Trang chủ Khám phá Trợ giúp
Đăng ký Đăng nhập
Apq
/
maccms10
mirror of https://github.com/magicblack/maccms10.git
1
0
Fork 0
Các tập tin Các vấn đề 0 Wiki
Branch: master
Branches Tags
maccms10
/
application
/
admin
/
controller
/
Safety.php

Safety.php 6.3 KB
Permalink Lịch sử Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175 
  1. <?php
    2. 

  2. namespace app\admin\controller;
    3. 

  3. use think\Db;
    4. 

  4. 

  5. class Safety extends Base
    6. 

  6. {
    7. 

  7. 

  8.     var $_files;
    9. 

  9.     public function __construct()
    10. 

  10.     {
    11. 

  11.         parent::__construct();
    12. 

  12.     }
    13. 

  13. 

  14.     public function index()
    15. 

  15.     {
    16. 

  16. 

  17.     }
    18. 

  18. 

  19.     protected function listDir($dir){
    20. 

  20.         if(is_dir($dir)){
    21. 

  21.             if ($dh = opendir($dir)) {
    22. 

  22.                 while (($file= readdir($dh)) !== false){
    23. 

  23.                     $tmp = str_replace('//','/',mac_convert_encoding($dir.$file, "UTF-8", "GB2312"));
    24. 

  24.                     if((is_dir($dir."/".$file)) && $file!="." && $file!=".."){
    25. 

  25.                         $this->listDir($dir."/".$file."/");
    26. 

  26.                     } else{
    27. 

  27.                         if($file!="." && $file!=".."){
    28. 

  28.                             $this->_files[$tmp] = ['md5'=>md5_file($dir.$file)];
    29. 

  29.                         }
    30. 

  30.                     }
    31. 

  31.                 }
    32. 

  32.                 closedir($dh);
    33. 

  33.             }
    34. 

  34.         }
    35. 

  35.     }
    36. 

  36. 

  37.     public function file()
    38. 

  38.     {
    39. 

  39.         $param = input();
    40. 

  40.         if($param['ck']){
    41. 

  41.             $ft = $param['ft'];
    42. 

  42.             if(empty($ft)){
    43. 

  43.                 $ft = ['1','2'];
    44. 

  44.             }
    45. 

  45.             mac_echo('<style type="text/css">body{font-size:12px;color: #333333;line-height:21px;}span{font-weight:bold;color:#FF0000}</style>');
    46. 

  46.             $url = base64_decode("aHR0cDovL3VwZGF0ZS5tYWNjbXMubGEv") . "v10/mac_files_".config('version')['code'].'.html';
    47. 

  47.             $html = mac_curl_get($url);
    48. 

  48.             $json = json_decode($html,true);
    49. 

  49.             if(!$json){
    50. 

  50.                 return $this->error(lang('admin/safety/file_msg1'));
    51. 

  51.             }
    52. 

  52. 

  53.             $this->listDir('./');
    54. 

  54.             if(!is_array($this->_files)){
    55. 

  55.                 return $this->error(lang('admin/safety/file_msg2'));
    56. 

  56.             }
    57. 

  57. 

  58.             foreach($this->_files as $k=>$v){
    59. 

  59.                 $color = '';
    60. 

  60.                 $msg = 'ok';
    61. 

  61.                 if(empty($json[$k]) && in_array('1',$ft)){
    62. 

  62.                     $color = 'BlueViolet';
    63. 

  63.                     $msg = lang('admin/safety/file_msg3');
    64. 

  64.                 }
    65. 

  65.                 elseif(!empty($json[$k]) && $v['md5'] != $json[$k]['md5'] && in_array('2',$ft)){
    66. 

  66.                     $color = 'red';
    67. 

  67.                     $msg = lang('admin/safety/file_msg4');
    68. 

  68.                 }
    69. 

  69.                 if($color!='') {
    70. 

  70.                     //$this->_files[$k]['jc'] = $color;
    71. 

  71.                     mac_echo($k . '---' . "<font color=$color>" . $msg . '</font>');
    72. 

  72.                 }
    73. 

  73.             }
    74. 

  74.             exit;
    75. 

  75.         }
    76. 

  76.         return $this->fetch('admin@safety/file');
    77. 

  77.     }
    78. 

  78. 

  79.     public function data()
    80. 

  80.     {
    81. 

  81.         $param = input();
    82. 

  82.         if ($param['ck']) {
    83. 

  83.             $pre = config('database.prefix');
    84. 

  84.             $schema = Db::query('select * from information_schema.columns where table_schema = ?', [config('database.database')]);
    85. 

  85.             $col_list = [];
    86. 

  86.             $sql = '';
    87. 

  87.             foreach ($schema as $k => $v) {
    88. 

  88.                 $col_list[$v['TABLE_NAME']][$v['COLUMN_NAME']] = $v;
    89. 

  89.             }
    90. 

  90.             $tables = ['actor', 'art', 'gbook', 'link', 'topic', 'type', 'vod'];
    91. 

  91.             $param['tbi'] = intval($param['tbi']);
    92. 

  92.             if ($param['tbi'] >= count($tables)) {
    93. 

  93.                 mac_echo(lang('admin/safety/data_clear_ok'));
    94. 

  94.                 die;
    95. 

  95.             }
    96. 

  96. 

  97.             $check_arr = ["<script","<iframe","{php}","{:"];
    98. 

  98.             $rel_val = [
    99. 

  99.                 [
    100. 

  100.                     "/<script[\s\S]*?<\/(.*)>/is",
    101. 

  101.                     "/<script[\s\S]*?>/is",
    102. 

  102.                 ],
    103. 

  103.                 [
    104. 

  104.                     "/<iframe[\s\S]*?<\/(.*)>/is",
    105. 

  105.                     "/<iframe[\s\S]*?>/is",
    106. 

  106.                 ],
    107. 

  107.                 [
    108. 

  108.                     "/{php}[\s\S]*?{\/php}/is",
    109. 

  109.                 ],
    110. 

  110.                 [
    111. 

  111.                     "/{:[\s\S]*?}/is",
    112. 

  112.                 ]
    113. 

  113.             ];
    114. 

  114.             mac_echo('<style type="text/css">body{font-size:12px;color: #333333;line-height:21px;}span{font-weight:bold;color:#FF0000}</style>');
    115. 

  115. 

  116. 

  117.             foreach ($col_list as $k1 => $v1) {
    118. 

  118.                 $pre_tb = str_replace($pre, '', $k1);
    119. 

  119.                 $si = array_search($pre_tb, $tables);
    120. 

  120.                 if ($pre_tb !== $tables[$param['tbi']]) {
    121. 

  121.                     continue;
    122. 

  122.                 }
    123. 

  123.                 mac_echo(lang('admin/safety/data_check_tip1',[$k1]));
    124. 

  124.                 $where = [];
    125. 

  125.                 foreach ($v1 as $k2 => $v2) {
    126. 

  126.                     if (strpos($v2['DATA_TYPE'], 'int') === false) {
    127. 

  127.                         $where[$k2] = ['like', mac_like_arr(join(',', $check_arr)), 'OR'];
    128. 

  128.                     }
    129. 

  129.                 }
    130. 

  130.                 if (!empty($where)) {
    131. 

  131.                     $field = array_keys($where);
    132. 

  132.                     $field[] = $tables[$si] . '_id';
    133. 

  133.                     $list = Db::name($pre_tb)->field($field)->whereOr($where)->fetchSql(false)->select();
    134. 

  134. 

  135.                     mac_echo(lang('admin/safety/data_check_tip2',[count($list)]));
    136. 

  136.                     foreach ($list as $k3 => $v3) {
    137. 

  137.                         $update = [];
    138. 

  138.                         $col_id = $tables[$si] . '_id';
    139. 

  139.                         $col_name = $tables[$si] . '_name';
    140. 

  140.                         $val_id = $v3[$col_id];;
    141. 

  141.                         $val_name = strip_tags($v3[$col_name]);
    142. 

  142.                         $ck = false;
    143. 

  143.                         $where2 = [];
    144. 

  144.                         $where2[$col_id] = $val_id;
    145. 

  145.                         foreach ($v3 as $k4 => $v4) {
    146. 

  146.                             if ($k4 != $col_id) {
    147. 

  147.                                 $val = $v4;
    148. 

  148.                                 foreach ($check_arr as $kk => $vv) {
    149. 

  149.                                     foreach($rel_val[$kk] as $k5=>$v5){
    150. 

  150.                                         $val = preg_replace($v5, "", $val);
    151. 

  151.                                     }
    152. 

  152.                                 }
    153. 

  153.                                 if ($val !== $v4) {
    154. 

  154.                                     $update[$k4] = $val;
    155. 

  155.                                     $ck = true;
    156. 

  156.                                 }
    157. 

  157.                             }
    158. 

  158.                         }
    159. 

  159. 

  160.                         if ($ck) {
    161. 

  161.                             $r = Db::name($pre_tb)->where($where2)->update($update);
    162. 

  162.                             mac_echo($val_id . '、' . $val_name . ' ok');
    163. 

  163.                         }
    164. 

  164.                     }
    165. 

  165.                 }
    166. 

  166.             }
    167. 

  167. 

  168.             $param['tbi']++;
    169. 

  169.             $url = url('safety/data') . '?' . http_build_query($param);
    170. 

  170.             mac_jump($url, 3);
    171. 

  171.             exit;
    172. 

  172.         }
    173. 

  173.         return $this->fetch('admin@safety/data');
    174. 

  174.     }
    175. 

  175. }
    176.