 0;
103 | foreach($datas as $i=>$data){
104 | if(empty($data) || !is_array($data)){
105 | return false;
106 | }
107 | $value = "";
108 | foreach($data as $f=>$v){
109 | if($i === 0){
110 | $field .= ",`" . $f . "`";
111 | }
112 | $value .= ",'" . $v ."'";
113 | }
114 | $values .= ",(".substr($value , 1).")";
115 | $num++;
116 | }
117 | $field = substr($field , 1);
118 | $values = substr($values , 1);
119 | $sql = "insert into `{$table}` ({$field}) values {$values};";
120 | $res = $this->query($sql , false);
121 | if(true === $res){
122 | return $num;
123 | }else{
124 | return false;
125 | }
126 | }
127 |
128 | public function update($table = '' , $data = '' , $map = '0'){
129 | if(empty($table) || empty($data) || (!is_string($data) && !is_array($data))){
130 | return false;
131 | }
132 | if(is_string($data)){
133 | $setField = $data;
134 | }else{
135 | $setField = "";
136 | foreach($data as $f=>$v){
137 | $v = !is_array($v) ? "'{$v}'" : $v[0];
138 | $setField .= ",{$f}={$v}";
139 | }
140 | $setField = substr($setField , 1);
141 | }
142 | $sql = "update {$table} set {$setField} where {$map}";
143 | return $this->query($sql , false);
144 | }
145 |
146 | public function delete($table , $map = '0')
147 | {
148 | if(empty($table)){
149 | return false;
150 | }
151 | $sql = "delete from {$table} where {$map};";
152 | return $this->query($sql , false);
153 | }
154 |
155 | public function one($table , $field = '*' ,$map = '' , $orderby = '')
156 | {
157 | if(empty($table)){
158 | return false;
159 | }
160 | if($map === ''){
161 | $sql = $table;
162 | }else{
163 | $orderby = $orderby !== '' ? 'order by '.$orderby : '';
164 | $sql = "select {$field} from `{$table}` where {$map} {$orderby} limit 0,1;";
165 | }
166 | $datas = $this->query($sql , false);
167 | if(empty($datas)){
168 | return false;
169 | }else{
170 | return $datas[0];
171 | }
172 | }
173 |
174 | public function getByPk($table , $value , $field = '*' ,$pk = 'id')
175 | {
176 | if(empty($table)){
177 | return false;
178 | }
179 | $map = "{$pk} = '{$value}'";
180 | return $this->one($table , $field , $map);
181 | }
182 |
183 | public function total($table , $map = '')
184 | {
185 | if($map !== ''){
186 | $sql = "select count(*) as total from `{$table}` where {$map};";
187 | }else{
188 | $sql = $table;
189 | }
190 | $reslut = $this->one($sql);
191 | return false !== $reslut ? (int)current($reslut) : false;
192 | }
193 |
194 | public function getTableFields($table)
195 | {
196 | if(isset($this->tableFieldsCache[$table])){
197 | return $this->tableFieldsCache[$table];
198 | }else{
199 | $fields = $this->query("SHOW COLUMNS FROM `{$table}`");
200 | if(!empty($fields)){
201 | return array_column($fields , null , 'Field');
202 | }else{
203 | return [];
204 | }
205 | }
206 | }
207 |
208 | public function log($act = ''){
209 | if($act === null){
210 | $this->sqls = [];
211 | return $this;
212 | }else if($act === ''){
213 | return $this->sqls;
214 | }else{
215 | $this->log = !!$act;
216 | return $this;
217 | }
218 | }
219 |
220 | protected function sql($sql)
221 | {
222 | $sql = str_replace('[!db.pre!]' , $this->dbtbpre , $sql);
223 | if(true === $this->log){
224 | $this->sqls[] = $sql;
225 | }
226 | return $sql;
227 | }
228 | }
--------------------------------------------------------------------------------
/ecmsapi/_class/EapiUpload.php:
--------------------------------------------------------------------------------
1 | 0,
5 | "mimes" => [],
6 | "exts" => [],
7 | "rootpath" => "upload",
8 | "http_user_agent" => ""
9 | ];
10 | private $api = null;
11 | private $error = null;
12 |
13 | public function __construct($config = [] , $api = null){
14 | $this->config = array_merge($this->config, $config);
15 | if(!empty($this->config['mimes'])){
16 | if(is_string($this->mimes)) {
17 | $this->config['mimes'] = explode(',', $this->mimes);
18 | }
19 | $this->config['mimes'] = array_map('strtolower', $this->mimes);
20 | }
21 | if(!empty($this->config['exts'])){
22 | if(is_string($this->exts)){
23 | $this->config['exts'] = explode(',', $this->exts);
24 | }
25 | $this->config['exts'] = array_map('strtolower', $this->exts);
26 | }
27 | $this->config['size'] = (int)$this->config['size'];
28 | $this->api = $api;
29 | }
30 |
31 | public function __get($name) {
32 | return $this->config[$name];
33 | }
34 |
35 | public function __set($name, $value){
36 | if(isset($this->config[$name])){
37 | $this->config[$name] = $value;
38 | }
39 | }
40 |
41 | public function getError(){
42 | return $this->error;
43 | }
44 |
45 | // 下载远程文件,保存到本地
46 | public function download($url , $filename = '' , $savepath = '')
47 | {
48 | $ch = curl_init($url);
49 | $user_agent = $this->config['http_user_agent'] != '' ? $this->config['http_user_agent'] : $_SERVER['HTTP_USER_AGENT'];
50 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
51 | curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
52 | if( strpos($url, 'https://') === 0 ){
53 | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
54 | curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
55 | }
56 | $data = curl_exec($ch);
57 | $mime = curl_getinfo($ch, CURLINFO_CONTENT_TYPE);
58 | $file = [];
59 | $file['name'] = basename($url);
60 | $file['ext'] = isset($this->config['mimes'][$mime]) ? $this->config['mimes'][$mime] : '';
61 | if($file['ext'] === ''){
62 | $this->error = '该文件类型不允许下载';
63 | return false;
64 | }
65 | $file['size'] = (int)strlen($data);
66 | if($this->config['size'] > 0 && $this->config['size'] < $file['size']){
67 | $this->error = '下载文件大小不符';
68 | return false;
69 | }
70 |
71 | // 开始保存文件
72 | $filename = $filename === '' ? uniqid() : $filename;
73 | $fullname = $file['ext'] !== '' ? $filename . '.' . $file['ext'] : $filename;
74 | // 处理保存路径
75 | $dir = rtrim($this->config['rootpath'] , '/') . '/' . trim($savepath , '/') . '/';
76 | $filepath = $dir . $fullname;
77 |
78 |
79 | if( !is_dir($dir) && !@mkdir($dir , 0777 , true) ){
80 | $this->error = "保存目录创建失败";
81 | return false;
82 | }
83 |
84 | if( is_dir($dir) && !is_writable($dir) ){
85 | $this->error = "保存目录没有写入权限";
86 | return false;
87 | }
88 |
89 |
90 | if( !file_put_contents($filepath , $data) ){
91 | $this->error = '保存远程文件错误!';
92 | return false;
93 | }
94 |
95 | $res = array(
96 | 'filename' => $filename,
97 | 'ext' => $file['ext'],
98 | 'fullname' => $fullname,
99 | 'original' => $file['name'],
100 | 'size' => $file['size']
101 | );
102 | return $res;
103 | }
104 |
105 | public function upload($file , $filename = '' , $savepath = ''){
106 | if(empty($file) || !is_array($file)){
107 | $this->error = '未选择上传文件';
108 | return false;
109 | }
110 | if($file['error']) {
111 | $this->error($file['error']);
112 | return false;
113 | }
114 | if(empty($file['name'])){
115 | $this->error = '未知上传错误';
116 | return false;
117 | }
118 | if(!is_uploaded_file($file['tmp_name'])) {
119 | $this->error = '非法上传文件';
120 | return false;
121 | }
122 | $file['size'] = (int)$file['size'];
123 | if($this->config['size'] > 0 && $this->config['size'] < $file['size']){
124 | $this->error = '上传文件大小不符';
125 | return false;
126 | }
127 |
128 | if(function_exists('finfo_open')){
129 | $finfo = finfo_open( FILEINFO_MIME_TYPE );
130 | $file['type'] = finfo_file($finfo ,$file['tmp_name']);
131 | }
132 |
133 | if(!$this->checkMime($file['type'])){
134 | $this->error = '上传文件MIME类型不允许';
135 | return false;
136 | }
137 |
138 | $file['ext'] = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
139 |
140 | if(!$this->checkExt($file['ext'])){
141 | $this->error = '上传文件后缀不允许';
142 | return false;
143 | }
144 |
145 | // 严格检测图片
146 | if(in_array($file['ext'], ['gif' , 'jpg' , 'jpeg', 'bmp' , 'png' , 'swf' , 'webp'])) {
147 | $imginfo = getimagesize($file['tmp_name']);
148 | if(empty($imginfo) || ($file['ext'] == 'gif' && empty($imginfo['bits']))){
149 | $this->error = '非法图像文件!';
150 | return false;
151 | }
152 | }
153 |
154 | // 开始保存文件
155 | $filename = $filename === '' ? uniqid() : $filename;
156 | $fullname = $file['ext'] !== '' ? $filename . '.' . $file['ext'] : $filename;
157 | // 处理保存路径
158 | $dir = rtrim($this->config['rootpath'] , '/') . '/' . trim($savepath , '/') . '/';
159 | $filepath = $dir . $fullname;
160 |
161 |
162 | if( !is_dir($dir) && !@mkdir($dir , 0777 , true) ){
163 | $this->error = "上传目录创建失败";
164 | return false;
165 | }
166 |
167 | if( is_dir($dir) && !is_writable($dir) ){
168 | $this->error = "上传目录没有写入权限";
169 | return false;
170 | }
171 |
172 | if(!@move_uploaded_file($file['tmp_name'], $filepath)){
173 | $this->error = '文件上传保存错误!';
174 | return false;
175 | }
176 |
177 | $res = array(
178 | 'filename' => $filename,
179 | 'ext' => $file['ext'],
180 | 'fullname' => $fullname,
181 | 'original' => $file['name'],
182 | 'size' => $file['size']
183 | );
184 |
185 | return $res;
186 | }
187 |
188 |
189 |
190 | public function checkMime($mime){
191 | return empty($this->config['mimes']) ? true : in_array(strtolower($mime), $this->mimes) || isset($this->mimes[strtolower($mime)]);
192 | }
193 |
194 | public function checkExt($ext){
195 | return empty($this->config['exts']) ? true : in_array(strtolower($ext), $this->exts);
196 | }
197 |
198 |
199 | private function error($no) {
200 | switch($no){
201 | case 1:
202 | $this->error = '上传的文件超过了 php.ini 中 upload_max_filesize 选项限制的值';
203 | break;
204 | case 2:
205 | $this->error = '上传文件的大小超过了 HTML 表单中 MAX_FILE_SIZE 选项指定的值';
206 | break;
207 | case 3:
208 | $this->error = '文件只有部分被上传';
209 | break;
210 | case 4:
211 | $this->error = '没有文件被上传';
212 | break;
213 | case 6:
214 | $this->error = '找不到临时文件夹';
215 | break;
216 | case 7:
217 | $this->error = '文件写入失败';
218 | break;
219 | default:
220 | $this->error = '未知上传错误';
221 | }
222 | }
223 |
224 | }
--------------------------------------------------------------------------------
/ecmsapi/_class/EapiFile.php:
--------------------------------------------------------------------------------
1 | ECMS_PATH,
8 | 'size' => 0,
9 | 'mimes' => [],
10 | 'exts' => [],
11 | 'fpath' => 1,
12 | 'ftb' => 1,
13 | 'user' => 'admin',
14 | 'modtype' => 0
15 | ];
16 |
17 | public function __construct($config = [] , $api = null)
18 | {
19 | $this->setOption($config);
20 | $this->api = $api;
21 | }
22 |
23 | public function setOption($name , $value = null)
24 | {
25 | if(is_array($name)){
26 | $this->conf = array_merge($this->conf, $name);
27 | }else{
28 | $this->conf[$name] = $value;
29 | }
30 | return $this;
31 | }
32 |
33 | public function getOption($name)
34 | {
35 | if(isset($this->conf[$name])){
36 | return $this->conf[$name];
37 | }else{
38 | return null;
39 | }
40 | }
41 |
42 | /*
43 | * $file 要上传的文件
44 | * $id 内容的ID
45 | * $classid 栏目id
46 | * $filepass 文件临时变量一般为time()
47 | * $type 文件类型 1为图片,2为Flash文件,3为多媒体文件,0为附件
48 | */
49 | public function upload($file , $id = 0 , $classid = 0 , $filepass = 0 , $type = 1)
50 | {
51 | if(empty($file) || !is_array($file)){
52 | $this->error = '请选择要上传的文件';
53 | return false;
54 | }
55 | $filepass = $filepass ? $filepass : time();
56 |
57 | $fpath = $this->getFpath($classid , $this->getOption('fpath'));
58 |
59 | $filename = $this->buildFileName($file['name'] , $classid);
60 |
61 | $up = $this->api->load('upload' , [
62 | 'rootpath' => $this->getOption('rootpath'),
63 | 'size' => $this->getOption('size'),
64 | 'mimes' => $this->getOption('mimes'),
65 | 'exts' => $this->getOption('exts')
66 | ]);
67 |
68 | $fileinfo = $up->upload($file , $filename , $fpath);
69 |
70 | if(false === $fileinfo){
71 | $this->error = $up->getError();
72 | return false;
73 | }
74 | $fileinfo['path'] = $this->getFileDatePath();
75 |
76 | $fdata = $this->insert($fileinfo , $id , $classid , $filepass , $type);
77 |
78 | if(false === $fdata){
79 | return false;
80 | }
81 |
82 | return $fdata;
83 | }
84 |
85 | /*
86 | * 下载远程文件到本地
87 | */
88 | public function download($url , $id = 0 , $classid = 0 , $filepass = 0 , $type = 1 , $http_user_agent = '')
89 | {
90 | $url = trim($url);
91 | $url = strpos($url , '//') === 0 ? 'http:'.$url : $url;
92 | if( strpos($url, 'https://') !== 0 && strpos($url, 'http://') !== 0 ){
93 | $this->error = '请输入正确的地址';
94 | return false;
95 | }
96 |
97 | $filepass = $filepass ? $filepass : time();
98 |
99 | $fpath = $this->getFpath($classid , $this->getOption('fpath'));
100 |
101 | $filename = $this->buildFileName($file['name'] , $classid);
102 |
103 | $up = $this->api->load('upload' , [
104 | 'rootpath' => $this->getOption('rootpath'),
105 | 'size' => $this->getOption('size'),
106 | 'mimes' => $this->getOption('mimes'),
107 | 'exts' => $this->getOption('exts'),
108 | 'http_user_agent' => $http_user_agent
109 | ]);
110 |
111 | $fileinfo = $up->download($url , $filename , $fpath);
112 |
113 | if(false === $fileinfo){
114 | $this->error = $up->getError();
115 | return false;
116 | }
117 | $fileinfo['path'] = $this->getFileDatePath();
118 |
119 | $fdata = $this->insert($fileinfo , $id , $classid , $filepass , $type);
120 |
121 | if(false === $fdata){
122 | return false;
123 | }
124 |
125 | return $fdata;
126 | }
127 |
128 | // 写入数据表
129 | public function insert($file , $id , $classid , $filepass = 0 , $type = 1)
130 | {
131 | // 要入库的数据
132 | $data = [];
133 |
134 | $data['filesize'] = $file['size'];
135 | $data['path'] = $file['path'];
136 | $data['filename'] = $file['fullname'];
137 | $data['no'] = $file['original'];
138 | $data['adduser'] = $this->getOption('user');
139 | $data['filetime'] = time();
140 |
141 | if($id !== 0){
142 | $data['pubid'] = ReturnInfoPubid($classid , $id);
143 | $data['id'] = $id;
144 | }else{
145 | $data['cjid'] = $filepass;
146 | $data['id'] = $filepass;
147 | }
148 |
149 | $data['type'] = $type;
150 | $data['modtype'] = $this->getOption('modtype');
151 | $data['fpath'] = $this->getOption('fpath');
152 | $data['classid'] = $classid;
153 |
154 | $table = '[!db.pre!]enewsfile_'.$this->getOption('ftb');
155 | $fileid = $this->api->load('db')->insert($table , $data);
156 | if(false === $fileid){
157 | $this->error = $this->api->load('db')->getError();
158 | return false;
159 | }
160 | $data['fileid'] = $fileid;
161 | return $data;
162 | }
163 |
164 | // 更新附件数据
165 | public function update($id , $classid , $filepass = 0 , $more = [])
166 | {
167 | $filepass = (int)$filepass;
168 | if($filepass === 0){
169 | $this->error = '请输入filepass';
170 | return false;
171 | }
172 | $data = [];
173 | $data['cjid'] = 0;
174 | $data['id'] = $id;
175 | $data['pubid'] = ReturnInfoPubid($classid , $id);
176 | $result = $this->api->load('db')->update('[!db.pre!]enewsfile_'.$this->getOption('ftb') , $data , 'cjid=' . $filepass);
177 | if(false === $result){
178 | $this->error = $this->api->load('db')->getError();
179 | return false;
180 | }
181 | return $result;
182 | }
183 |
184 | // 删除附件
185 | public function delete($id , $classid = 0, $ftb = null)
186 | {
187 | $ftb = is_null($ftb) ? $this->getOption('ftb') : $ftb;
188 | $map = is_numeric($id) ? 'id = '.$id.' and classid = '.$classid : $id;
189 | $files = $this->api->load('db')->select('[!db.pre!]enewsfile_'.$ftb , 'filename,fpath,path,classid' , $map , '2000' , 'fileid desc');
190 | if(false === $files){
191 | $this->error = '删除附件失败';
192 | return false;
193 | }else if(empty($files)){
194 | return true;
195 | }
196 | foreach($files as $i=>$f){
197 | $fullpath = $this->getFullPath($f);
198 | $this->deleteFile($fullpath);
199 | }
200 | $result = $this->api->load('db')->delete('[!db.pre!]enewsfile_'.$ftb , $map);
201 | if(false === $result){
202 | $this->error = '删除附件失败';
203 | return false;
204 | }
205 | return true;
206 | }
207 |
208 | public function deleteFile($fullpath)
209 | {
210 | $truepath = rtrim(ECMS_PATH , '/') . $fullpath;
211 | return @unlink($truepath);
212 | }
213 |
214 | function buildFileName($str , $classid = 0)
215 | {
216 | return ReturnDoTranFilename($str , $classid);
217 | }
218 |
219 | // 通过数据库获取文件路径
220 | public function getFullPath($file)
221 | {
222 | $d = rtrim( $this->getFpath($file['classid'] , $file['fpath']) , '/' ) . '/' . $file['filename'];
223 | return $d;
224 | }
225 |
226 | // 获取附件存放路径
227 | public function getFpath($classid = 0 , $type = null)
228 | {
229 | global $public_r , $class_r;
230 | $type = is_null($type) ? (int)$public_r['fpath'] : (int)$type;
231 | if($type === 0){
232 | if( isset($class_r[$classid]) ){
233 | $fp = '/'.trim($class_r[$classid]['classpath'] , '/').'/';
234 | }else{
235 | $type = 1;
236 | $fp = '/d/file/p/';
237 | }
238 | }else if($type === 1){
239 | $fp = '/d/file/p/';
240 | }else{
241 | $fp = '/d/file/';
242 | }
243 | $this->setOption('fpath' , $type);
244 | $fp .= $this->getFileDatePath();
245 | return $fp;
246 | }
247 |
248 | public function getFileDatePath($code = '')
249 | {
250 | global $public_r;
251 | $code = $code === '' ? $public_r['filepath'] : $code;
252 | $param = trim($code);
253 | if($param !== ''){
254 | return trim(date($param) , '/');
255 | }else{
256 | return '';
257 | }
258 | }
259 |
260 | public function getError()
261 | {
262 | return $this->error;
263 | }
264 |
265 |
266 | }
--------------------------------------------------------------------------------
/ecmsapi/EcmsApi.php:
--------------------------------------------------------------------------------
1 | param($name , $default , $fn);
46 | }
47 | }
48 |
49 | public function isGet()
50 | {
51 | return isset($_SERVER['REQUEST_METHOD']) && strtoupper($_SERVER['REQUEST_METHOD'])==='GET';
52 | }
53 |
54 | public function isPost()
55 | {
56 | return isset($_SERVER['REQUEST_METHOD']) && strtoupper($_SERVER['REQUEST_METHOD'])==='POST';
57 | }
58 |
59 | public function isDelete()
60 | {
61 | return isset($_SERVER['REQUEST_METHOD']) && strtoupper($_SERVER['REQUEST_METHOD'])==='DELETE';
62 | }
63 |
64 | public function isHead()
65 | {
66 | return isset($_SERVER['REQUEST_METHOD']) && strtoupper($_SERVER['REQUEST_METHOD'])==='HEAD';
67 | }
68 |
69 | public function isPut()
70 | {
71 | return isset($_SERVER['REQUEST_METHOD']) && strtoupper($_SERVER['REQUEST_METHOD'])==='PUT';
72 | }
73 |
74 | public function isTrace()
75 | {
76 | return isset($_SERVER['REQUEST_METHOD']) && strtoupper($_SERVER['REQUEST_METHOD'])==='TRACE';
77 | }
78 |
79 | public function isOptions()
80 | {
81 | return isset($_SERVER['REQUEST_METHOD']) && strtoupper($_SERVER['REQUEST_METHOD'])==='OPTIONS';
82 | }
83 |
84 | public function isAjax()
85 | {
86 | return isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtoupper($_SERVER['HTTP_X_REQUESTED_WITH'])=='XMLHTTPREQUEST';
87 | }
88 |
89 | public function isHttps()
90 | {
91 | if( !empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') {
92 | return true;
93 | }elseif( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https' ) {
94 | return true;
95 | }elseif( isset($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off') {
96 | return true;
97 | }
98 | return false;
99 | }
100 |
101 | public function method()
102 | {
103 | return isset($_SERVER['REQUEST_METHOD']) ? strtoupper($_SERVER['REQUEST_METHOD']) : '';
104 | }
105 |
106 | public function load($name = '' , $conf = [] , $cache = true)
107 | {
108 | $className = 'Eapi'.ucfirst($name);
109 | if(!class_exists($className , false)){
110 | require(ECMS_PATH . '/ecmsapi/_class/'.$className.'.php');
111 | }
112 | if(false === $cache){
113 | return new $className($conf , $this);
114 | }else{
115 | if(!isset($this->classCache[$name])){
116 | $this->classCache[$name] = new $className($conf , $this);
117 | }
118 | return $this->classCache[$name];
119 | }
120 | }
121 |
122 | public function extend($name = '' , $conf = [] , $cache = true)
123 | {
124 | $className = 'EapiExtend'.ucfirst($name);
125 | if(!class_exists($className , false)){
126 | require(ECMS_PATH . '/ecmsapi/_extend/'.$className.'.php');
127 | }
128 | if(false === $cache){
129 | return new $className($conf , $this);
130 | }else{
131 | if(!isset($this->classCache[$name])){
132 | $this->classCache[$name] = new $className($conf , $this);
133 | }
134 | return $this->classCache[$name];
135 | }
136 | }
137 |
138 | public function show($str , $type = 'text/html' , $charset='utf-8'){
139 | header('Content-Type: '.$type.'; charset='.$charset);
140 | exit($str);
141 | }
142 |
143 | public function error($str , $code = 404 , $type = 'text/html' , $charset='utf-8'){
144 | $this->sendCode($code);
145 | $this->show($str , $type , $charset);
146 | }
147 |
148 | public function json($arr , $options = 0){
149 | $json = is_array($arr) ? json_encode($arr , $options) : trim($arr);
150 | $this->show($json , 'application/json');
151 | }
152 |
153 | public function jsonp($arr , $cb = 'callback' , $options = 0){
154 | $json = is_array($arr) ? json_encode($arr , $options) : trim($arr);
155 | $cb = $cb ? $cb : 'callback';
156 | $json = $cb.'('.$json.');';
157 | $this->show($json , 'application/json');
158 | }
159 |
160 | public function location($url = '/' , $code = 0)
161 | {
162 | if($code >= 100){
163 | $this->sendCode($code);
164 | }
165 | $url = trim($url);
166 | $url = $url === '' ? '/' : $url;
167 | header("Location: {$url}");
168 | exit;
169 | }
170 |
171 | public function sendCode($code) {
172 | static $_status = array(
173 | 100 => 'Continue',
174 | 101 => 'Switching Protocols',
175 | 200 => 'OK',
176 | 201 => 'Created',
177 | 202 => 'Accepted',
178 | 203 => 'Non-Authoritative Information',
179 | 204 => 'No Content',
180 | 205 => 'Reset Content',
181 | 206 => 'Partial Content',
182 | 300 => 'Multiple Choices',
183 | 301 => 'Moved Permanently',
184 | 302 => 'Moved Temporarily ',
185 | 303 => 'See Other',
186 | 304 => 'Not Modified',
187 | 305 => 'Use Proxy',
188 | 307 => 'Temporary Redirect',
189 | 400 => 'Bad Request',
190 | 401 => 'Unauthorized',
191 | 402 => 'Payment Required',
192 | 403 => 'Forbidden',
193 | 404 => 'Not Found',
194 | 405 => 'Method Not Allowed',
195 | 406 => 'Not Acceptable',
196 | 407 => 'Proxy Authentication Required',
197 | 408 => 'Request Timeout',
198 | 409 => 'Conflict',
199 | 410 => 'Gone',
200 | 411 => 'Length Required',
201 | 412 => 'Precondition Failed',
202 | 413 => 'Request Entity Too Large',
203 | 414 => 'Request-URI Too Long',
204 | 415 => 'Unsupported Media Type',
205 | 416 => 'Requested Range Not Satisfiable',
206 | 417 => 'Expectation Failed',
207 | 500 => 'Internal Server Error',
208 | 501 => 'Not Implemented',
209 | 502 => 'Bad Gateway',
210 | 503 => 'Service Unavailable',
211 | 504 => 'Gateway Timeout',
212 | 505 => 'HTTP Version Not Supported',
213 | 509 => 'Bandwidth Limit Exceeded'
214 | );
215 | if(isset($_status[$code])) {
216 | header('HTTP/1.1 '.$code.' '.$_status[$code]);
217 | header('Status:'.$code.' '.$_status[$code]);
218 | }
219 | }
220 |
221 | public function composer($path = '')
222 | {
223 | if(!isset($this->varCache['composer'])){
224 | $file = ECMS_PATH . $path . 'vendor/autoload.php';
225 | if(file_exists($file)){
226 | require($file);
227 | $this->varCache['composer'] = true;
228 | }
229 | }
230 | }
231 |
232 | public function import($name , $mod = null){
233 | if($mod){
234 | $path = __DIR__ . '/_mod/' . $mod . '/' . $name . '.php';
235 | }else{
236 | $path = dirname(__DIR__) . '/' . $name . '.php';
237 | }
238 | if(is_file($path)){
239 | include($path);
240 | }
241 | }
242 |
243 | public function debug(){
244 | ini_set("display_errors", "On");
245 | ini_set("error_reporting", E_ALL);
246 | }
247 | }
--------------------------------------------------------------------------------
/ecmsapi/_class/EapiUser.php:
--------------------------------------------------------------------------------
1 | api = $api;
11 | }
12 |
13 | // 添加
14 | public function insert($post)
15 | {
16 | global $public_r,$ecms_config,$level_r;
17 |
18 | if(!is_array($post) || empty($post)){
19 | $this->error = '参数错误';
20 | return false;
21 | }
22 |
23 | if(!isset($post['username']) || $post['username'] === '' ){
24 | $this->error = '用户名不能为空';
25 | return false;
26 | }
27 |
28 | if(!isset($post['password']) || $post['password'] === '' ){
29 | $this->error = '登陆密码不能为空';
30 | return false;
31 | }
32 |
33 | $has = $this->hasUserByUsername($post['username']);
34 |
35 | if(false === $has || $has > 0){
36 | $this->error = '用户名已存在';
37 | return false;
38 | }
39 |
40 | if(isset($post['userid'])){
41 | unset($post['userid']);
42 | }
43 |
44 | $data = $this->filterField('enewsmember' , $post);
45 |
46 | //groupid
47 | if(!isset($data['groupid'])){
48 | $gid = (int)$public_r['defaultgroupid'];
49 | }else{
50 | $gid = (int)$data['groupid'];
51 | }
52 | if(isset($level_r[$gid])){
53 | $data['groupid'] = $gid;
54 | }else{
55 | $this->error = '会员组不存在';
56 | return false;
57 | }
58 | //userkey
59 | $data['userkey'] = $this->getRand(12);
60 | //rnd
61 | $data['rnd'] = $this->getRand(20);
62 | //salt
63 | $data['salt'] = $this->getRand($ecms_config['member']['saltnum']);
64 | //password
65 | $data['password'] = $this->createPassword($data['password'] , $data['salt']);
66 | //checked
67 | if(!isset($data['checked'])){
68 | $data['checked'] = $level_r[$gid]['regchecked'] == 1 ? 1 : 0;
69 | if($data['checked'] && $public_r['regacttype']==1){
70 | $data['checked'] = 0;
71 | }
72 | }
73 | //registertime
74 | if(!isset($data['registertime'])){
75 | $data['registertime'] = time();
76 | }
77 | //userfen
78 | $data['userfen'] = isset($data['userfen']) ? (int)$data['userfen'] : (int)$public_r['reggetfen'];
79 |
80 | // 写入主表
81 | $uid = $this->api->load('db')->insert('[!db.pre!]enewsmember' , $data);
82 |
83 | if(false === $uid ){
84 | $this->error = '数据写入出错';
85 | return false;
86 | }
87 |
88 | // 写入副表
89 | $sdata = $this->filterField('enewsmemberadd' , $post);
90 | $sdata['userid'] = $uid;
91 | if(!isset($sdata['regip'])){
92 | $sdata['regip'] = egetip();
93 | }
94 | if(!isset($sdata['regipport'])){
95 | $sdata['regipport'] = egetipport();
96 | }
97 | $this->api->load('db')->insert('[!db.pre!]enewsmemberadd' , $sdata);
98 |
99 | return $uid;
100 | }
101 |
102 | // 更新
103 | public function update($data , $uid = 0)
104 | {
105 | global $public_r,$ecms_config,$level_r;
106 |
107 | $user = $this->one($uid , 'userid');
108 |
109 | if($user){
110 | $map = 'userid = '.$user['userid'];
111 | }else{
112 | $this->error = '用户不存在';
113 | return false;
114 | }
115 |
116 | if(isset($data['userid'])){
117 | unset($data['userid']);
118 | }
119 |
120 | if(isset($data['password'])){
121 | $data['salt'] = $this->getRand($ecms_config['member']['saltnum']);
122 | $data['password'] = $this->createPassword($data['password'] , $data['salt']);
123 | }
124 |
125 | $mdata = $this->filterField('enewsmember' , $data); //主表数据
126 |
127 | if(!empty($mdata)){
128 | $result = $this->api->load('db')->update('[!db.pre!]enewsmember' , $mdata , $map);
129 | }else{
130 | $result = true;
131 | }
132 |
133 | if(false === $result){
134 | $this->error = '会员主表数据更新失败';
135 | return false;
136 | }
137 |
138 | $sdata = $this->filterField('enewsmemberadd' , $data); //副表数据
139 |
140 | if(!empty($sdata)){
141 | $result = $this->api->load('db')->update('[!db.pre!]enewsmemberadd' , $sdata , $map);
142 | if(false === $result){
143 | $this->error = '副表更新失败';
144 | }
145 | return $result;
146 | }else{
147 | return true;
148 | }
149 | }
150 |
151 | // 将会员设置成登陆状态
152 | public function setSession($user , $time = 0)
153 | {
154 | $db = $this->api->load('db');
155 | if(!is_array($user)){
156 | $map = is_string($user) ? 'username = "'.$user.'"' : 'userid = '.(int)$user;
157 | $user = $db->one('[!db.pre!]enewsmember' , 'userid,username,groupid,checked' , $map , 'userid desc');
158 | if(false === $user){
159 | $this->error = '没有获取到用户';
160 | return false;
161 | }
162 | }
163 | if((int)$user['checked'] !== 1){
164 | $this->error = '用户还有没有通过审核';
165 | return false;
166 | }
167 |
168 | $rnd = $this->getRand(20);
169 | $lasttime = time();
170 | $user['groupid'] = (int)$user['groupid'];
171 | $lastip = egetip();
172 | $lastipport = egetipport();
173 | $time = $time ? time()+ $time : 0;
174 | //update
175 | $map = 'userid = '.(int)$user['userid'];
176 | $db->update("[!db.pre!]enewsmember" , ['rnd' => $rnd] , $map);
177 | $db->update("enewsmemberadd" , [
178 | 'lasttime' => ['lasttime + 1'],
179 | 'lastip' => $lastip,
180 | 'loginnum' => ['loginnum + 1'],
181 | 'lastipport' => $lastipport
182 | ] , $map);
183 | //cookie
184 | esetcookie("mlusername" , $user['username'] , $time);
185 | esetcookie("mluserid" , $user['userid'] , $time);
186 | esetcookie("mlgroupid" , $user['groupid'] , $time);
187 | esetcookie("mlrnd" , $rnd , $time);
188 | esetcookie('mlauth', $this->getAuthCode($user['userid'], $user['username'], $user['groupid'] , $rnd) , $time);
189 | return true;
190 | }
191 |
192 | // 将会员设置为登出状态
193 | public function clearSession()
194 | {
195 | esetcookie("mlusername","",0);
196 | esetcookie("mluserid","",0);
197 | esetcookie("mlgroupid","",0);
198 | esetcookie("mlrnd","",0);
199 | esetcookie("mlauth","",0);
200 | }
201 |
202 | // 检测会员状态
203 | public function getSession($fields = '*'){
204 | $userid = (int)getcvar('mluserid');
205 | $username = RepPostVar(getcvar('mlusername'));
206 | $rnd = RepPostVar(getcvar('mlrnd'));
207 |
208 | if(!$userid || !$username || !$rnd){
209 | return false;
210 | }
211 |
212 | if($fields !== '*'){
213 | $fs = $this->api->load('db')->getTableFields('[!db.pre!]enewsmember');
214 | $temp = is_array($fields) ? $fields : explode(',' , $fields);
215 | $trueFields = [];
216 | $allFields = [];
217 | foreach($temp as $i=>$v){
218 | $f = explode(' ' , trim($v)); //支持 userid as id 写法
219 | $f = $f[0];
220 | if($f !== '' && isset($fs[$f])){
221 | $trueFields[] = $v;
222 | $allFields[] = $f;
223 | }
224 | }
225 | foreach(['userid' , 'username' , 'userdate' , 'groupid' , 'zgroupid'] as $i){
226 | if(!in_array($i , $allFields)){
227 | $trueFields[] = $i;
228 | }
229 | }
230 | $fields = implode(',' , $trueFields);
231 |
232 | }
233 |
234 | $user = $this->one($userid , $fields);
235 |
236 | //检测用户是否已过期
237 | if($user['userdate']){
238 | if($user['userdate'] - time() <= 0){
239 | $this->setGroup($user['userid'] , $user['zgroupid']);
240 | if($user['zgroupid']){
241 | $user['groupid'] = $user['zgroupid'];
242 | $user['zgroupid'] = 0;
243 | }
244 | }
245 | }
246 | return $user;
247 | }
248 |
249 | // 删除
250 | public function delete($uid)
251 | {
252 | $db = $this->api->load('db');
253 | $map = is_string($uid) ? 'username = "'.$uid.'"' : 'userid = '.(int)$uid;
254 | $user = $db->one('[!db.pre!]enewsmember' , 'userid' , $map);
255 | if(false === $user){
256 | $this->error = '没有查询到相关用户';
257 | return false;
258 | }
259 | $userid = $user['userid'];
260 | $map = 'userid = '.$userid;
261 |
262 | $db->delete('[!db.pre!]enewsmember' , $map);
263 | $db->delete('[!db.pre!]enewsmemberadd' , $map);
264 |
265 | return $userid;
266 | }
267 |
268 | // 获取验证码或验证
269 | public function code($name = 'login' , $code = false)
270 | {
271 | $name = $name === 'login' ? 'checkloginkey' : 'checkregkey';
272 | if($code !== false){
273 | //验证
274 | return $this->api->load('check')->code($name , $code , 0);
275 | }else{
276 | //设置
277 | esetcookie($name , '' , 0 , 0);
278 | }
279 | }
280 |
281 | // 设置用户组
282 | public function setGroup($uid , $gid)
283 | {
284 | $uid = (int)$uid;
285 | $gid = (int)$gid;
286 | return $uid ? $this->api->load('db')->update("[!db.pre!]enewsmember" , ['groupid' => $gid , 'userdate' => 0] , "userid=".$uid) : false;
287 | }
288 |
289 | // 获取指定用户用户名或ID的数据
290 | public function one($user , $field = '*')
291 | {
292 | $map = is_string($user) ? 'username = "'.$user.'"' : 'userid = '.(int)$user;
293 | return $this->api->load('db')->one('[!db.pre!]enewsmember' , $field , $map);
294 | }
295 |
296 | // 获取会员列表
297 | public function getList($field = '*' , $map = '0' , $pagination = '20,1' , $orderby = 'userid desc')
298 | {
299 | return $this->api->load('db')->select('[!db.pre!]enewsmember' , $field , $map , $pagination , $orderby);
300 | }
301 |
302 | // 查询用户是否已存在
303 | public function hasUser($map)
304 | {
305 | return $this->api->load('db')->total('[!db.pre!]enewsmember' , $map);
306 | }
307 |
308 | public function hasUserByUsername($username)
309 | {
310 | return $this->hasUser('username = "'.$username.'"');
311 | }
312 |
313 | public function hasUserByUserid($userid)
314 | {
315 | return $this->hasUser('userid = "'.$userid.'"');
316 | }
317 |
318 | public function hasUserByEmail($email)
319 | {
320 | return $this->hasUser('email = "'.$email.'"');
321 | }
322 |
323 | // 验证用户帐号与密码是否一值,成功返回会员主表所有数据
324 | public function checkAccounts($accounts , $password , $type = 'username')
325 | {
326 | $map = $type . ' = "' . $accounts .'"';
327 | $user = $this->api->load('db')->one('[!db.pre!]enewsmember' , '*' , $map , 'userid desc');
328 | if(false === $user){
329 | $this->error = '没有查询到用户';
330 | return false;
331 | }
332 | if($this->createPassword($password , $user['salt']) !== $user['password']){
333 | $this->error = '帐号与密码不匹配';
334 | return false;
335 | }
336 | return $user;
337 | }
338 |
339 | // 生成密码
340 | public function createPassword($value , $salt)
341 | {
342 | global $ecms_config;
343 | $type = (int)$ecms_config['member']['pwtype'];
344 | if($type === 0){
345 | return md5($value);
346 | }else if($type === 1){
347 | return $value;
348 | }else if($type === 3){
349 | return substr(md5($value),8,16);
350 | }else{
351 | return md5(md5($value).$salt);
352 | }
353 | }
354 |
355 | // 登陆验证字符
356 | public function getAuthCode($userid , $username , $groupid , $rnd)
357 | {
358 | global $ecms_config;
359 | return $code = md5(md5($rnd.'--d-i!'.$userid.'-(g*od-'.$username.$ecms_config['cks']['ckrndtwo'].'-'.$groupid).'-#empire.cms!--p)h-o!me-'.$ecms_config['cks']['ckrndtwo']);
360 | }
361 |
362 | protected function filterField($table , $data)
363 | {
364 | if(empty($data) || !is_array($data)){
365 | return [];
366 | }
367 | $fields = $this->api->load('db')->getTableFields('[!db.pre!]'.$table);
368 | foreach($data as $i=>$v){
369 | if(!isset($fields[$i])){
370 | unset($data[$i]);
371 | }
372 | }
373 | return $data;
374 | }
375 |
376 | // 获取随即字符
377 | protected function getRand($len)
378 | {
379 | return make_password($len);
380 | }
381 |
382 | public function getError()
383 | {
384 | return $this->error;
385 | }
386 | }
--------------------------------------------------------------------------------
/ecmsapi/_class/EapiTable.php:
--------------------------------------------------------------------------------
1 | api = $api;
11 | }
12 |
13 | public function insert($table , $post)
14 | {
15 | $result = $this->validate($table , $post);
16 | if(false === $result){
17 | return false;
18 | }
19 | if(!isset($post['classid'])){
20 | $this->error = '请选择栏目';
21 | return false;
22 | }
23 | if(!isset($post['title'])){
24 | $this->error = '标题不能为空';
25 | return false;
26 | }
27 | if(!isset($post['userid'])){
28 | $this->error = '请选择发布用户ID';
29 | return false;
30 | }
31 | if(!isset($post['username'])){
32 | $this->error = '请填写发布用户名称';
33 | return false;
34 | }
35 |
36 | if(!isset($post['newstime'])){
37 | $post['newstime'] = time();
38 | }
39 | if(!isset($post['truetime'])){
40 | $post['truetime'] = $post['newstime'];
41 | }
42 | if(!isset($post['lastdotime'])){
43 | $post['lastdotime'] = $post['newstime'];
44 | }
45 |
46 | $db = $this->api->load('db');
47 |
48 | // 索引表
49 | $itb = 'index';
50 | $idata = $this->getIndexData($post);
51 | $id = $db->insert($this->getTableName($table , $itb) , $idata);
52 |
53 | if(false === $id){
54 | $this->error = '数据库操作失败';
55 | return false;
56 | }
57 |
58 | $isChecked = isset($idata['checked']) ? $idata['checked'] : 0;
59 | $data = $this->filterField($table , $post);
60 | $data['id'] = $id;
61 |
62 | // 主表
63 | $tname = $this->getTableName($table);
64 | if(!$isChecked){
65 | $tname .= '_check';
66 | }
67 | $db->insert($tname , $data);
68 | $d = $db->getByPk($tname , $id);
69 | if(false === $d){
70 | $db->delete($tname , "id = {$id}");
71 | $this->error = '数据库操作失败';
72 | return false;
73 | }
74 |
75 | // 副表
76 | if(!$isChecked){
77 | $stb = 'check_data';
78 | }else{
79 | $stb = 'data_'.$d['stb'];
80 | }
81 | $sdata = $this->filterField($table.'_'.$stb , array_merge($post , $d));
82 | $db->insert($this->getTableName($table , $stb) , $sdata);
83 |
84 | // 修改titleurl
85 | if(!isset($data['titleurl']) || $data['titleurl'] === ''){
86 | $this->updateTitleUrl($isChecked ? $table : $table . '_check', $d);
87 | }
88 |
89 | // 更新栏目信息数
90 | $infos = [
91 | 'allinfos' => ['allinfos + 1']
92 | ];
93 | if($isChecked){
94 | $infos['infos'] = ['infos + 1'];
95 | }
96 | $db->update('[!db.pre!]enewsclass' , $infos , 'classid = '.$d['classid']);
97 | return $id;
98 | }
99 |
100 | public function update($table , $post , $id = 0)
101 | {
102 | $result = $this->validate($table , $post);
103 | if(false === $result){
104 | return false;
105 | }
106 | $id = (int)$id;
107 | if($id === 0){
108 | if(isset($post['id'])){
109 | $id = (int)$post['id'];
110 | unset($post['id']);
111 | }
112 | }
113 | if($id === 0){
114 | $this->error = '请指定要更新的内容ID';
115 | return false;
116 | }
117 |
118 | $db = $this->api->load('db');
119 | $idata = $db->getByPk($this->getTableName($table , 'index') , $id);
120 |
121 | if(false === $idata){
122 | $this->error = '没要查询到相关数据';
123 | return false;
124 | }
125 |
126 | $isChecked = (int)$idata['checked'];
127 |
128 | $tb = $isChecked ? $table : $table.'_check';
129 | $data = $this->filterField($tb , $post);
130 |
131 | // 删除不允许更新的字段
132 | foreach(['stb' , 'fstb' , 'restb'] as $i){
133 | if(isset($data[$i])){
134 | unset($data[$i]);
135 | }
136 | }
137 | // 如果没有指定更新时间,则自动更新时间
138 | if(!isset($data['lastdotime'])){
139 | $data['lastdotime'] = time();
140 | }else if((int)$data['lastdotime'] === 0){
141 | unset($data['lastdotime']);
142 | }
143 |
144 | if(empty($data)){
145 | $this->error = '请填写需要更新的字段';
146 | return false;
147 | }
148 |
149 | $result = $db->update('[!db.pre!]ecms_'.$tb , $data , 'id = '.$id);
150 |
151 | if(false === $result){
152 | $this->error = '更新失败';
153 | return false;
154 | }
155 |
156 | if($isChecked){
157 | $odata = $db->getByPk('[!db.pre!]ecms_'.$tb , $id , 'stb');
158 | $stb = $tb.'_data_'.$odata['stb'];
159 | }else{
160 | $stb = $tb.'_data';
161 | }
162 |
163 | $sdata = $this->filterField($stb , array_merge($post , $data));
164 |
165 | if(!empty($sdata)){
166 | return $db->update('[!db.pre!]ecms_'.$stb , $sdata , 'id = '.$id);
167 | }
168 |
169 | return true;
170 | }
171 |
172 | public function delete($table , $id)
173 | {
174 | global $class_r;
175 | $db = $this->api->load('db');
176 | $idata = $db->getByPk('[!db.pre!]ecms_'.$table.'_index' , $id);
177 | if(false === $idata){
178 | $this->error = '没有查询到相关数据';
179 | return false;
180 | }
181 | $classid = $idata['classid'];
182 | if(!isset($class_r[$classid])){
183 | $this->error = '当前数据栏目不存在';
184 | return false;
185 | }else if($class_r[$classid]['tbname'] !== $table){
186 | $this->error = '数据栏目与模型不比配';
187 | return false;
188 | }
189 | $result = $db->delete('[!db.pre!]ecms_'.$table.'_index' , 'id = '.$id);
190 | if( false === $result){
191 | $this->error = '删除失败';
192 | return false;
193 | }
194 |
195 | $infos = ['allinfos' => ['allinfos - 1']];
196 |
197 | if((int)$idata['checked'] === 0){
198 | $db->delete('[!db.pre!]ecms_'.$table.'_check' , 'id = '.$id);
199 | $db->delete('[!db.pre!]ecms_'.$table.'_check_data' , 'id = '.$id);
200 | }else{
201 | $odata = $db->getByPk('[!db.pre!]ecms_'.$table , $id , 'stb');
202 | $db->delete('[!db.pre!]ecms_'.$table , 'id = '.$id);
203 | $db->delete('[!db.pre!]ecms_'.$table.'_data_'.$odata['stb'] , 'id = '.$id);
204 | $infos['infos'] = ['infos - 1'];
205 | }
206 |
207 | // 刷列表除信息量
208 | $db->update('[!db.pre!]enewsclass' , $infos , 'classid = '.$classid);
209 |
210 | return true;
211 | }
212 |
213 | // 获取数据
214 | public function get($table , $id , $field = '*')
215 | {
216 | global $class_r;
217 | $db = $this->api->load('db');
218 | $idata = $db->getByPk('[!db.pre!]ecms_'.$table.'_index' , $id);
219 | if(false === $idata){
220 | $this->error = '没有查询到相关数据';
221 | return false;
222 | }
223 | $classid = $idata['classid'];
224 | if(!isset($class_r[$classid])){
225 | $this->error = '当前数据栏目不存在';
226 | return false;
227 | }else if($class_r[$classid]['tbname'] !== $table){
228 | $this->error = '数据栏目与模型不比配';
229 | return false;
230 | }
231 |
232 | if(empty($field) || $field === '*'){
233 | $zf = '*';
234 | $sf = '*';
235 | }else{
236 | $zField = $this->getFields($table);
237 | $sField = $this->getFields($table.'_data_1');
238 | $field = is_array($field) ? $field : explode(',' , $field);
239 |
240 | $zf = [];
241 | $sf = [];
242 |
243 | foreach($field as $i){
244 |
245 | if(isset($zField[$i])){
246 | $zf[] = $i;
247 | }
248 | if(isset($sField[$i])){
249 | $sf[] = $i;
250 | }
251 | }
252 | $zf = empty($zf) ? '*' : implode(',' , $zf);
253 | $sf = empty($sf) ? '' : implode(',' , $sf);
254 | }
255 |
256 | if((int)$idata['checked'] === 0){
257 | $zdata = $db->getByPk('[!db.pre!]ecms_'.$table.'_check' , $id , $zf);
258 | if($sf !== ''){
259 | $sdata = $db->getByPk('[!db.pre!]ecms_'.$table.'_check_data' , $id , $sf);
260 | }else{
261 | $sdata = [];
262 | }
263 | }else{
264 | $zdata = $db->getByPk('[!db.pre!]ecms_'.$table , $id , $zf);
265 |
266 | if($sf !== ''){
267 | if(!isset($zdata['stb'])){
268 | $r = $db->getByPk('[!db.pre!]ecms_'.$table , $id , 'stb');
269 | $i = $r['stb'];
270 | }else{
271 | $i = $zdata['stb'];
272 | }
273 | $sdata = $db->getByPk('[!db.pre!]ecms_'.$table.'_data_'.$i , $id , $sf);
274 | }else{
275 | $sdata = [];
276 | }
277 | }
278 |
279 | return array_merge($zdata , $sdata);
280 |
281 | }
282 |
283 | // 设置审核状态
284 | public function setChecked($table , $id , $checked = 1)
285 | {
286 | $checked = (int)$checked > 0 ? 1 : 0;
287 | $tb = '[!db.pre!]ecms_'.$table;
288 | $db = $this->api->load('db');
289 | $data = $db->getByPk($tb.'_index' , $id , 'id,classid,checked');
290 |
291 | if(!$data){
292 | $this->error = '没有获取到相关数据';
293 | return false;
294 | }
295 |
296 | if((int)$data['checked'] === $checked){
297 | return true;
298 | }
299 |
300 | if($checked === 1){
301 | $form_tb = $tb.'_check'; // 主表
302 | $form_data_tb = $tb.'_check_data'; // 副表
303 | $d = $db->getByPk($tb.'_check' , $id , 'stb');
304 | $to_tb = $tb; // 转入主表
305 | $to_data_tb = $tb.'_data_'.$d['stb']; // 移入副表
306 | $infos['infos'] = ['infos + 1']; // 审核 栏目统计+1
307 | }else{
308 | $d = $db->getByPk($tb , $id , 'stb');
309 | $form_tb = $tb; // 主表
310 | $form_data_tb = $tb.'_data_'.$d['stb']; // 副表
311 | $to_tb = $tb.'_check'; // 转入主表
312 | $to_data_tb = $to_tb.'_data'; // 转入副表
313 | $infos['infos'] = ['infos - 1']; // 取消审核 栏目统计-1
314 | }
315 | $map = 'id = '.$id;
316 | $db->query("insert into {$to_tb} select * from {$form_tb} where {$map}"); // 复制主表
317 | $db->query("insert into {$to_data_tb} select * from {$form_data_tb} where {$map}"); // 复制副表
318 | $db->delete($form_tb , $map);
319 | $db->delete($form_data_tb , $map);
320 | $db->update($tb.'_index' , ['checked' => $checked] , $map);
321 |
322 | // 刷列表除信息量
323 | $db->update('[!db.pre!]enewsclass' , $infos , 'classid = '.$data['classid']);
324 |
325 | return true;
326 | }
327 |
328 | protected function filterField($table , $data)
329 | {
330 | if(empty($data) || !is_array($data)){
331 | return [];
332 | }
333 | $fields = $this->getFields($table);
334 | foreach($data as $i=>$v){
335 | if(!isset($fields[$i])){
336 | unset($data[$i]);
337 | }
338 | }
339 | return $data;
340 | }
341 |
342 | protected function getTableName($name , $ext = '')
343 | {
344 | return '[!db.pre!]ecms_'.$name.($ext !== '' ? '_'.$ext : '');
345 | }
346 |
347 | protected function getIndexData($data)
348 | {
349 | $fields = ['classid' , 'checked' , 'newstime' , 'truetime' , 'lastdotime' , 'havehtml'];
350 | $r = [];
351 | foreach($fields as $v){
352 | if(isset($data[$v])){
353 | $r[$v] = (int)$data[$v];
354 | }
355 | }
356 | return $r;
357 | }
358 |
359 | protected function validate($table , $data)
360 | {
361 | global $class_r;
362 | if(empty($data) || !is_array($data)){
363 | $this->error = '参数错误';
364 | return false;
365 | }
366 | if(isset($data['classid'])){
367 | $classid = $data['classid'];
368 | if(!isset($class_r[$classid])){
369 | $this->error = '所选栏目不存在';
370 | return false;
371 | }else if($class_r[$classid]['tbname'] !== $table){
372 | $this->error = '所选栏目与模型不匹配';
373 | return false;
374 | }else if((int)$class_r[$classid]['islast'] !== 1){
375 | $this->error = '非终级栏目不允许发布';
376 | return false;
377 | }
378 | }
379 | if(isset($data['title']) && $data['title'] === ''){
380 | $this->error = '标题不能为空';
381 | return false;
382 | }
383 | return true;
384 | }
385 |
386 | public function updateTitleUrl($table , $d)
387 | {
388 | global $ecms_config,$class_r;
389 | $c = $class_r[$d['classid']];
390 | $v = [];
391 | if($d['filename'] === ''){
392 | $v['filename'] = $d['id'];
393 | }else{
394 | $v['filename'] = $d['filename'];
395 | }
396 | $v['newspath'] = $d['newspath'];
397 |
398 | $v['titleurl'] = '/'.$c['classpath'].'/'.$v['newspath'].'/'.$v['filename'].$c['filetype'];
399 | $v['titleurl'] = str_replace('//' , '/' , $v['titleurl']);
400 |
401 | $this->api->load('db')->update('[!db.pre!]ecms_'.$table , $v , 'id = '.$d['id']);
402 | }
403 |
404 | protected function getFields($table){
405 | return $this->api->load('db')->getTableFields("[!db.pre!]ecms_{$table}");
406 | }
407 |
408 | public function getError()
409 | {
410 | return $this->error;
411 | }
412 | }
--------------------------------------------------------------------------------
/ecmsapi/_extend/EapiExtendFpay.php:
--------------------------------------------------------------------------------
1 | api = $api;
11 | }
12 |
13 | // 加载支付平台模块
14 |
15 | public function load($name = '' , $conf = [] , $cache = true)
16 | {
17 | $className = 'Fpay'.ucfirst($name);
18 | if(!class_exists($className , false)){
19 | require(ECMS_PATH . '/ecmsapi/_extend/fpay/'.$className.'.php');
20 | }
21 | if(false === $cache){
22 | return new $className($conf);
23 | }else{
24 | if(!isset($this->classCache[$name])){
25 | $this->classCache[$name] = new $className($conf);
26 | }
27 | return $this->classCache[$name];
28 | }
29 | }
30 |
31 | // 生成订单号
32 | public function buildOrderid()
33 | {
34 | list($i , $t) = explode(' ' ,microtime());
35 | return $t.substr($i , 2 , 6);
36 | }
37 |
38 | // 创建订单
39 | public function createOrder($conf = [])
40 | {
41 | $data = [
42 | 'orderid' => isset($conf['orderid']) ? $conf['orderid'] : $this->buildOrderid(),
43 | 'price' => (int)$conf['price'],
44 | 'status' => 0,
45 | 'payid' => $conf['payid'],
46 | 'ctime' => time(),
47 | 'description' => isset($conf['description']) ? $conf['description'] : '',
48 | 'uid' => $conf['uid'],
49 | 'ip' => egetip(),
50 | 'tid' => isset($conf['tid']) ? (int)$conf['tid'] : 0,
51 | 'type' => isset($conf['type']) ? (int)$conf['type'] : 0
52 | ];
53 |
54 | $id = $this->api->load('db')->insert('[!db.pre!]fpay_order' , $data);
55 | if(false !== $id){
56 | return $data;
57 | }else{
58 | $this->error = '订单创建失败';
59 | return false;
60 | }
61 | }
62 |
63 | // 获取一个订单
64 | public function getOrder($orderid = '')
65 | {
66 | $orderid = (int)$orderid;
67 | return $this->api->load('db')->one('[!db.pre!]fpay_order' , '*' , 'orderid = ' . $orderid);
68 | }
69 |
70 | // 完成一个订单
71 | public function completeOrder($orderid = '')
72 | {
73 | $order = $this->getOrder($orderid);
74 | if(empty($order)){
75 | $this->error = '无效订单';
76 | return false;
77 | }
78 | if((int)$order['status'] === 1){
79 | return true;
80 | }
81 | $num = $this->api->load('db')->total('[!db.pre!]enewsmember' , 'userid='.$order['uid']);
82 | if($num === 0){
83 | $this->error = '此订单用户已被删除';
84 | return false;
85 | }
86 | $type = (int)$order['type'];
87 | if($type === 0){
88 | return $this->complete_fen_order($order);
89 | }else if($type === 1){
90 | return $this->complete_money_order($order);
91 | }else if($type === 2){
92 | return $this->complete_buygroup_order($order);
93 | }else if($type === 3){
94 | return $this->complete_shop_order($order);
95 | }else if($type === 4){
96 | return $this->complete_other_order($order);
97 | }else{
98 | $this->error = '订单类型错误';
99 | return false;
100 | }
101 | }
102 |
103 | // 完成一个积分订单
104 | protected function complete_fen_order($order)
105 | {
106 | $db = $this->api->load('db');
107 | $v = $this->api->load('db')->one('[!db.pre!]enewspublic' , 'paymoneytofen,payminmoney' , '1=1');
108 | $fen = intval($order['price']*$v['paymoneytofen']/$v['payminmoney']);
109 |
110 | $result = $db->update('[!db.pre!]enewsmember' , [
111 | 'userfen' => ['userfen+'.$fen]
112 | ] , 'userid='.$order['uid']);
113 | if(false === $result){
114 | $this->error = '订单处理失败';
115 | return false;
116 | }
117 | $this->set_order_status($order['orderid'] , 1);
118 | return true;
119 | }
120 |
121 | // 完成一个现金订单
122 | protected function complete_money_order($order)
123 | {
124 | $result = $this->api->load('db')->update('[!db.pre!]enewsmember' , [
125 | 'money' => ['money+'.$order['price']]
126 | ] , 'userid='.$order['uid']);
127 | if(false === $result){
128 | $this->error = '订单处理失败';
129 | return false;
130 | }
131 | $this->set_order_status($order['orderid'] , 1);
132 | return true;
133 | }
134 |
135 | // 完成一个充值类型订单
136 | protected function complete_buygroup_order($order)
137 | {
138 | global $public_r;
139 | $id = $order['tid'];
140 | $db = $this->api->load('db');
141 | $ka = $db->one('[!db.pre!]enewsbuygroup' , '*' , 'id='.$id);
142 | if(empty($ka)){
143 | $this->error = '充值类型已下架';
144 | return false;
145 | }
146 | $user = $db->one('[!db.pre!]enewsmember' , 'userdate,userid,username,groupid' , 'userid='.$order['uid']);
147 | if(!$user){
148 | $this->error = '该充值用户未找到';
149 | return false;
150 | }
151 | $up = [];
152 | if($level_r[$ka['buygroupid']]['level'] > $level_r[$user['groupid']]['level'] ){
153 | $this->error = '当前用户所有组不允许购买此充值类型';
154 | return false;
155 | }
156 | if($ka['gfen'] > 0){
157 | $up['userfen'] = ['userfen+'.$ka['gfen']];
158 | }
159 |
160 | // 存在时间购买
161 | if($ka['gdate'] > 0){
162 |
163 | $date = $user['userdate'];
164 | // 当前会组
165 | if((int)$user['groupid'] !== (int)$ka['ggroupid']){
166 | // 当存在会员组更变时,且时间未到期时
167 | if($date && $date > time()){
168 | $dateType = (int)$public_r['mhavedatedo']; //时间处理方式 1覆盖,2叠加,其它不允许
169 | if($dateType === 1){
170 | // 覆盖时间,将原时间清0
171 | $date = 0;
172 | }else if($dateType === 2){
173 | // 叠加时间,不需处理
174 |
175 | }else{
176 | $this->error = '已有会员组';
177 | return false;
178 | }
179 | }
180 | }
181 | $up['userdate'] = $date < time() ? time() + $ka['gdate']*24*3600 : $date + $ka['gdate']*24*3600;
182 |
183 | if($ka['ggroupid'] > 0){
184 | $up['groupid'] = $ka['ggroupid'];
185 | }
186 | if($ka['zgroupid'] > 0){
187 | $up['zgroupid'] = $ka['zgroupid'];
188 | }
189 | }
190 |
191 | $result = $this->api->load('db')->update('[!db.pre!]enewsmember' , $up , 'userid='.$order['uid']);
192 | if(false === $result){
193 | $this->error = '订单处理失败';
194 | return false;
195 | }
196 | $this->set_order_status($order['orderid'] , 1);
197 | return true;
198 | }
199 |
200 | // 完成一个商城订单
201 | protected function complete_shop_order($order)
202 | {
203 | $id = $order['tid']; //商城订单id
204 | $db = $this->api->load('db');
205 |
206 | // 获取商城订单
207 | $dd = $db->one('[!db.pre!]enewsshopdd' , 'ddid,ddno,userid,username,truename,pstotal,alltotal,fptotal,pretotal,fp,payby,havecutnum' , 'ddid='.$id);
208 |
209 | if(!$dd){
210 | $this->error = '订单已失效或被删除';
211 | return false;
212 | }
213 |
214 | if((int)$dd['payby'] !== 0){
215 | $this->error = '此订单为非现金支付';
216 | return false;
217 | }
218 |
219 | $dd['tmoney'] = $dd['alltotal']+$dd['pstotal']+$dd['fptotal']-$dd['pretotal'];
220 |
221 | // 更新商城订单状态
222 | $result = $db->update('[!db.pre!]enewsshopdd' , ['haveprice' => 1] , 'ddid='.$id);
223 |
224 | if($result === false){
225 | $this->error = '订单处理失败';
226 | return false;
227 | }
228 |
229 | // 获取商城配置
230 | $conf = $db->one('[!db.pre!]enewsshop_set' , '*' , '1=1');
231 |
232 | // 更新库存
233 | if( (int)$conf['cutnumtype'] === 1 ){
234 | $dd_add = $db->one('[!db.pre!]enewsshopdd_add' , '*' , 'ddid='.$id);
235 | $this->ShopsysCutMaxnum($id , $dd_add['buycar'] , $dd['havecutnum'] , $conf , 0);
236 | }
237 |
238 | $this->set_order_status($order['orderid'] , 1);
239 |
240 | return true;
241 | }
242 |
243 | // 完成一个其它订单,tid表示要充值的积分
244 | protected function complete_other_order($order)
245 | {
246 | $result = $this->api->load('db')->update('[!db.pre!]enewsmember' , [
247 | 'userfen' => ['userfen+'.$order['tid']]
248 | ] , 'userid='.$order['uid']);
249 | if(false === $result){
250 | $this->error = '订单处理失败';
251 | return false;
252 | }
253 | $this->set_order_status($order['orderid'] , 1);
254 | return true;
255 | }
256 |
257 | // 设置订单状态
258 | protected function set_order_status($orderid = 0 , $status = 1)
259 | {
260 | return $this->api->load('db')->update('[!db.pre!]fpay_order' , ['status' => $status , 'ptime' => time()] , 'orderid = '.$orderid);
261 | }
262 |
263 | // 将帝国默认的订单类型转换成数字
264 | public function getOrderType($name = '')
265 | {
266 | $name = $name === '' ? getcvar('payphome') : $name;
267 | $name = strtolower($name);
268 |
269 | $types = [
270 | 'paytofen' => 0,
271 | 'paytomoney' => 1,
272 | 'buygrouppay' => 2,
273 | 'shoppay' => 3,
274 | ];
275 |
276 | return isset($types[$name]) ? $types[$name] : null;
277 |
278 | }
279 |
280 | public function getOrderList($data = [] , $pagination = '20,1' , $orderby = 'orderid desc')
281 | {
282 | $map = '';
283 | $uid = isset($data['uid']) ? (int)$data['uid'] : 0;
284 | if($uid > 0){
285 | $map .= ' and uid = '.$uid;
286 | }
287 | $status = isset($data['status']) ? trim($data['status']) : '';
288 | if($status !== ''){
289 | $map .= ' and status = '.($status ? 1 : 0);
290 | }
291 | $orderid = isset($data['orderid']) ? (int)$data['orderid'] : 0;
292 | if($orderid > 0){
293 | $map .= ' and orderid = '.$orderid;
294 | }
295 | $startTime = isset($data['starttime']) ? trim($data['starttime']) : '';
296 | if($startTime !== '' && strtotime($startTime) !== false){
297 | $map .= ' and ctime > '.strtotime($startTime);
298 | }
299 | $endTime = isset($data['endtime']) ? trim($data['endtime']) : '';
300 | if($endTime !== '' && strtotime($endTime) !== false){
301 | $map .= ' and ctime < '.strtotime($endTime);
302 | }
303 | $payid = isset($data['payid']) ? (int)$data['payid'] : 0;
304 | if($payid > 0){
305 | $map .= ' and payid = '.$payid;
306 | }
307 | list($limit , $page) = explode(',' , $pagination.',1,1');
308 | $page = (int)$page;
309 | $limit = (int)$limit;
310 | $limit = $limit > 0 ? $limit : 20;
311 | $limit = $limit <= 1000 ? $limit : 1000;
312 |
313 |
314 |
315 | $map = $map !== '' ? substr($map , 4) : '1=1';
316 |
317 | list($sortfield , $sorttype) = explode(' ' , $orderby.' orderid desc');
318 |
319 | $sortfield = in_array(strtolower($sortfield) , ['orderid' , 'ctime' , 'ptime' , 'uid' , 'price' , 'status']) ? strtolower($sortfield) : 'orderid';
320 | $sorttype = strtolower($sorttype) === 'asc' ? 'asc' : 'desc';
321 |
322 |
323 |
324 |
325 | $total = $this->api->load('db')->total('[!db.pre!]fpay_order' , $map);
326 |
327 | if($total > 0){
328 | $page_total = ceil($total / $limit);
329 | $list = $this->api->load('db')->select('[!db.pre!]fpay_order' , '*' , $map , $limit.','.$page , $sortfield.' '.$sorttype);
330 | $result = [
331 | 'total' => $total,
332 | 'page' => $page,
333 | 'page_total' => (int)$page_total,
334 | 'limit' => $limit,
335 | 'list' => $list
336 | ];
337 | }else{
338 | $result = [
339 | 'total' => 0,
340 | 'page' => 1,
341 | 'page_total' => 1,
342 | 'limit' => $limit,
343 | 'list' => []
344 | ];
345 | }
346 | return $result;
347 |
348 | }
349 |
350 |
351 | public function getError()
352 | {
353 | return $this->error;
354 | }
355 |
356 | /* 偷个懒 照抄商城订单库存处理函数 */
357 | protected function ShopsysCutMaxnum($ddid,$buycar,$havecut,$shoppr,$ecms=0){
358 | global $class_r,$empire,$dbtbpre,$public_r;
359 | $ddid=(int)$ddid;
360 | if(empty($buycar))
361 | {
362 | return '';
363 | }
364 | if($ecms==0&&$havecut)
365 | {
366 | return '';
367 | }
368 | if($ecms==1&&!$havecut)
369 | {
370 | return '';
371 | }
372 | if($ecms==0)
373 | {
374 | $fh='-';
375 | $salefh='+';
376 | }
377 | else
378 | {
379 | $fh='+';
380 | $salefh='-';
381 | }
382 | $record="!";
383 | $field="|";
384 | $buycarr=explode($record,$buycar);
385 | $bcount=count($buycarr);
386 | for($i=0;$i<$bcount-1;$i++)
387 | {
388 | $pr=explode($field,$buycarr[$i]);
389 | $productid=$pr[1];
390 | $fr=explode(",",$pr[1]);
391 | //ID
392 | $classid=(int)$fr[0];
393 | $id=(int)$fr[1];
394 | //数量
395 | $pnum=(int)$pr[3];
396 | if($pnum<1)
397 | {
398 | $pnum=1;
399 | }
400 | if(empty($class_r[$classid][tbname]))
401 | {
402 | continue;
403 | }
404 | $empire->query("update {$dbtbpre}ecms_".$class_r[$classid][tbname]." set pmaxnum=pmaxnum".$fh.$pnum.",psalenum=psalenum".$salefh.$pnum." where id='$id'");
405 | }
406 | $newhavecut=$ecms==0?1:0;
407 | $empire->query("update {$dbtbpre}enewsshopdd set havecutnum='$newhavecut' where ddid='$ddid'");
408 | }
409 |
410 | }
--------------------------------------------------------------------------------