标签:
1 <?php 2 3 /** 4 * ECSHOP 安装程序 之 模型 5 * ============================================================================ 6 * * 版权所有 2005-2012 上海商派网络科技有限公司,并保留所有权利。 7 * 网站地址: http://www.ecshop.com; 8 * ---------------------------------------------------------------------------- 9 * 这不是一个自由软件!您只能在不用于商业目的的前提下对程序代码进行修改和 10 * 使用;不允许对程序代码以任何形式任何目的的再发布。 11 * ============================================================================ 12 * $Author: liuhui $ 13 * $Id: lib_installer.php 16368 2009-06-26 03:39:19Z liuhui $ 14 */ 15 16 if (!defined(‘IN_ECS‘)) 17 { 18 die(‘Hacking attempt‘); 19 } 20 21 /** 22 * 获得GD的版本号 23 * 24 * @access public 25 * @return string 返回版本号,可能的值为0,1,2 26 */ 27 function get_gd_version() 28 { 29 include_once(ROOT_PATH . ‘includes/cls_image.php‘); 30 31 return cls_image::gd_version(); 32 } 33 34 /** 35 * 是否支持GD 36 * 37 * @access public 38 * @return boolean 成功返回true,失败返回false 39 */ 40 function has_supported_gd() 41 { 42 return get_gd_version() === 0 ? false : true; 43 } 44 45 /** 46 * 检测服务器上是否存在指定的文件类型 47 * 48 * @access public 49 * @param array $file_types 文件路径数组,形如array(‘dwt‘=>‘‘, ‘lbi‘=>‘‘, ‘dat‘=>‘‘) 50 * @return string 全部可写返回空串,否则返回以逗号分隔的文件类型组成的消息串 51 */ 52 function file_types_exists($file_types) 53 { 54 global $_LANG; 55 56 $msg = ‘‘; 57 foreach ($file_types as $file_type => $file_path) 58 { 59 if (!file_exists($file_path)) 60 { 61 $msg .= $_LANG[‘cannt_support_‘ . $file_type] . ‘, ‘; 62 } 63 } 64 65 $msg = preg_replace("/,\s*$/", ‘‘, $msg); 66 67 return $msg; 68 } 69 70 /** 71 * 获得系统的信息 72 * 73 * @access public 74 * @return array 系统各项信息组成的数组 75 */ 76 function get_system_info() 77 { 78 global $_LANG; 79 80 $system_info = array(); 81 82 /* 检查系统基本参数 */ 83 $system_info[] = array($_LANG[‘php_os‘], PHP_OS); 84 $system_info[] = array($_LANG[‘php_ver‘], PHP_VERSION); 85 86 /* 检查MYSQL支持情况 */ 87 $mysql_enabled = function_exists(‘mysql_connect‘) ? $_LANG[‘support‘] : $_LANG[‘not_support‘]; 88 $system_info[] = array($_LANG[‘does_support_mysql‘], $mysql_enabled); 89 90 /* 检查图片处理函数库 */ 91 $gd_ver = get_gd_version(); 92 $gd_ver = empty($gd_ver) ? $_LANG[‘not_support‘] : $gd_ver; 93 if ($gd_ver > 0) 94 { 95 if (PHP_VERSION >= ‘4.3‘ && function_exists(‘gd_info‘)) 96 { 97 $gd_info = gd_info(); 98 $jpeg_enabled = ($gd_info[‘JPG Support‘] === true) ? $_LANG[‘support‘] : $_LANG[‘not_support‘]; 99 $gif_enabled = ($gd_info[‘GIF Create Support‘] === true) ? $_LANG[‘support‘] : $_LANG[‘not_support‘]; 100 $png_enabled = ($gd_info[‘PNG Support‘] === true) ? $_LANG[‘support‘] : $_LANG[‘not_support‘]; 101 } 102 else 103 { 104 if (function_exists(‘imagetypes‘)) 105 { 106 $jpeg_enabled = ((imagetypes() & IMG_JPG) > 0) ? $_LANG[‘support‘] : $_LANG[‘not_support‘]; 107 $gif_enabled = ((imagetypes() & IMG_GIF) > 0) ? $_LANG[‘support‘] : $_LANG[‘not_support‘]; 108 $png_enabled = ((imagetypes() & IMG_PNG) > 0) ? $_LANG[‘support‘] : $_LANG[‘not_support‘]; 109 } 110 else 111 { 112 $jpeg_enabled = $_LANG[‘not_support‘]; 113 $gif_enabled = $_LANG[‘not_support‘]; 114 $png_enabled = $_LANG[‘not_support‘]; 115 } 116 } 117 } 118 else 119 { 120 $jpeg_enabled = $_LANG[‘not_support‘]; 121 $gif_enabled = $_LANG[‘not_support‘]; 122 $png_enabled = $_LANG[‘not_support‘]; 123 } 124 $system_info[] = array($_LANG[‘gd_version‘], $gd_ver); 125 $system_info[] = array($_LANG[‘jpeg‘], $jpeg_enabled); 126 $system_info[] = array($_LANG[‘gif‘], $gif_enabled); 127 $system_info[] = array($_LANG[‘png‘], $png_enabled); 128 129 /* 检查系统是否支持以dwt,lib,dat为扩展名的文件 */ 130 $file_types = array( 131 ‘dwt‘ => ROOT_PATH . ‘themes/default/index.dwt‘, 132 ‘lbi‘ => ROOT_PATH . ‘themes/default/library/member.lbi‘, 133 ‘dat‘ => ROOT_PATH . ‘includes/codetable/ipdata.dat‘ 134 ); 135 $exists_info = file_types_exists($file_types); 136 $exists_info = empty($exists_info) ? $_LANG[‘support_dld‘] : $exists_info; 137 $system_info[] = array($_LANG[‘does_support_dld‘], $exists_info); 138 139 /* 服务器是否安全模式开启 */ 140 $safe_mode = ini_get(‘safe_mode‘) == ‘1‘ ? $_LANG[‘safe_mode_on‘] : $_LANG[‘safe_mode_off‘]; 141 $system_info[] = array($_LANG[‘safe_mode‘], $safe_mode); 142 143 return $system_info; 144 } 145 146 /** 147 * 获得数据库列表 148 * 149 * @access public 150 * @param string $db_host 主机 151 * @param string $db_port 端口号 152 * @param string $db_user 用户名 153 * @param string $db_pass 密码 154 * @return mixed 成功返回数据库列表组成的数组,失败返回false 155 */ 156 function get_db_list($db_host, $db_port, $db_user, $db_pass) 157 { 158 global $err, $_LANG; 159 $databases = array(); 160 $filter_dbs = array(‘information_schema‘, ‘mysql‘); 161 $db_host = construct_db_host($db_host, $db_port); 162 $conn = @mysql_connect($db_host, $db_user, $db_pass); 163 164 if ($conn === false) 165 { 166 $err->add($_LANG[‘connect_failed‘]); 167 return false; 168 } 169 keep_right_conn($conn); 170 171 $result = mysql_query(‘SHOW DATABASES‘, $conn); 172 if ($result !== false) 173 { 174 while (($row = mysql_fetch_assoc($result)) !== false) 175 { 176 if (in_array($row[‘Database‘], $filter_dbs)) 177 { 178 continue; 179 } 180 $databases[] = $row[‘Database‘]; 181 } 182 } 183 else 184 { 185 $err->add($_LANG[‘query_failed‘]); 186 return false; 187 } 188 @mysql_close($conn); 189 190 return $databases; 191 } 192 193 /** 194 * 获得时区列表,如有重复值,只保留第一个 195 * 196 * @access public 197 * @return array 198 */ 199 function get_timezone_list($lang) 200 { 201 if (file_exists(ROOT_PATH . ‘install/data/inc_timezones_‘ . $lang . ‘.php‘)) 202 { 203 include_once(ROOT_PATH . ‘install/data/inc_timezones_‘ . $lang . ‘.php‘); 204 } 205 else 206 { 207 include_once(ROOT_PATH . ‘install/data/inc_timezones_zh_cn.php‘); 208 } 209 210 return array_unique($timezones); 211 } 212 213 /** 214 * 获得服务器所在时区 215 * 216 * @access public 217 * @return string 返回时区串,形如Asia/Shanghai 218 */ 219 function get_local_timezone() 220 { 221 if (PHP_VERSION >= ‘5.1‘) 222 { 223 $local_timezone = date_default_timezone_get(); 224 } 225 else 226 { 227 $local_timezone = ‘‘; 228 } 229 230 return $local_timezone; 231 } 232 233 /** 234 * 创建指定名字的数据库 235 * 236 * @access public 237 * @param string $db_host 主机 238 * @param string $db_port 端口号 239 * @param string $db_user 用户名 240 * @param string $db_pass 密码 241 * @param string $db_name 数据库名 242 * @return boolean 成功返回true,失败返回false 243 */ 244 function create_database($db_host, $db_port, $db_user, $db_pass, $db_name) 245 { 246 global $err, $_LANG; 247 $db_host = construct_db_host($db_host, $db_port); 248 $conn = @mysql_connect($db_host, $db_user, $db_pass); 249 250 if ($conn === false) 251 { 252 $err->add($_LANG[‘connect_failed‘]); 253 254 return false; 255 } 256 257 $mysql_version = mysql_get_server_info($conn); 258 keep_right_conn($conn, $mysql_version); 259 if (mysql_select_db($db_name, $conn) === false) 260 { 261 $sql = $mysql_version >= ‘4.1‘ ? "CREATE DATABASE $db_name DEFAULT CHARACTER SET " . EC_DB_CHARSET : "CREATE DATABASE $db_name"; 262 if (mysql_query($sql, $conn) === false) 263 { 264 $err->add($_LANG[‘cannt_create_database‘]); 265 return false; 266 } 267 } 268 @mysql_close($conn); 269 270 return true; 271 } 272 273 /** 274 * 保证进行正确的数据库连接(如字符集设置) 275 * 276 * @access public 277 * @param string $conn 数据库连接 278 * @param string $mysql_version mysql版本号 279 * @return void 280 */ 281 function keep_right_conn($conn, $mysql_version=‘‘) 282 { 283 if ($mysql_version === ‘‘) 284 { 285 $mysql_version = mysql_get_server_info($conn); 286 } 287 288 if ($mysql_version >= ‘4.1‘) 289 { 290 mysql_query(‘SET character_set_connection=‘ . EC_DB_CHARSET . ‘, character_set_results=‘ . EC_DB_CHARSET . ‘, character_set_client=binary‘, $conn); 291 292 if ($mysql_version > ‘5.0.1‘) 293 { 294 mysql_query("SET sql_mode=‘‘", $conn); 295 } 296 } 297 } 298 299 /** 300 * 创建配置文件 301 * 302 * @access public 303 * @param string $db_host 主机 304 * @param string $db_port 端口号 305 * @param string $db_user 用户名 306 * @param string $db_pass 密码 307 * @param string $db_name 数据库名 308 * @param string $prefix 数据表前缀 309 * @param string $timezone 时区 310 * @return boolean 成功返回true,失败返回false 311 */ 312 function create_config_file($db_host, $db_port, $db_user, $db_pass, $db_name, $prefix, $timezone) 313 { 314 global $err, $_LANG; 315 $db_host = construct_db_host($db_host, $db_port); 316 317 $content = ‘<?‘ ."php\n"; 318 $content .= "// database host\n"; 319 $content .= "\$db_host = \"$db_host\";\n\n"; 320 $content .= "// database name\n"; 321 $content .= "\$db_name = \"$db_name\";\n\n"; 322 $content .= "// database username\n"; 323 $content .= "\$db_user = \"$db_user\";\n\n"; 324 $content .= "// database password\n"; 325 $content .= "\$db_pass = \"$db_pass\";\n\n"; 326 $content .= "// table prefix\n"; 327 $content .= "\$prefix = \"$prefix\";\n\n"; 328 $content .= "\$timezone = \"$timezone\";\n\n"; 329 $content .= "\$cookie_path = \"/\";\n\n"; 330 $content .= "\$cookie_domain = \"\";\n\n"; 331 $content .= "\$session = \"1440\";\n\n"; 332 $content .= "define(‘EC_CHARSET‘,‘".EC_CHARSET."‘);\n\n"; 333 $content .= "define(‘ADMIN_PATH‘,‘admin‘);\n\n"; 334 $content .= ‘?>‘; 335 336 $fp = @fopen(ROOT_PATH . ‘data/config.php‘, ‘wb+‘); 337 if (!$fp) 338 { 339 $err->add($_LANG[‘open_config_file_failed‘]); 340 return false; 341 } 342 if (!@fwrite($fp, trim($content))) 343 { 344 $err->add($_LANG[‘write_config_file_failed‘]); 345 return false; 346 } 347 @fclose($fp); 348 349 return true; 350 } 351 352 /** 353 * 把host、port重组成指定的串 354 * 355 * @access public 356 * @param string $db_host 主机 357 * @param string $db_port 端口号 358 * @return string host、port重组后的串,形如host:port 359 */ 360 function construct_db_host($db_host, $db_port) 361 { 362 return $db_host . ‘:‘ . $db_port; 363 } 364 365 /** 366 * 安装数据 367 * 368 * @access public 369 * @param array $sql_files SQL文件路径组成的数组 370 * @return boolean 成功返回true,失败返回false 371 */ 372 function install_data($sql_files) 373 { 374 global $err; 375 376 include(ROOT_PATH . ‘data/config.php‘); 377 include_once(ROOT_PATH . ‘includes/cls_mysql.php‘); 378 include_once(ROOT_PATH . ‘includes/cls_sql_executor.php‘); 379 380 $db = new cls_mysql($db_host, $db_user, $db_pass, $db_name); 381 $se = new sql_executor($db, EC_DB_CHARSET, ‘ecs_‘, $prefix); 382 $result = $se->run_all($sql_files); 383 if ($result === false) 384 { 385 $err->add($se->error); 386 return false; 387 } 388 389 return true; 390 } 391 392 /** 393 * 创建管理员帐号 394 * 395 * @access public 396 * @param string $admin_name 397 * @param string $admin_password 398 * @param string $admin_password2 399 * @param string $admin_email 400 * @return boolean 成功返回true,失败返回false 401 */ 402 function create_admin_passport($admin_name, $admin_password, $admin_password2, $admin_email) 403 { 404 if(trim($_REQUEST[‘lang‘])!=‘zh_cn‘) 405 { 406 global $err,$_LANG; 407 $system_lang = isset($_POST[‘system_lang‘]) ? $_POST[‘system_lang‘] : ‘zh_cn‘; 408 include_once(ROOT_PATH . ‘install/languages/‘ . $system_lang . ‘.php‘); 409 } 410 else 411 { 412 global $err,$_LANG; 413 } 414 415 if ($admin_password === ‘‘) 416 { 417 $err->add($_LANG[‘password_empty_error‘]); 418 return false; 419 } 420 421 if ($admin_password === ‘‘) 422 { 423 $err->add($_LANG[‘password_empty_error‘]); 424 return false; 425 } 426 427 if (!(strlen($admin_password) >= 8 && preg_match("/\d+/",$admin_password) && preg_match("/[a-zA-Z]+/",$admin_password))) 428 { 429 $err->add($_LANG[‘js_languages‘][‘password_invaild‘]); 430 return false; 431 } 432 433 434 435 include(ROOT_PATH . ‘data/config.php‘); 436 include_once(ROOT_PATH . ‘includes/cls_mysql.php‘); 437 include_once(ROOT_PATH . ‘includes/lib_common.php‘); 438 439 $nav_list = join(‘,‘, $_LANG[‘admin_user‘]); 440 441 $db = new cls_mysql($db_host, $db_user, $db_pass, $db_name); 442 $sql = "INSERT INTO $prefix"."admin_user ". 443 "(user_name, email, password, add_time, action_list, nav_list)". 444 "VALUES ". 445 "(‘$admin_name‘, ‘$admin_email‘, ‘".$admin_password. "‘, " .gmtime(). ", ‘all‘, ‘$nav_list‘)"; 446 if (!$db->query($sql, ‘SILENT‘)) 447 { 448 $err->add($_LANG[‘create_passport_failed‘]); 449 return false; 450 } 451 452 return true; 453 } 454 455 /** 456 * 安装预选商品类型 457 * 458 * @access public 459 * @param array $goods_types 预选商品类型 460 * @param string $lang 语言 461 * @return boolean 成功返回true,失败返回false 462 */ 463 function install_goods_types($goods_types, $lang) 464 { 465 global $err; 466 467 if (!$goods_types) 468 { 469 return true; 470 } 471 472 include(ROOT_PATH . ‘data/config.php‘); 473 include_once(ROOT_PATH . ‘includes/cls_mysql.php‘); 474 $db = new cls_mysql($db_host, $db_user, $db_pass, $db_name); 475 476 if (file_exists(ROOT_PATH . ‘install/data/inc_goods_type_‘ . $lang . ‘.php‘)) 477 { 478 include(ROOT_PATH . ‘install/data/inc_goods_type_‘ . $lang . ‘.php‘); 479 } 480 else 481 { 482 include(ROOT_PATH . ‘install/data/inc_goods_type_zh_cn.php‘); 483 } 484 foreach ($attributes as $key=>$val) 485 { 486 if (!in_array($key, $goods_types)) 487 { 488 continue; 489 } 490 491 if (!$db->query($val[‘cat‘], ‘SILENT‘)) 492 { 493 $err->add($db->errno() .‘ ‘. $db->error()); 494 return false; 495 } 496 $cat_id = $db->Insert_ID(); 497 498 $sql = str_replace("{cat_id}", $cat_id, $val[‘attr‘]); 499 if (!$db->query($sql, ‘SILENT‘)) 500 { 501 $err->add($db->errno() .‘ ‘. $db->error()); 502 return false; 503 } 504 } 505 506 return true; 507 } 508 509 /** 510 * 把一个文件从一个目录复制到另一个目录 511 * 512 * @access public 513 * @param string $source 源目录 514 * @param string $target 目标目录 515 * @return boolean 成功返回true,失败返回false 516 */ 517 function copy_files($source, $target) 518 { 519 global $err, $_LANG; 520 521 if (!file_exists($target)) 522 { 523 //if (!mkdir(rtrim($target, ‘/‘), 0777)) 524 if (!mkdir($target, 0777)) 525 { 526 $err->add($_LANG[‘cannt_mk_dir‘]); 527 return false; 528 } 529 @chmod($target, 0777); 530 } 531 $dir = opendir($source); 532 while (($file = @readdir($dir)) !== false) 533 { 534 if (is_file($source . $file)) 535 { 536 if (!copy($source . $file, $target . $file)) 537 { 538 $err->add($_LANG[‘cannt_copy_file‘]); 539 return false; 540 } 541 @chmod($target . $file, 0777); 542 } 543 } 544 closedir($dir); 545 546 return true; 547 } 548 549 /** 550 * 其它设置 551 * 552 * @access public 553 * @param string $system_lang 系统语言 554 * @param string $disable_captcha 是否开启验证码 555 * @param array $goods_types 预选商品类型 556 * @param string $install_demo 是否安装测试数据 557 * @param string $integrate_code 用户接口 558 * @return boolean 成功返回true,失败返回false 559 */ 560 function do_others($system_lang, $captcha, $goods_types, $install_demo, $integrate_code) 561 { 562 global $err, $_LANG; 563 564 /* 安装预选商品类型 */ 565 if (!install_goods_types($goods_types, $system_lang)) 566 { 567 $err->add(implode(‘‘, $err->last_message())); 568 return false; 569 } 570 571 /* 安装测试数据 */ 572 if (intval($install_demo)) 573 { 574 if (file_exists(ROOT_PATH . ‘demo/‘. $system_lang . ‘.sql‘)) 575 { 576 $sql_files = array(ROOT_PATH . ‘demo/‘. $system_lang . ‘.sql‘); 577 } 578 else 579 { 580 $sql_files = array(ROOT_PATH . ‘demo/zh_cn.sql‘); 581 } 582 if (!install_data($sql_files)) 583 { 584 $err->add(implode(‘‘, $err->last_message())); 585 return false; 586 } 587 if (!copy_files(ROOT_PATH . ‘demo/brandlogo/‘, ROOT_PATH . ‘data/brandlogo/‘)) 588 { 589 $err->add(implode(‘‘, $err->last_message())); 590 return false; 591 } 592 if (!copy_files(ROOT_PATH . ‘demo/200905/goods_img/‘, ROOT_PATH . ‘images/200905/goods_img/‘)) 593 { 594 $err->add(implode(‘‘, $err->last_message())); 595 return false; 596 } 597 if (!copy_files(ROOT_PATH . ‘demo/200905/thumb_img/‘, ROOT_PATH . ‘images/200905/thumb_img/‘)) 598 { 599 $err->add(implode(‘‘, $err->last_message())); 600 return false; 601 } 602 if (!copy_files(ROOT_PATH . ‘demo/200905/source_img/‘, ROOT_PATH . ‘images/200905/source_img/‘)) 603 { 604 $err->add(implode(‘‘, $err->last_message())); 605 return false; 606 } 607 if (!copy_files(ROOT_PATH . ‘demo/afficheimg/‘, ROOT_PATH . ‘data/afficheimg/‘)) 608 { 609 $err->add(implode(‘‘, $err->last_message())); 610 return false; 611 } 612 if (!copy_files(ROOT_PATH . ‘demo/packimg/‘, ROOT_PATH . ‘data/packimg/‘)) 613 { 614 $err->add(implode(‘‘, $err->last_message())); 615 return false; 616 } 617 if (!copy_files(ROOT_PATH . ‘demo/cardimg/‘, ROOT_PATH . ‘data/cardimg/‘)) 618 { 619 $err->add(implode(‘‘, $err->last_message())); 620 return false; 621 } 622 } 623 624 include(ROOT_PATH . ‘data/config.php‘); 625 include_once(ROOT_PATH . ‘includes/cls_mysql.php‘); 626 $db = new cls_mysql($db_host, $db_user, $db_pass, $db_name); 627 628 /* 更新 ECSHOP 语言 */ 629 $sql = "UPDATE $prefix"."shop_config SET value=‘" . $system_lang . "‘ WHERE code=‘lang‘"; 630 if (!$db->query($sql, ‘SILENT‘)) 631 { 632 $err->add($db->errno() .‘ ‘. $db->error()); 633 return false; 634 } 635 636 /* 更新用户接口 */ 637 if (!empty($integrate_code)) 638 { 639 $sql = "UPDATE $prefix"."shop_config SET value=‘" . $integrate_code . "‘ WHERE code=‘integrate_code‘"; 640 if (!$db->query($sql, ‘SILENT‘)) 641 { 642 $err->add($db->errno() .‘ ‘. $db->error()); 643 return false; 644 } 645 } 646 647 /* 处理验证码 */ 648 if (!empty($captcha)) 649 { 650 $sql = "UPDATE $prefix" . "shop_config SET value = ‘12‘ WHERE code = ‘captcha‘"; 651 if (!$db->query($sql, ‘SILENT‘)) 652 { 653 $err->add($db->errno() .‘ ‘. $db->error()); 654 return false; 655 } 656 } 657 658 /* 更新用户接口配置 */ 659 if (file_exists(ROOT_PATH .‘data/config_temp.php‘)) 660 { 661 include(ROOT_PATH .‘data/config_temp.php‘); 662 $sql = "UPDATE $prefix" . "shop_config SET value = ‘".serialize($cfg)."‘ WHERE code = ‘integrate_config‘"; 663 if (!$db->query($sql, ‘SILENT‘)) 664 { 665 $err->add($db->errno() .‘ ‘. $db->error()); 666 return false; 667 } 668 } 669 670 return true; 671 } 672 673 /** 674 * 安装完成后的一些善后处理 675 * 676 * @access public 677 * @return boolean 成功返回true,失败返回false 678 */ 679 function deal_aftermath() 680 { 681 global $err, $_LANG; 682 683 include(ROOT_PATH . ‘data/config.php‘); 684 include_once(ROOT_PATH . ‘includes/cls_ecshop.php‘); 685 include_once(ROOT_PATH . ‘includes/cls_mysql.php‘); 686 687 $db = new cls_mysql($db_host, $db_user, $db_pass, $db_name); 688 689 /* 初始化友情链接 690 $sql = "INSERT INTO $prefix"."friend_link ". 691 "(link_name, link_url, link_logo, show_order)". 692 "VALUES ". 693 "(‘".$_LANG[‘default_friend_link‘]."‘, ‘http://www.ecshop.com/‘, ‘http://www.ecshop.com/images/logo/ecshop_logo.gif‘,‘0‘)"; 694 if (!$db->query($sql, ‘SILENT‘)) 695 { 696 $err->add($db->errno() .‘ ‘. $db->error()); 697 } 698 699 $sql = "INSERT INTO $prefix"."friend_link ". 700 "(link_name, link_url, show_order)". 701 "VALUES ". 702 "(‘".$_LANG[‘maifou_friend_link‘]."‘, ‘http://www.maifou.net/‘,‘1‘)"; 703 if (!$db->query($sql, ‘SILENT‘)) 704 { 705 $err->add($db->errno() .‘ ‘. $db->error()); 706 }*/ 707 708 /* 更新 ECSHOP 安装日期 */ 709 $sql = "UPDATE $prefix"."shop_config SET value=‘" .time(). "‘ WHERE code=‘install_date‘"; 710 if (!$db->query($sql, ‘SILENT‘)) 711 { 712 $err->add($db->errno() .‘ ‘. $db->error()); 713 } 714 715 /* 更新 ECSHOP 版本 */ 716 $sql = "UPDATE $prefix"."shop_config SET value=‘" .VERSION. "‘ WHERE code=‘ecs_version‘"; 717 if (!$db->query($sql, ‘SILENT‘)) 718 { 719 $err->add($db->errno() .‘ ‘. $db->error()); 720 return false; 721 } 722 723 /* 写入 hash_code,做为网站唯一性密钥 */ 724 $hash_code = md5(md5(time()) . md5($db->dbhash) . md5(time())); 725 $sql = "UPDATE $prefix"."shop_config SET value = ‘$hash_code‘ WHERE code = ‘hash_code‘ AND value = ‘‘"; 726 if (!$db->query($sql, ‘SILENT‘)) 727 { 728 $err->add($db->errno() .‘ ‘. $db->error()); 729 return false; 730 } 731 732 /* 写入安装锁定文件 */ 733 $fp = @fopen(ROOT_PATH . ‘data/install.lock‘, ‘wb+‘); 734 if (!$fp) 735 { 736 $err->add($_LANG[‘open_installlock_failed‘]); 737 return false; 738 } 739 if (!@fwrite($fp, "TRADE SHOP INSTALLED")) 740 { 741 $err->add($_LANG[‘write_installlock_failed‘]); 742 return false; 743 } 744 @fclose($fp); 745 746 return true; 747 } 748 749 /** 750 * 获得spt代码 751 * 752 * @access public 753 * @return string spt代码 754 */ 755 function get_spt_code() 756 { 757 include(ROOT_PATH . ‘data/config.php‘); 758 include_once(ROOT_PATH . ‘includes/cls_ecshop.php‘); 759 include_once(ROOT_PATH . ‘includes/cls_mysql.php‘); 760 $db = new cls_mysql($db_host, $db_user, $db_pass, $db_name); 761 $ecs = new ECS($db_name, $prefix); 762 $hash_code = $db->getOne("SELECT value FROM " . $ecs->table(‘shop_config‘) . " WHERE code=‘hash_code‘"); 763 $spt = ‘<script type="text/javascript" src="http://api.ecshop.com/record.php?‘; 764 $spt .= "url=" .urlencode($ecs->url()). "&mod=install&version=" .VERSION. "&hash_code=" . $hash_code . "&charset=" .EC_CHARSET. "&language=" . $GLOBALS[‘installer_lang‘] . "\"></script>"; 765 766 return $spt; 767 } 768 769 /** 770 * 取得当前的域名 771 * 772 * @access public 773 * 774 * @return string 当前的域名 775 */ 776 function get_domain() 777 { 778 /* 协议 */ 779 $protocol = http(); 780 781 /* 域名或IP地址 */ 782 if (isset($_SERVER[‘HTTP_X_FORWARDED_HOST‘])) 783 { 784 $host = $_SERVER[‘HTTP_X_FORWARDED_HOST‘]; 785 } 786 elseif (isset($_SERVER[‘HTTP_HOST‘])) 787 { 788 $host = $_SERVER[‘HTTP_HOST‘]; 789 } 790 else 791 { 792 /* 端口 */ 793 if (isset($_SERVER[‘SERVER_PORT‘])) 794 { 795 $port = ‘:‘ . $_SERVER[‘SERVER_PORT‘]; 796 797 if ((‘:80‘ == $port && ‘http://‘ == $protocol) || (‘:443‘ == $port && ‘https://‘ == $protocol)) 798 { 799 $port = ‘‘; 800 } 801 } 802 else 803 { 804 $port = ‘‘; 805 } 806 807 if (isset($_SERVER[‘SERVER_NAME‘])) 808 { 809 $host = $_SERVER[‘SERVER_NAME‘] . $port; 810 } 811 elseif (isset($_SERVER[‘SERVER_ADDR‘])) 812 { 813 $host = $_SERVER[‘SERVER_ADDR‘] . $port; 814 } 815 } 816 817 return $protocol . $host; 818 } 819 820 /** 821 * 获得 ECSHOP 当前环境的 URL 地址 822 * 823 * @access public 824 * 825 * @return void 826 */ 827 function url() 828 { 829 $PHP_SELF = $_SERVER[‘PHP_SELF‘] ? $_SERVER[‘PHP_SELF‘] : $_SERVER[‘SCRIPT_NAME‘]; 830 $ecserver = ‘http://‘.$_SERVER[‘HTTP_HOST‘].($_SERVER[‘SERVER_PORT‘] && $_SERVER[‘SERVER_PORT‘] != 80 ? ‘:‘.$_SERVER[‘SERVER_PORT‘] : ‘‘); 831 $default_appurl = $ecserver.substr($PHP_SELF, 0, strpos($PHP_SELF, ‘install/‘) - 1); 832 833 return $default_appurl; 834 } 835 836 /** 837 * 获得 ECSHOP 当前环境的 HTTP 协议方式 838 * 839 * @access public 840 * 841 * @return void 842 */ 843 function http() 844 { 845 return (isset($_SERVER[‘HTTPS‘]) && (strtolower($_SERVER[‘HTTPS‘]) != ‘off‘)) ? ‘https://‘ : ‘http://‘; 846 } 847 848 849 function insertconfig($s, $find, $replace) 850 { 851 if(preg_match($find, $s)) 852 { 853 $s = preg_replace($find, $replace, $s); 854 } 855 else 856 { 857 // 插入到最后一行 858 $s .= "\r\n".$replace; 859 } 860 return $s; 861 } 862 863 function getgpc($k, $var=‘G‘) 864 { 865 switch($var) 866 { 867 case ‘G‘: $var = &$_GET; break; 868 case ‘P‘: $var = &$_POST; break; 869 case ‘C‘: $var = &$_COOKIE; break; 870 case ‘R‘: $var = &$_REQUEST; break; 871 } 872 873 return isset($var[$k]) ? $var[$k] : ‘‘; 874 } 875 876 function var_to_hidden($k, $v) 877 { 878 return "<input type=\"hidden\" name=\"$k\" value=\"$v\" />"; 879 } 880 881 function dfopen($url, $limit = 0, $post = ‘‘, $cookie = ‘‘, $bysocket = FALSE, $ip = ‘‘, $timeout = 15, $block = TRUE) 882 { 883 $return = ‘‘; 884 $matches = parse_url($url); 885 $host = $matches[‘host‘]; 886 $path = $matches[‘path‘] ? $matches[‘path‘].‘?‘.$matches[‘query‘].($matches[‘fragment‘] ? ‘#‘.$matches[‘fragment‘] : ‘‘) : ‘/‘; 887 $port = !empty($matches[‘port‘]) ? $matches[‘port‘] : 80; 888 889 if($post) 890 { 891 $out = "POST $path HTTP/1.0\r\n"; 892 $out .= "Accept: */*\r\n"; 893 //$out .= "Referer: $boardurl\r\n"; 894 $out .= "Accept-Language: zh-cn\r\n"; 895 $out .= "Content-Type: application/x-www-form-urlencoded\r\n"; 896 $out .= "User-Agent: $_SERVER[HTTP_USER_AGENT]\r\n"; 897 $out .= "Host: $host\r\n"; 898 $out .= ‘Content-Length: ‘.strlen($post)."\r\n"; 899 $out .= "Connection: Close\r\n"; 900 $out .= "Cache-Control: no-cache\r\n"; 901 $out .= "Cookie: $cookie\r\n\r\n"; 902 $out .= $post; 903 } 904 else 905 { 906 $out = "GET $path HTTP/1.0\r\n"; 907 $out .= "Accept: */*\r\n"; 908 //$out .= "Referer: $boardurl\r\n"; 909 $out .= "Accept-Language: zh-cn\r\n"; 910 $out .= "User-Agent: $_SERVER[HTTP_USER_AGENT]\r\n"; 911 $out .= "Host: $host\r\n"; 912 $out .= "Connection: Close\r\n"; 913 $out .= "Cookie: $cookie\r\n\r\n"; 914 } 915 $fp = @fsockopen(($ip ? $ip : $host), $port, $errno, $errstr, $timeout); 916 if(!$fp) 917 { 918 return ‘‘;//note $errstr : $errno \r\n 919 } 920 else 921 { 922 stream_set_blocking($fp, $block); 923 stream_set_timeout($fp, $timeout); 924 @fwrite($fp, $out); 925 $status = stream_get_meta_data($fp); 926 if(!$status[‘timed_out‘]) 927 { 928 while (!feof($fp)) 929 { 930 if(($header = @fgets($fp)) && ($header == "\r\n" || $header == "\n")) 931 { 932 break; 933 } 934 } 935 936 $stop = false; 937 while(!feof($fp) && !$stop) 938 { 939 $data = fread($fp, ($limit == 0 || $limit > 8192 ? 8192 : $limit)); 940 $return .= $data; 941 if($limit) 942 { 943 $limit -= strlen($data); 944 $stop = $limit <= 0; 945 } 946 } 947 } 948 @fclose($fp); 949 return $return; 950 } 951 } 952 953 function save_uc_config($config) 954 { 955 $success = false; 956 957 list($appauthkey, $appid, $ucdbhost, $ucdbname, $ucdbuser, $ucdbpw, $ucdbcharset, $uctablepre, $uccharset, $ucapi, $ucip) = explode(‘|‘, $config); 958 959 /* 960 $content = ‘<?‘ ."php\n"; 961 $content .= "define(‘UC_CONNECT‘, ‘mysql‘);\n\n"; 962 $content .= "define(‘UC_DBHOST‘, ‘$ucdbhost‘);\n\n"; 963 $content .= "define(‘UC_DBUSER‘, ‘$ucdbuser‘);\n\n"; 964 $content .= "define(‘UC_DBPW‘, ‘$ucdbpw‘);\n\n"; 965 $content .= "define(‘UC_DBNAME‘, ‘$ucdbname‘);\n\n"; 966 $content .= "define(‘UC_DBCHARSET‘, ‘$ucdbcharset‘);\n\n"; 967 $content .= "define(‘UC_DBTABLEPRE‘, ‘`$ucdbname`.$uctablepre‘);\n\n"; 968 $content .= "define(‘UC_DBCONNECT‘, ‘0‘);\n\n"; 969 $content .= "define(‘UC_KEY‘, ‘$appauthkey‘);\n\n"; 970 $content .= "define(‘UC_API‘, ‘$ucapi‘);\n\n"; 971 $content .= "define(‘UC_CHARSET‘, ‘$uccharset‘);\n\n"; 972 $content .= "define(‘UC_IP‘, ‘$ucip‘);\n\n"; 973 $content .= "define(‘UC_APPID‘, ‘$appid‘);\n\n"; 974 $content .= "define(‘UC_PPP‘, ‘20‘);\n\n"; 975 $content .= ‘?>‘; 976 */ 977 $cfg = array( 978 ‘uc_id‘ => $appid, 979 ‘uc_key‘ => $appauthkey, 980 ‘uc_url‘ => $ucapi, 981 ‘uc_ip‘ => $ucip, 982 ‘uc_connect‘ => ‘mysql‘, 983 ‘uc_charset‘ => $uccharset, 984 ‘db_host‘ => $ucdbhost, 985 ‘db_user‘ => $ucdbuser, 986 ‘db_name‘ => $ucdbname, 987 ‘db_pass‘ => $ucdbpw, 988 ‘db_pre‘ => $uctablepre, 989 ‘db_charset‘ => $ucdbcharset, 990 ); 991 $content = "<?php\r\n"; 992 $content .= "\$cfg = " . var_export($cfg, true) . ";\r\n"; 993 $content .= "?>"; 994 995 $fp = @fopen(ROOT_PATH . ‘data/config_temp.php‘, ‘wb+‘); 996 if (!$fp) 997 { 998 $result[‘error‘] = 1; 999 $result[‘message‘] = $_LANG[‘ucenter_datadir_access‘]; 1000 die($GLOBALS[‘json‘]->encode($result)); 1001 } 1002 if (!@fwrite($fp, $content)) 1003 { 1004 $result[‘error‘] = 1; 1005 $result[‘message‘] = $_LANG[‘ucenter_tmp_config_error‘]; 1006 die($GLOBALS[‘json‘]->encode($result)); 1007 } 1008 @fclose($fp); 1009 1010 return true; 1011 } 1012 ?>
调用结构层级
这个函数只做了一个判断:
if (!defined(‘IN_ECS‘))
{
die(‘Hacking attempt‘);
}
按正常流程在upload\index.php中第一条语句就定义了常量IN_ECS为true,不可能执行die函数,之后定义了一系列函数,如下所示:
这些函数在之后分析代码遇到时再回来补充
\upload\install\includes\lib_auto_installer.php源码分析
标签:
原文地址:http://www.cnblogs.com/Ishore/p/4202438.html
