From 92d1d5ba1c325c9996f7e93b7e5919f2bc8152bd Mon Sep 17 00:00:00 2001
From: whatsns <617035918@qq.com>
Date: Sun, 17 May 2020 16:34:09 +0800
Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0fly=E7=89=88=EF=BC=8C?=
=?UTF-8?q?=E5=88=A0=E6=8E=89=E5=A4=9A=E4=BD=99=E6=96=87=E4=BB=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
system/core/Controller.php | 830 -------------------------------------
1 file changed, 830 deletions(-)
delete mode 100644 system/core/Controller.php
diff --git a/system/core/Controller.php b/system/core/Controller.php
deleted file mode 100644
index 14574ad..0000000
--- a/system/core/Controller.php
+++ /dev/null
@@ -1,830 +0,0 @@
- $class ) {
- $this->$var = & load_class ( $class );
- }
-
- $this->load = & load_class ( 'Loader', 'core' );
- $this->load->initialize ();
- $this->load->library ( 'form_validation' );
- if (PHP_VERSION < 7.2) {
- $this->load->library ( 'encrypt' );
- }
-
- if (strstr ( trim ( config_item ( 'mobile_domain' ) ), $_SERVER ['SERVER_NAME'] )) {
- defined ( 'SITE_URL' ) or define ( 'SITE_URL', config_item ( 'mobile_domain' ) );
- } else {
- defined ( 'SITE_URL' ) or define ( 'SITE_URL', config_item ( 'base_url' ) );
- }
-
- // 检查是否安装了程序
- $this->isinstall ();
-
- $this->init_cache ();
- //$this->checkurl ();
- $this->init_user ();
-
- $this->banned ();
-
- $this->canviewpage ();
-
- $this->time = time ();
- $this->ip = getip ();
- }
- /**
- *
- * 检车访问url是否正规,防搜索引擎抓取非正常网址
- *
- * @date: 2019年11月17日 下午9:39:07
- *
- * @author : 61703
- *
- * @param
- * : variable
- *
- * @return :
- *
- */
- function checkurl() {
- // 获取当前页面路由规则
- $regular = strtolower ( $this->uri->rsegments [1] ) . '/' . strtolower ( $this->uri->rsegments [2] );
- global $setting;
- $url = $_SERVER ['REQUEST_URI'];
-
- $p = pathinfo ( $url );
- // 获取访问页面的后缀,可能是html,php或者别的后缀
- $_fix = $p ['extension'];
-
- //如果网页带参数,提取参数前的后缀
- if(strstr ( $_fix, '?' )){
- $_fix=substr($_fix,0,strrpos($_fix,'?'));
- }
-
- if(strstr ( $url, 'index.php?' )||$this->uri->rsegments [1]=='rss'||$this->uri->rsegments [1]=='user'||$this->uri->rsegments [1]=='appstore'||$this->uri->rsegments [1]=='custom'||$this->uri->rsegments [1]=='pay'||$this->uri->rsegments [1]=='ebank'||$this->uri->rsegments [1]=='api_user'||strstr ( $this->uri->rsegments [1], 'app_' )){
-
- }else{
- // 判断是否是首页
- if (strstr ( $regular, 'index/index' )) {
- // 如果是首页只允许后缀是 php或者后台配置的后缀
- if ($_fix && $_fix != trim ( $setting ['seo_suffix'], '.' )) {
- //同时后缀也不等于默认的php
- if ($_fix != 'php') {
- show_404 ();
- }
- }
- } else {
- // 判断如果不是后台seo设置得网页后缀或者不是分类栏目地址就返回404
- if (strstr ( $regular, 'seo/index' ) || strstr ( $regular, 'ask/index' ) || strstr ( $regular, 'category/view' ) || strstr ( $regular, 'topic/catlist' )) { // 去掉文章栏目和问题栏目的url尾巴
- // 栏目白名单 ,如果有后缀就返回404,和后台配置相同除外
- if ($_fix && $_fix != trim ( $setting ['seo_suffix'], '.' )) {
- show_404 ();
- }
- } else {
-
- if (strstr ( $regular, '/index' )){
- //排除首页分享
- }else{
- // 非栏目页面判断网址后缀是否是后台配置默认的网址后缀
- if ($_fix != trim ( $setting ['seo_suffix'], '.' )) {
- show_404 ();
- }
- }
-
- }
- }
- }
-
- }
- // 检查是否已经安装
- function isinstall() {
- if (strtolower ( $this->uri->rsegments [1] ) != "install") {
- if (! file_exists ( FCPATH . 'data/install.lock' )) {
- header ( 'location:' . base_url () . 'install/index.php' );
- exit ();
- }
- }
- }
- /* 一旦setting的缓存文件读取失败,则更新所有cache */
- public function init_cache() {
- global $setting, $category, $badword, $keyword, $usergroup;
- $this->load->database ();
-
- $setting = $this->setting = $this->cache->load ( 'setting' );
- $category = $this->category = $this->cache->load ( 'category', 'id', 'displayorder' );
- $badword = $this->cache->load ( 'badword', 'find' );
- $keyword = $this->cache->load ( 'keywords', 'find' );
- $usergroup = $this->usergroup = $this->cache->load ( 'usergroup', 'groupid' );
- }
- function init_user() {
- @$sid = tcookie ( 'sid' );
- @$auth = tcookie ( 'auth' );
- global $user;
- $user = array ();
- @list ( $uid, $password ) = empty ( $auth ) ? array (
- 0,
- 0
- ) : taddslashes ( explode ( "\t", authcode ( $auth, 'DECODE' ) ), 1 );
- if (! $sid) {
- $sid = substr ( md5 ( time () . $this->input->ip_address () . random ( 6 ) ), 16, 16 );
- tcookie ( 'sid', $sid, 1800 );
- }
- $this->load->model ( 'user_model' );
- if ($uid && $password) {
- $user = $this->user_model->get_by_uid ( $uid, 0 );
- ($password != $user ['password']) && $user = array ();
- }
- if (! $user) {
- $user ['uid'] = 0;
- $user ['groupid'] = 6;
- if ($this->setting ['needlogin'] == 1) {
- $method = $this->uri->segments [2];
-
- if ($this->uri->segments [1] != 'account' && $this->uri->segments [1] != 'plugin_weixin' && $this->uri->segments [1] != 'pccaiji_question' && $this->uri->segments [1] != 'pccaiji_catgory' && $this->uri->segments [1] != 'api_user' && $method != 'code' && $method != 'login' && $method != 'register' && $method != 'getpass' && $method != 'resetpass' && $method != 'checkemail' && $method != 'getsmscode') {
-
- $url = url ( 'user/login' );
- header ( "Location:$url" );
- exit ();
- }
- }
- }
- if ($user ['isblack'] == 1) {
-
- exit ( "您已被网站管理员拉黑" );
- }
-
- if ($user ['uid'] && $user ['invatecode'] == null) {
- $this->user_model->sendinvatecodetouid ( $user ['uid'] );
- }
- $this->user_model->refresh_session_time ( $sid, $user ['uid'] );
- $user ['sid'] = $sid;
- $user ['ip'] = $this->input->ip_address ();
- $user ['uid'] && $user ['loginuser'] = $user ['username'];
- $user ['avatar'] = get_avatar_dir ( $user ['uid'] );
-
- $user = $this->user = array_merge ( $user, $this->usergroup [$user ['groupid']] );
- if ($user ['uid']) {
- // 如果用户登录,且携带邀请被邀请注册的邀请码,则自动成为被邀请人
- // frominvatecode
- if (! isset ( $user ['frominvatecode'] )) {
- // 如果不存在则绑定
- if (! isset ( $_SESSION )) {
- session_start ();
- }
- if (isset ( $_SESSION ['invatecode'] ) && $user ['invatecode'] != $_SESSION ['invatecode']) {
- $this->user_model->updateinvatecode ( $user ['uid'], $_SESSION ['invatecode'] );
- unset ( $_SESSION ['invatecode'] );
- }
- }
- }
- }
- /**
- *
- * 通过传sql脚本获取返回值
- *
- * @date: 2018年11月4日 下午3:05:25
- *
- * @author : 61703
- *
- * @param
- * : variable
- *
- * @return : 返回一个数组,查询不到返回一个空数组
- *
- */
- function getlistbysql($sql) {
- $mlist = array ();
- $query = $this->db->query ( $sql );
- foreach ( $query->result_array () as $md ) {
- $mlist [] = $md;
- }
- return $mlist;
- }
- /* 从缓存中读取数据,如果失败,则自动去读取数据然后写入缓存 */
- function fromcache($cachename, $cachetime = 3) {
- $cachetime = ($this->setting ['index_life'] == 0) ? 1 : $this->setting ['index_life'] * 60;
- if ($cachetime == 'static') {
- $cachedata = $this->cache->read ( $cachename, 0 );
- } else {
- $cachedata = $this->cache->read ( $cachename, $cachetime );
- }
-
- if ($cachedata)
- return $cachedata;
- switch ($cachename) {
- // 用户模块
- case 'userauthorlist' :
- // 首页右侧推荐作者
- $this->load->model ( 'topic_model' );
-
- $cachedata = $this->topic_model->get_user_articles ( 0, 5 );
- break;
- case 'headernavlist' :
-
- $this->load->model ( 'nav_model' );
-
- $cachedata = $this->nav_model->get_format_url ();
- break;
- case 'cweixin' :
- $this->load->model ( 'weixin_setting_model' );
- $cachedata = $this->weixin_setting_model->get ();
- break;
- case 'duizhang' :
- $this->load->model ( 'duizhang_model' );
- $cachedata = $this->duizhang_model->getlastpaylog ( 0, 10 );
- break;
- case 'nosolvelist' : // 待解决问题,网友正在问
-
- $this->load->model ( 'question_model' );
- $cachedata = $this->question_model->list_by_cfield_cvalue_status ( '', 0, '1', 0, $this->setting ['list_indexnosolve'] );
- break;
- case 'solvelist' : // 已解决问题
- $this->load->model ( 'question_model' );
- $cachedata = $this->question_model->list_by_cfield_cvalue_status ( '', 0, 2, 0, $this->setting ['list_indexnosolve'] );
- break;
- case 'rewardlist' : // 悬赏的问题
- $this->load->model ( 'question_model' );
- $cachedata = $this->question_model->list_by_cfield_cvalue_status ( '', 0, 4, 0, $this->setting ['list_indexreward'] );
- break;
- case 'shangjinlist' : // 现金悬赏的问题
- $this->load->model ( 'question_model' );
- $cachedata = $this->question_model->list_by_shangjin ( 0, $this->setting ['list_indexreward'] );
- break;
- case 'yuyinlist' : // 语音的问题
- $this->load->model ( 'question_model' );
- $cachedata = $this->question_model->list_by_yuyin ( 0, $this->setting ['list_indexreward'] );
- break;
- case 'attentionlist' : // 关注问题排行榜
- $this->load->model ( 'question_model' );
- $cachedata = $this->question_model->get_hots ( 0, $this->setting ['list_indexnosolve'] );
- break;
- case 'weekuserlist' : // 达人飙升榜
- $this->load->model ( 'user_model' );
- $cachedata = $this->user_model->list_by_credit ( 1, $this->setting ['list_indexweekscore'] );
- break;
- case 'alluserlist' : // 总积分榜
- $this->load->model ( 'user_model' );
- $cachedata = $this->user_model->list_by_credit ( 0, $this->setting ['list_indexallscore'] );
- break;
- case 'newtaglist' : // 最新标签
- $this->load->model ( "tag_model" );
- $cachedata = $this->tag_model->getalltaglist ( 0, $this->setting ['list_indexhottag'] );
- break;
- case 'hosttaglist' : // 热门标签
- $this->load->model ( "tag_model" );
- $cachedata = $this->tag_model->gethotalltaglist ( 0, $this->setting ['list_indexhottag'] );
- break;
- case 'categorylist' : // 首页左侧分类列表
- $this->load->model ( 'category_model' );
- $cachedata = $this->category_model->list_by_grade ();
- break;
- case 'topdata' : // 首页顶置缓存内容数组
- $this->load->model ( 'topdata_model' );
- if (! isset ( $this->setting ['list_topdatanum'] )) {
- $cachedata = $this->topdata_model->get_list ( 0, 3 );
- } else {
- $cachedata = $this->topdata_model->get_list ( 0, $this->setting ['list_topdatanum'] );
- }
-
- break;
-
- case 'notelist' : // 首页右侧公告列表
- $this->load->model ( 'note_model' );
- $cachedata = $this->note_model->get_list ( 0, 10 );
- break;
- case 'statistics' : // 首页统计,包含已解决、待解决
- $this->load->model ( 'question_model' );
- $cachedata = array ();
- $cachedata ['solves'] = $this->question_model->getallsolvequestion (); // 已解决问题数
- $cachedata ['nosolves'] = $this->question_model->getallnosolvequestion (); // 待解决问题数
- break;
-
- case 'doinglist' : // 首页动态
- $this->load->model ( 'doing_model' );
-
- $cachedata = $this->doing_model->list_by_type_andquestionorartilce_cache ( 0, $this->setting ['list_default'] );
-
- break;
- case 'topiclist' :
- $this->load->model ( 'topic_model' );
- $cachedata = $this->topic_model->get_list ( 1, 0, $this->setting ['list_default'], 10 );
- break;
- case 'weektopiclist' : // 一周热点文章 先看天,在看周,在看月
- $this->load->model ( 'topic_model' );
- $cachedata = $this->topic_model->get_weeklist ( 0, 10 );
- break;
- case 'hottopiclist' :
- $list_indextopiccat = isset ( $this->setting ['list_indexcommend'] ) && $this->setting ['list_indexcommend'] > 0 ? intval ( $this->setting ['list_indexcommend'] ) : 6;
- $this->load->model ( 'topic_model' );
- $cachedata = $this->topic_model->get_hotlist ( 1, 0, $list_indextopiccat, 12 );
- break;
- case 'topiclistinphone' :
- $this->load->model ( 'topic_model' );
- $cachedata = $this->topic_model->get_list_bywhere ( 2, 5 );
- break;
- case 'waptopiclist' :
- $this->load->model ( 'topic_model' );
- $cachedata = $this->topic_model->get_list ( 1, 0, 8, 8 );
- break;
- case 'expertlist' :
- $this->load->model ( 'expert_model' );
- $cachedata = $this->expert_model->get_list ( 0, 0, $this->setting ['list_indexexpert'] );
- break;
- case 'link' : // 友情链接
- $this->load->model ( 'link_model' );
- $cachedata = $this->link_model->get_list ();
- break;
-
- case 'newuser' :
-
- $pagesize = $this->setting ['list_default'];
- $this->load->model ( 'user_model' );
- $cachedata = $this->user_model->get_active_list ( 1, $pagesize );
-
- break;
- case 'onlineusernum' :
- $this->load->model ( 'user_model' );
- $cachedata = $this->user_model->rownum_onlineuser ();
- break;
- case 'allusernum' :
- $this->load->model ( 'user_model' );
- $cachedata = $this->user_model->rownum_alluser ();
- break;
- case 'adlist' :
- $this->load->model ( "ad_model" );
- $cachedata = $this->ad_model->get_list ();
- break;
- case 'activeuser' :
- $this->load->model ( 'user_model' );
- $cachedata = $this->user_model->get_active_list ( 0, 6 );
- break;
- case 'hotwords' :
- $this->load->model ( 'setting_model' );
- $cachedata = unserialize ( $this->setting_model->get_hot_words ( $this->setting ['list_hot_words'] ) );
- break;
- case 'articlelist' :
- if (isset ( $this->setting ['cms_open'] ) && $this->setting ['cms_open'] == 1) {
- $this->load->model ( "cms_model" );
- $cachedata = $this->cms_model->get_list ();
- } else {
- $cachedata = array ();
- }
-
- break;
- }
- $this->cache->write ( $cachename, $cachedata );
- return $cachedata;
- }
- /* IP禁止 */
- function banned() {
- global $setting;
- $ips = $this->cache->load ( 'banned' );
- $ips = ( bool ) $ips ? $ips : array ();
- $userip = explode ( ".", getip () );
- foreach ( $ips as $ip ) {
- $bannedtime = $ip ['expiration'] + $ip ['time'] - $this->time;
- if ($bannedtime > 0 && ($ip ['ip1'] == '*' || $ip ['ip1'] == $userip [0]) && ($ip ['ip2'] == '*' || $ip ['ip2'] == $userip [1]) && ($ip ['ip3'] == '*' || $ip ['ip3'] == $userip [2]) && ($ip ['ip4'] == '*' || $ip ['ip4'] == $userip [3])) {
- exit ( 'IP已经被列入黑名单' );
- }
- }
- }
- /* 更新用户积分 */
- function credit($uid, $credit1, $credit2 = 0, $credit3 = 0, $operation = '') {
- if (! $operation) {
- $operation = strtolower ( $this->uri->segment ( 1 ) . '/' . $this->uri->segment ( 2 ) );
- }
- if ($credit1 == '' || $credit1 == null) {
- $credit1 = 0;
- }
- if ($credit2 == '' || $credit2 == null) {
- $credit2 = 0;
- }
- // 用户登陆只添加一次
- if ($operation == 'api_user/loginapi') {
- $query = $this->db->get_where ( 'credit', array (
- 'uid' => $uid,
- 'operation' => 'api_user/loginapi',
- 'time>=' => strtotime ( date ( "Y-m-d" ) )
- ) );
- $m = $query->row_array ();
- if ($m) {
- return false;
- }
- }
- // 插入积分表
- $data = array (
- 'uid' => $uid,
- 'time' => time (),
- 'operation' => $operation,
- 'credit1' => $credit1,
- 'credit2' => $credit2
- );
- $this->db->insert ( 'credit', $data );
-
- // 更新用户积分信息
- $this->db->set ( 'credit2', "credit2+$credit2", FALSE )->set ( 'credit1', "credit1+$credit1", FALSE )->set ( 'credit3', "credit2+$credit3", FALSE )->where ( array (
- 'uid' => $uid
- ) )->update ( 'user' );
-
- if (2 == $this->user ['grouptype']) {
- $currentcredit1 = $this->user ['credit1'] + $credit1;
- $query = $this->db->query ( "SELECT g.groupid FROM " . $this->db->dbprefix . "usergroup g WHERE g.`grouptype`=2 AND $currentcredit1 >= g.creditslower ORDER BY g.creditslower DESC LIMIT 0,1" );
- $usergroup = $query->row_array ();
- // 判断是否需要升级
- if (is_array ( $usergroup ) && ($this->user ['groupid'] != $usergroup ['groupid'])) {
- $groupid = $usergroup ['groupid'];
- $this->db->set ( 'groupid', $groupid )->where ( array (
- 'uid' => $uid
- ) )->update ( 'user' );
- }
- }
- }
- function send($uid, $qid, $type, $aid = 0) {
- $query = $this->db->get_where ( 'question', array (
- "id" => $qid
- ) );
- $question = $query->row_array ();
- $msgtpl = unserialize ( $this->setting ['msgtpl'] );
- // 消息模板
- $message = array ();
- foreach ( $msgtpl [$type] as $msg => $val ) {
- $message [$msg] = str_replace ( '{wtbt}', $question ['title'], $val );
- $message [$msg] = str_replace ( '{wtms}', $question ['description'], $message [$msg] );
- $message [$msg] = str_replace ( '{wzmc}', $this->setting ['site_name'], $message [$msg] );
- if ($aid) {
- $query = $this->db->get_where ( 'answer', array (
- "id" => $aid
- ) );
- $answer = $query->row_array ();
-
- $message [$msg] = str_replace ( '{hdnr}', $answer ['content'], $message [$msg] );
- }
- }
-
- $message ['content'] .= '
点击查看问题';
- $time = time ();
- $msgfrom = $this->setting ['site_name'] . '管理员';
- $query = $this->db->get_where ( 'user', array (
- "uid" => $uid
- ) );
- $touser = $query->row_array ();
-
- // 1,3,5,7 允许站内消息
- if ((1 & $touser ['isnotify']) && $this->setting ['notify_message']) {
- $data = array (
- 'from' => $msgfrom,
- 'fromuid' => 0,
- 'touid' => $uid,
- 'subject' => $message ['title'],
- 'time' => $time,
- 'content' => $message ['content']
- );
- $this->db->insert ( 'message', $data );
- }
- // 2,3,6,7 允许发邮件
- if ((2 & $touser ['isnotify']) && $this->setting ['notify_mail']) {
- sendmail ( $touser, $message ['title'], $message ['content'] );
- }
-
- // 4,5,6,7 允许发手机短信
- }
- // 访问控制
- function canviewpage() {
- $controlname = isset ( $this->router->routes [$this->uri->rsegments [1]] ) ? $this->router->routes [$this->uri->rsegments [1]] : $this->uri->rsegments [1];
- defined ( 'ROUTE_A' ) or define ( 'ROUTE_A', $controlname );
- $regular = strtolower ( $this->uri->rsegments [1] ) . '/' . strtolower ( $this->uri->rsegments [2] );
-
- $flag = false;
-
- $querystring = $regular; // isset ( $_SERVER ['REQUEST_URI'] ) ? $_SERVER ['REQUEST_URI'] : '';
- $querystring = str_replace ( '.html', '', $querystring );
- $querystring = str_replace ( '/?', '', $querystring );
- $pos = strrpos ( $querystring, '.' );
- if ($pos !== false) {
- $querystring = substr ( $querystring, 0, $pos );
- }
- /* 处理简短url */
- $pos = strpos ( $querystring, '-' );
- $pos2 = strpos ( $querystring, '=' );
- $pos3 = strpos ( $querystring, '/' );
- if ($pos !== false) {
- $tempmaparr = explode ( '-', $querystring ); // 拆分参数
- // 如果不是标签方式就进行判断
- if ($tempmaparr [0] !== 'tag' && $tempmaparr [0] !== 'topictag') {
- // 判断最后一个值是否为整形
- if (is_numeric ( $tempmaparr [1] )) {
- $querystring = urlmap ( $querystring );
- } else {
- // 如果不是不做处理转换
- $querystring = urlmap ( $querystring, 2 );
- }
- } else {
- // 如果是标签方式就进行处理
- $querystring = urlmap ( $querystring );
- }
- }
- ($pos2 !== false) && $querystring = urlmap ( $querystring );
- ($pos3 !== false) && $querystring = urlmap ( $querystring );
- $andpos = strpos ( $querystring, "&" );
- $andpos && $querystring = substr ( $querystring, 0, $andpos );
- if (strpos ( $querystring, '/' ) !== FALSE) {
-
- $querystring_arr = explode ( '/', $querystring );
- if (is_array ( $querystring_arr )) {
-
- $querystring = $querystring_arr [0] . '/' . $querystring_arr [1];
- $regular = $querystring;
- }
- }
- $isajax = (0 === strpos ( isset ( $querystring_arr [1] ) ? $querystring_arr [1] : $this->uri->rsegments [2], 'ajax' ));
- $isapi = ('api' == substr ( strtolower ( isset ( $querystring_arr [0] ) ? $querystring_arr [0] : $this->uri->rsegments [1] ), 0, 3 ));
- $isapp = ('app' == substr ( strtolower ( isset ( $querystring_arr [0] ) ? $querystring_arr [0] : $this->uri->rsegments [1] ), 0, 3 ));
- if ($this->whitelist) {
-
- $whitelist = explode ( ',', strtolower ( $this->whitelist ) );
- $flag = in_array ( isset ( $querystring_arr [1] ) ? $querystring_arr [1] : $this->uri->rsegments [2], $whitelist );
- }
-
- if (config_item ( 'dir_name' ) . "/index" == $regular) {
- $regular = "index/index";
- }
- // $regular
- if (strstr ( $regular, 'from=singlemessage' )) {
- $regular = str_replace ( 'from=singlemessage', 'index', $regular );
- }
- if (strstr ( $regular, 'from=timeline' )) {
- $regular = str_replace ( 'from=timeline', 'index', $regular );
- }
- if (strstr ( $regular, 'from=groupmessage' )) {
- $regular = str_replace ( 'from=groupmessage', 'index', $regular );
- }
-
- if ($this->checkable ( $regular, $querystring ) || $isapp || $isajax || ! empty ( $flag )) {
- // 如果允许访问,你还可以增加别的代码
- } else {
-
- if ($this->user ['uid'] > 0) {
- $this->message ( '您无权进行当前操作,原因如下:
您所在的用户组(' . $this->user ['grouptitle'] . ')无法进行此操作。', 'index' );
- exit ();
- } else {
-
- header ( "Location:" . url ( 'user/login' ) );
- exit ();
- }
- }
- }
- /*
- * 中转提示页面
- * $ishtml=1 表示是跳转到静态网页
- */
- function message($message, $url = '') {
- $seotitle = '操作提示';
- if ('' == $url) {
- $redirect = isset ( $_SERVER ['HTTP_REFERER'] ) ? $_SERVER ['HTTP_REFERER'] : base_url ();
- } else if ('BACK' == $url || 'STOP' == $url || strstr ( $url, 'http:' )) {
- $redirect = $url;
- } else {
-
- $redirect = url ( $url );
- }
- $tpldir = (0 === strpos ( $this->uri->segment ( 1 ), 'admin' )) ? 'admin' : $this->setting ['tpl_dir'];
- $panneltype = 'hidefixed';
- $hidefooter = 'hidefooter';
- $seo_title = $seo_keywords = $this->setting ['site_name'] . '提示';
- include template ( 'tip' );
- exit ();
- }
- /* 权限检测 */
- function checkable($url, $querystring = '') {
- try {
- $this->addsitelog ( $querystring );
- } catch ( Exception $e ) {
- }
- if (strpos ( $url, '?' ) !== FALSE) {
-
- $url = explode ( '?', $url ) [0];
- }
- $this->regular = $url;
- if (1 == $this->user ['groupid'])
- return true;
-
- $regulars = explode ( ',', 'api_user/registerapi,user/checkemail,api_article/newqlist,api_article/list,api_user/editpwdapi,api_user/loginoutapi,api_user/bindloginapi,api_user/loginapi,index/taobao,question/searchkey,pccaiji_catgory/addtopic,pccaiji_catgory/selectlist,pccaiji_catgory/list,topic/search,user/search,category/search,buy/buydetail,buy/default,download/default,user/regtip,rule/index,user/login,user/logout,user/code,index/help,js/view,' . $this->user ['regulars'] );
- return in_array ( $url, $regulars );
- }
- /* 增加日志记录 */
- function addsitelog($guize, $miaoshu = '') {
- global $user;
- $uid = $user ['uid'];
- if ($uid > 0) {
-
- $username = $user ['username'];
- $miaoshu = '';
- $guizearray = explode ( ',', 'index/notfound,user/ajaxloadmessage,user/code,admin_setting/ajaxcaiji' );
-
- if ($uid > 0) {
- if (! in_array ( $guize, $guizearray )) {
- $data = array (
- 'uid' => $uid,
- 'username' => $username,
- 'guize' => $guize,
- 'miaoshu' => $miaoshu,
- 'time' => time ()
- );
- $this->db->insert ( 'site_log', $data );
- }
- }
- }
- }
- /**
- * 令牌验证
- */
- const FORM_TOKEN_KEY = 'form_token_key';
- const INPUT_TOKEN_NAME = 'input_token_name';
-
- /**
- * 生成令牌
- *
- * @return string
- */
- public function gen_token() {
- $hash = md5 ( uniqid ( rand (), true ) );
- $token = sha1 ( $hash );
- return $token;
- }
-
- /**
- * 生成session令牌
- */
- public function gen_session_token() {
- // 生成token
- $token = $this->gen_token ();
- // 删除session中原来的token
- $this->destroy_stoken ();
- // 将新的token注册到session
- $this->session->set_userdata ( self::FORM_TOKEN_KEY, $token );
- }
-
- /**
- * 生成隐藏输入域表单
- *
- * @return 表单
- */
- public function gen_input() {
- $this->gen_session_token ();
- $token_input = "session->userdata ( self::FORM_TOKEN_KEY ) . "\" readonly=\"true\" /> ";
- return $token_input;
- }
- /**
- * 停止执行程序,给出错误信息,并写入错误日志。
- * 所有参数由helper提供
- *
- * @param $error_code 错误代码,用于区分错误类别
- * @param $error_level 错误级别
- * @param $error_message 错误提示信息
- */
- public function stop_doing($error_code = '', $error_level = '', $error_message = '') {
- $this->load->library ( 'slog' );
- // 写入日志
- $error_url = $_SERVER ['HTTP_HOST'] . $_SERVER ['REQUEST_URI'];
- $this->slog->process_logs ( $error_url, $error_code, $error_level, $error_message );
- $rediret_url = 'http://' . $error_url;
- header ( "Content-type:text/html; charset=utf-8" );
- die ( "" );
- }
- /**
- * 检测token是否合法,如果合法则继续执行,否则跳出
- *
- * @param string $token_input
- * 页面提交的token
- */
- public function token_check($token_input) {
- // 检测session中是否已注册token
- if ($this->is_stoken ()) {
- if ($token_input) {
- if ($token_input == $this->session->userdata ( self::FORM_TOKEN_KEY )) {
- $this->destroy_stoken ();
- } else {
- $this->destroy_stoken ();
- $this->stop_doing ( error_code ( 'd' ), error_level ( 'ce' ), error_message ( 'd_add' ) );
- }
- } else {
- $this->destroy_stoken ();
- $this->stop_doing ( error_code ( 'v' ), error_level ( 'ce' ), error_message ( 'v_null' ) );
- }
- } else {
- $this->destroy_stoken ();
- $this->stop_doing ( error_code ( 's' ), error_level ( 'e' ), error_message ( 's_check' ) );
- }
- }
-
- /**
- * 销毁token
- *
- * @return bool
- */
- public function destroy_stoken() {
- $this->session->unset_userdata ( self::FORM_TOKEN_KEY );
- return true;
- }
-
- /**
- * 检测token是否存在
- *
- * @return bool
- */
- public function is_stoken() {
- if ($this->session->userdata ( self::FORM_TOKEN_KEY ))
- return true;
- else
- return false;
- }
-
- // --------------------------------------------------------------------
-
- /**
- * Get the CI singleton
- *
- * @static
- *
- * @return object
- */
- public static function &get_instance() {
- return self::$instance;
- }
-}
--
GitLab