PageRenderTime 39ms CodeModel.GetById 16ms RepoModel.GetById 0ms app.codeStats 0ms

/admin/core/admin.class.php

http://xklog.googlecode.com/
PHP | 228 lines | 180 code | 30 blank | 18 comment | 54 complexity | 28806010235663b35eca55c15d46233d MD5 | raw file
Possible License(s): AGPL-1.0 
    

  1. <?php
    2. 

  2. 

  3. !defined('IN_NOVA') && exit('Access Denied!');
    4. 

  4. 

  5. class Admin extends Application {
    6. 

  6. 

  7. 	public function __construct() {
    8. 

  8. 		global $cache,$db;
    9. 

  9. 		parent::__construct();
    10. 

  10. 

  11. 		// ?????
    12. 

  12. 		//$cache_list = array( 'config', 'category', 'count', 'tag' );
    13. 

  13. 		if( $cache->config == NULL ) {
    14. 

  14. 			$content = $db->fetch_all( 'SELECT * FROM `' . DB_PREFIX . 'set' );
    15. 

  15. 			$cache->set( 'config', $content[0], 0 );
    16. 

  16. 		}
    17. 

  17. 		if( $cache->tag == NULL ) {
    18. 

  18. 			$content = array();
    19. 

  19. 			$query = $db->query( 'SELECT * FROM `' . DB_PREFIX . 'tags` ORDER BY t_id Asc' );
    20. 

  20. 			while ( $row = $db->fetch_array( $query ) ) {
    21. 

  21. 				$content[$row['t_id']] = array( 't_name' => $row['t_name'], 't_num' => $row['t_num'], );
    22. 

  22. 			}
    23. 

  23. 			$cache->set( 'tag', $content, 0 );
    24. 

  24. 			unset( $query, $row );
    25. 

  25. 		}
    26. 

  26. 		if( $cache->category == NULL ) {
    27. 

  27. 			global $db;
    28. 

  28. 			$content = array();
    29. 

  29. 			$query = $db->query( 'SELECT cid,pid,name,alias,articlenum,description FROM `' . DB_PREFIX . 'category` ORDER BY num ASC,cid DESC' );
    30. 

  30. 			while ( $row = $db->fetch_array( $query ) ){
    31. 

  31. 				$content[$row['cid']] = $row;
    32. 

  32. 			}
    33. 

  33. 			$cache->set( 'category', $content, 0 );
    34. 

  34. 			unset( $query, $row );
    35. 

  35. 		}
    36. 

  36. 		if( $cache->count == NULL ) {
    37. 

  37. 			$content = array(
    38. 

  38. 				'article_num' => $db->result( 'SELECT count(id) FROM `' . DB_PREFIX . 'article` WHERE isdel=False' ),
    39. 

  39. 				'comment_num' => $db->result( 'SELECT count(cid) FROM `' . DB_PREFIX . 'comment` WHERE isdel=False AND articleid<>0' ),
    40. 

  40. 				'guestbook_num' => $db->result( 'SELECT count(cid) FROM `' . DB_PREFIX . 'comment` WHERE isdel=False AND articleid=0' ),
    41. 

  41. 				'user_num' => $db->result( 'SELECT count(u_id) FROM `' . DB_PREFIX . 'user` WHERE u_isdel=False' ),
    42. 

  42. 				'guestbook_num_censor' => $db->result( "SELECT count(cid) FROM `" . DB_PREFIX . "comment` WHERE isshow=0 and isdel=0 and articleid=0" ),
    43. 

  43. 				'comment_num_censor' => $db->result( "SELECT count(cid) FROM `" . DB_PREFIX . "comment` WHERE isshow=0 and isdel=0 and articleid<>0" ),
    44. 

  44. 				'file_num' => $db->result( "SELECT count(ul_id) FROM `" . DB_PREFIX . "upload`" ),
    45. 

  45. 			);
    46. 

  46. 			$cache->set( 'count', $content, 0 );
    47. 

  47. 		}
    48. 

  48. 		unset( $content );
    49. 

  49. 	}
    50. 

  50. 

  51. 	public function start() {
    52. 

  52. 		global $request,$cache,$user;
    53. 

  53. 

  54. 		if( $request->get( 'm' ) == NULL ) {
    55. 

  55. 			$request->m = 'index';
    56. 

  56. 		}
    57. 

  57. 

  58. 		if( !isset( $_SESSION['user_group'] ) ) {
    59. 

  59. 			$_SESSION['user_group'] = 0;
    60. 

  60. 		}
    61. 

  61. 

  62. 		// ??????
    63. 

  63. 		$username = $request->get( APP_PREFIX . 'username', 'C' );
    64. 

  64. 		$password = $request->get( APP_PREFIX . 'password', 'C' );
    65. 

  65. 		if( $username !== NULL && $password !== NULL ){
    66. 

  66. 			if( $user->login( $username, $password ) != 1 ) {
    67. 

  67. 				echo $user->login( $username, $password );
    68. 

  68. 				setcookie( APP_PREFIX . 'username', NULL );
    69. 

  69. 				setcookie( APP_PREFIX . 'password', NULL );
    70. 

  70. 			}
    71. 

  71. 		}
    72. 

  72. 		unset( $username, $password );
    73. 

  73. 

  74. 		if( !$user->is_super_admin() ) {
    75. 

  75. 			$request->m = 'login';
    76. 

  76. 		}
    77. 

  77. 

  78. 		// ?? ohash
    79. 

  79. 		if( $cache->ohash == NULL ) {
    80. 

  80. 			// ????????????? 20 ??
    81. 

  81. 			$cache->set( 'ohash', get_random_string(8), 1200 );
    82. 

  82. 		} else {
    83. 

  83. 			$cache->set( 'ohash', $cache->ohash, 600 );
    84. 

  84. 		}
    85. 

  85. 

  86. 		$module = $request->get( 'm' );
    87. 

  87. 		if( method_exists( $this, $module ) ) {
    88. 

  88. 			$this->$module();
    89. 

  89. 		} else {
    90. 

  90. 			$this->page( $module );
    91. 

  91. 		}
    92. 

  92. 	}
    93. 

  93. 

  94. 	// ??
    95. 

  95. 	private function page( $name, $page_make = FALSE ) {
    96. 

  96. 		global $theme,$request,$cache;
    97. 

  97. 		//[DEBUG]
    98. 

  98. 		global $log;
    99. 

  99. 		//[/DEBUG]
    100. 

  100. 

  101. 		// ?? ohash
    102. 

  102. 		if( ( $cache->ohash != $request->get( 'ohash' ) ) && $name != 'login' && $name != 'index' ) {
    103. 

  103. 			// ohash ??????????????
    104. 

  104. 			global $user;
    105. 

  105. 			$user->logout();
    106. 

  106. 			echo 'forbidden';
    107. 

  107. 			return;
    108. 

  108. 		}
    109. 

  109. 

  110. 		// ?????????
    111. 

  111. 		$tmparray = array('/',"\0",'..');
    112. 

  112. 		if( str_replace( $tmparray, '', $name ) != $name ) {
    113. 

  113. 			$theme->err_404();
    114. 

  114. 			return;
    115. 

  115. 		}
    116. 

  116. 

  117. 		if( is_file( APP_ADMIN .'kernel/' . $name . '.class.php' ) ) {
    118. 

  118. 			include( APP_ADMIN .'kernel/' . $name . '.class.php' );
    119. 

  119. 		} else {
    120. 

  120. 			$this->err_404();
    121. 

  121. 			return;
    122. 

  122. 		}
    123. 

  123. 

  124. 		//[DEBUG]
    125. 

  125. 		$runtime = microtime( TRUE );
    126. 

  126. 		//[/DEBUG]
    127. 

  127. 		$name = ucwords( $name );
    128. 

  128. 		$page = new $name();
    129. 

  129. 		$page->start();
    130. 

  130. 		//[DEBUG]
    131. 

  131. 		$runtime = microtime( TRUE ) - $runtime;
    132. 

  132. 		if( defined( 'APP_DEBUG' ) && APP_DEBUG === TRUE ) {
    133. 

  133. 			$log->add( '???????' . $runtime * 1000 . 'ms?', E_USER_NOTICE );
    134. 

  134. 		}
    135. 

  135. 		//[/DEBUG]
    136. 

  136. 	}
    137. 

  137. 

  138. 	// 
    139. 

  139. 	private function cache_refresh_all() {
    140. 

  140. 		global $cache;
    141. 

  141. 		$cache->refresh_all( TRUE );
    142. 

  142. 	}
    143. 

  143. 

  144. 	// 404
    145. 

  145. 	public function err_404() {
    146. 

  146. 		@header( 'HTTP/1.1 404 Not Found' );
    147. 

  147. 		@header( 'status: 404 Not Found' );
    148. 

  148. ?>
    149. 

  149. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    150. 

  150. <html xmlns = "http://www.w3.org/1999/xhtml" lang = "zh-cn">
    151. 

  151. <head>
    152. 

  152. 	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    153. 

  153. 	<title>Error 404 - Not Found</title>
    154. 

  154. </head>
    155. 

  155. <body>
    156. 

  156. 	<h2>Error 404 - Not Found</h2>
    157. 

  157. </body>
    158. 

  158. </html>
    159. 

  159. <?php
    160. 

  160. 	}
    161. 

  161. 

  162. 	// ??
    163. 

  163. 	static public function get_navigator( $article_num, $max_per_page, $current_page, $module, $params = '' ){
    164. 

  164. 		if( $article_num < $max_per_page + 1 ) return;
    165. 

  165. 

  166. 		if( ( $article_num % $max_per_page ) == 0 ){
    167. 

  167. 			$page_num = floor( $article_num / $max_per_page );
    168. 

  168. 		}else{
    169. 

  169. 			$page_num = floor( $article_num / $max_per_page ) + 1;
    170. 

  170. 		}
    171. 

  171. 		if( $current_page > $page_num ) return;
    172. 

  172. 

  173. 		if( $module == '' ) $module = 'index';
    174. 

  174. 

  175. 		$leader = '<div class="navigator"><span class="navigator_tip">Pages?' . $current_page . '/' . $page_num . '</span>';
    176. 

  176. 

  177. 		$i = 1;
    178. 

  178. 		$leader .= '<a href="#" onclick="' . Admin::get_navigator_url( $i, $module, $params ) . '">Ť</a>';
    179. 

  179. 		if( $current_page != 1 ){
    180. 

  180. 			$i = $current_page - 1;
    181. 

  181. 		}
    182. 

  182. 		$leader .= '<a href="#" onclick="' . Admin::get_navigator_url( $i, $module, $params ) . '">‹</a>';
    183. 

  183. 

  184. 		if( $current_page > 5 ){
    185. 

  185. 			$leader .= ' …… ';
    186. 

  186. 			for( $i = $current_page - 4 ; $i < $current_page ; $i ++ ){
    187. 

  187. 				$leader .= '<a href="#" onclick="' . Admin::get_navigator_url( $i, $module, $params ) . '">' . $i . '</a>';
    188. 

  188. 			}
    189. 

  189. 		}else{
    190. 

  190. 			for($i = 1 ; $i < $current_page ; $i ++ ){
    191. 

  191. 				$leader .= '<a href="#" onclick="' . Admin::get_navigator_url( $i, $module, $params ) . '">' . $i . '</a>';
    192. 

  192. 			}
    193. 

  193. 		}
    194. 

  194. 

  195. 		$leader .= '<span class="navigator_current">' . $current_page . '</span>';
    196. 

  196. 

  197. 		if( $page_num - $current_page > 4 ){
    198. 

  198. 			for($i = $current_page + 1 ; $i < $current_page + 5 ; $i ++ ){
    199. 

  199. 				$leader .= '<a href="#" onclick="' . Admin::get_navigator_url( $i, $module, $params ) . '">' . $i . '</a>';
    200. 

  200. 			}
    201. 

  201. 			$leader .= ' …… ';
    202. 

  202. 		}else{
    203. 

  203. 			for( $i = $current_page + 1 ; $i < $page_num + 1 ; $i ++ ){
    204. 

  204. 				$leader .= '<a href="#" onclick="' . Admin::get_navigator_url( $i, $module, $params ) . '">' . $i . '</a>';
    205. 

  205. 			}
    206. 

  206. 		}
    207. 

  207. 

  208. 		if( $current_page > $page_num - 1 ){
    209. 

  209. 			$i = $page_num;
    210. 

  210. 		}else{
    211. 

  211. 			$i = $current_page + 1;
    212. 

  212. 		}
    213. 

  213. 		$leader .= '<a href="#" onclick="' . Admin::get_navigator_url( $i, $module, $params ) . '">›</a>';
    214. 

  214. 		$leader .= '<a href="#" onclick="' . Admin::get_navigator_url( $page_num, $module, $params ) . '">ť</a></div>';
    215. 

  215. 

  216. 		return $leader;
    217. 

  217. 	}
    218. 

  218. 

  219. 	static public function get_navigator_url( $i, $module , $params = '' ) {
    220. 

  220. 		if( $params == '' ) {
    221. 

  221. 			return "ajax_load('" . ADMIN_PATH . "','" . $module . "',null,'" . $i . "');return false;";
    222. 

  222. 		} else {
    223. 

  223. 			return "ajax_load('" . ADMIN_PATH . "','" . $module . "','" . $params . "','" . $i . "');return false;";
    224. 

  224. 		}
    225. 

  225. 	}
    226. 

  226. 

  227. }
    228. 

  228. ?>
    229. 

  229.