第一部分 php输入post过滤函数
function GLOBAL_POST($str){$str_origin=$str;if (empty($str)) return false;$str = str_replace( '/', "", $str);//替换关键词$str = str_replace("\\", "", $str);$str = str_replace(">", "", $str);$str = str_replace("<", "", $str);$str = str_replace("", "", $str);$str = str_replace("", "", $str);$str=str_replace("select","select",$str);$str=str_replace("join","join",$str);$str=str_replace("union","union",$str);$str=str_replace("where","where",$str);$str=str_replace("insert","insert",$str);$str=str_replace("delete","delete",$str);$str=str_replace("update","update",$str);$str=str_replace("like","like",$str);$str=str_replace("drop","drop",$str);$str=str_replace("create","create",$str);$str=str_replace("modify","modify",$str);$str=str_replace("rename","rename",$str);$str=str_replace("alter","alter",$str);$str=str_replace("cas","cast",$str);$str=str_replace("&","&",$str);$str=str_replace(">",">",$str);$str=str_replace("<","<",$str);$str=str_replace(" ","",$str);$str=str_replace(" ","",$str);$str=str_replace("","",$str);$str=str_replace("&","",$str);$str=str_replace("'","",$str);$str=str_replace("
",chr(13),$str);$str=str_replace("''","'",$str);$str=str_replace("css","'",$str);$str=str_replace("CSS","'",$str);$str=str_replace(";","",$str);$str=str_replace("-","",$str);$str=str_replace("*","",$str);$str=str_replace("!","",$str);$str=str_replace("$","",$str);$str=str_replace("=","",$str);$str=str_replace("+","",$str);$str=str_replace("%","",$str);$str = htmlspecialchars($str);//把预定义的字符 "<" (小于)和 ">" (大于)转换为 HTML 实体:$str = strip_tags($str);//strip_tags() 函数剥去字符串中的 HTML、XML 以及 PHP 的标签。if($str_origin==$str){return $str;}else{return false;}}
这个函数过滤了大部分值(您可错杀不放过)
不可用于code部分的输入。
仅仅用于用户名等注册内容。
其中一个空格是全角空格,dz不识别,程序自取
第二部分:入库出库显示
本文实例讲述了PHP数据的提交与过滤基本操作。分享给大家供大家参考,具体如下:
1、php提交数据过滤的基本原则
1)提交变量进数据库时,我们必须使用addslashes()进行过滤,像我们的注入问题,一个addslashes()也就搞定了。其实在涉及到变量取值时,intval()函数对字符串的过滤也是个不错的选择。
2)在php.ini中开启magic_quotes_gpc和magic_quotes_runtime。magic_quotes_gpc可以把get,post,cookie里的引号变为斜杠。
magic_quotes_runtime对于进出数据库的数据可以起到格式话的作用。其实,早在以前注入很疯狂时,这个参数就很流行了。
3)在使用系统函数时,必须使用escapeshellarg(),escapeshellcmd()参数去过滤,这样你也就可以放心的使用系统函数。
4)对于跨站,strip_tags(),htmlspecialchars()两个参数都不错,对于用户提交的的带有html和php的标记都将进行转换。比如尖括号"<"就将转化为 "<"这样无害的字符。
1 2 |
|
5)对于相关函数的过滤,就像先前的include(),unlink,fopen()等等,只要你把你所要执行操作的变量指定好或者对相关字符过滤严密,我想
这样也就无懈可击了。
2、PHP简单的数据过滤
1)入库: trim($str),addslashes($str)
2)出库: stripslashes($str)
3)显示: htmlspecialchars(nl2br($str))
$val) $string[$key] = new_addslashes($val); return $string;}function new_stripslashes($string) { if(!is_array($string)) return stripslashes($string); foreach($string as $key => $val) $string[$key] = new_stripslashes($val); return $string;}function new_html_special_chars($string) { $encoding = 'utf-8'; if(strtolower(CHARSET)=='gbk') $encoding = 'ISO-8859-15'; if(!is_array($string)) return htmlspecialchars($string,ENT_QUOTES,$encoding); foreach($string as $key => $val) $string[$key] = new_html_special_chars($val); return $string;}function new_html_entity_decode($string) { $encoding = 'utf-8'; if(strtolower(CHARSET)=='gbk') $encoding = 'ISO-8859-15'; return html_entity_decode($string,ENT_QUOTES,$encoding);}function new_htmlentities($string) { $encoding = 'utf-8'; if(strtolower(CHARSET)=='gbk') $encoding = 'ISO-8859-15'; return htmlentities($string,ENT_QUOTES,$encoding);}function safe_replace($string) { $string = str_replace('%20','',$string); $string = str_replace('%27','',$string); $string = str_replace('%2527','',$string); $string = str_replace('*','',$string); $string = str_replace('"','"',$string); $string = str_replace("'",'',$string); $string = str_replace('"','',$string); $string = str_replace(';','',$string); $string = str_replace('<','<',$string); $string = str_replace('>','>',$string); $string = str_replace("{",'',$string); $string = str_replace('}','',$string); $string = str_replace('\\','',$string); return $string;}function remove_xss($string) { $string = preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S', '', $string); $parm1 = Array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base'); $parm2 = Array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload'); $parm = array_merge($parm1, $parm2); for ($i = 0; $i < sizeof($parm); $i++) { $pattern = '/'; for ($j = 0; $j < strlen($parm[$i]); $j++) { if ($j > 0) { $pattern .= '('; $pattern .= '([x|X]0([9][a][b]);?)?'; $pattern .= '|(([9][10][13]);?)?'; $pattern .= ')?'; } $pattern .= $parm[$i][$j]; } $pattern .= '/i'; $string = preg_replace($pattern, ' ', $string); } return $string;}function trim_unsafe_control_chars($str) { $rule = '/[' . chr ( 1 ) . '-' . chr ( 8 ) . chr ( 11 ) . '-' . chr ( 12 ) . chr ( 14 ) . '-' . chr ( 31 ) . ']*/'; return str_replace ( chr ( 0 ), '', preg_replace ( $rule, '', $str ) );}function trim_textarea($string) { $string = nl2br ( str_replace ( ' ', ' ', $string ) ); return $string;}function format_js($string, $isjs = 1) { $string = addslashes(str_replace(array("\r", "\n", "\t"), array('', '', ''), $string)); return $isjs ? 'document.write("'.$string.'");' : $string;} function trim_script($str) { if(is_array($str)){ foreach ($str as $key => $val){ $str[$key] = trim_script($val); } }else{ $str = preg_replace ( '/\<([\/]?)script([^\>]*?)\>/si', '<\\1script\\2>', $str ); $str = preg_replace ( '/\<([\/]?)iframe([^\>]*?)\>/si', '<\\1iframe\\2>', $str ); $str = preg_replace ( '/\<([\/]?)frame([^\>]*?)\>/si', '<\\1frame\\2>', $str ); $str = str_replace ( 'javascript:', 'javascript:', $str ); } return $str;}function get_url() { $sys_protocal = isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443' ? 'https://' : 'http://'; $php_self = $_SERVER['PHP_SELF'] ? safe_replace($_SERVER['PHP_SELF']) : safe_replace($_SERVER['SCRIPT_NAME']); $path_info = isset($_SERVER['PATH_INFO']) ? safe_replace($_SERVER['PATH_INFO']) : ''; $relate_url = isset($_SERVER['REQUEST_URI']) ? safe_replace($_SERVER['REQUEST_URI']) : $php_self.(isset($_SERVER['QUERY_STRING']) ? '?'.safe_replace($_SERVER['QUERY_STRING']) : $path_info); return $sys_protocal.(isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '').$relate_url;}function str_cut($string, $length, $dot = '...') { $strlen = strlen($string); if($strlen <= $length) return $string; $string = str_replace(array(' ',' ', '&', '"', ''', '“', '”', '—', '<', '>', '·', '…'), array('∵',' ', '&', '"', "'", '“', '”', '—', '<', '>', '·', '…'), $string); $strcut = ''; if(strtolower(CHARSET) == 'utf-8') { $length = intval($length-strlen($dot)-$length/3); $n = $tn = $noc = 0; while($n < strlen($string)) { $t = ord($string[$n]); if($t == 9 || $t == 10 || (32 <= $t && $t <= 126)) { $tn = 1; $n++; $noc++; } elseif(194 <= $t && $t <= 223) { $tn = 2; $n += 2; $noc += 2; } elseif(224 <= $t && $t <= 239) { $tn = 3; $n += 3; $noc += 2; } elseif(240 <= $t && $t <= 247) { $tn = 4; $n += 4; $noc += 2; } elseif(248 <= $t && $t <= 251) { $tn = 5; $n += 5; $noc += 2; } elseif($t == 252 || $t == 253) { $tn = 6; $n += 6; $noc += 2; } else { $n++; } if($noc >= $length) { break; } } if($noc > $length) { $n -= $tn; } $strcut = substr($string, 0, $n); $strcut = str_replace(array('∵', '&', '"', "'", '“', '”', '—', '<', '>', '·', '…'), array(' ', '&', '"', ''', '“', '”', '—', '<', '>', '·', '…'), $strcut); } else { $dotlen = strlen($dot); $maxi = $length - $dotlen - 1; $current_str = ''; $search_arr = array('&',' ', '"', "'", '“', '”', '—', '<', '>', '·', '…','∵'); $replace_arr = array('&',' ', '"', ''', '“', '”', '—', '<', '>', '·', '…',' '); $search_flip = array_flip($search_arr); for ($i = 0; $i < $maxi; $i++) { $current_str = ord($string[$i]) > 127 ? $string[$i].$string[++$i] : $string[$i]; if (in_array($current_str, $search_arr)) { $key = $search_flip[$current_str]; $current_str = str_replace($search_arr[$key], $replace_arr[$key], $current_str); } $strcut .= $current_str; } } return $strcut.$dot;}function ip() { if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) { $ip = getenv('HTTP_CLIENT_IP'); } elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) { $ip = getenv('HTTP_X_FORWARDED_FOR'); } elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) { $ip = getenv('REMOTE_ADDR'); } elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) { $ip = $_SERVER['REMOTE_ADDR']; } return preg_match ( '/[\d\.]{7,15}/', $ip, $matches ) ? $matches [0] : '';}function get_cost_time() { $microtime = microtime ( TRUE ); return $microtime - SYS_START_TIME;}function execute_time() { $stime = explode ( ' ', SYS_START_TIME ); $etime = explode ( ' ', microtime () ); return number_format ( ($etime [1] + $etime [0] - $stime [1] - $stime [0]), 6 );}function string2array($data) { if($data == '') return array(); $data = stripslashes($data); @eval("\$array = $data;"); return $array;}function array2string($data, $isformdata = 1) { if($data == '') return ''; if($isformdata) $data = new_stripslashes($data); return addslashes(var_export($data, TRUE));}function sizecount($filesize) { if ($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 .' GB'; } elseif ($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 .' MB'; } elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . ' KB'; } else { $filesize = $filesize.' Bytes'; } return $filesize;}function sys_auth($string, $operation = 'ENCODE', $key = '', $expiry = 0) { $key_length = 4; $key = md5($key != '' ? $key : app_base::load_config('system', 'auth_key')); $fixedkey = md5($key); $egiskeys = md5(substr($fixedkey, 16, 16)); $runtokey = $key_length ? ($operation == 'ENCODE' ? substr(md5(microtime(true)), -$key_length) : substr($string, 0, $key_length)) : ''; $keys = md5(substr($runtokey, 0, 16) . substr($fixedkey, 0, 16) . substr($runtokey, 16) . substr($fixedkey, 16)); $string = $operation == 'ENCODE' ? sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$egiskeys), 0, 16) . $string : base64_decode(substr($string, $key_length)); $i = 0; $result = ''; $string_length = strlen($string); for ($i = 0; $i < $string_length; $i++){ $result .= chr(ord($string{$i}) ^ ord($keys{$i % 32})); } if($operation == 'ENCODE') { return $runtokey . str_replace('=', '', base64_encode($result)); } else { if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26).$egiskeys), 0, 16)) { return substr($result, 26); } else { return ''; } }}function L($language = 'no_language',$pars = array(), $modules = '') { static $LANG = array(); static $LANG_MODULES = array(); static $lang = ''; if(defined('IN_ADMIN')) { $lang = SYS_STYLE ? SYS_STYLE : 'zh-cn'; } else { $lang = app_base::load_config('system','lang'); } if(!$LANG) { require_once CODE_PATH.'languages'.DIRECTORY_SEPARATOR.$lang.DIRECTORY_SEPARATOR.'system.lang.php'; if(defined('IN_ADMIN')) require_once CODE_PATH.'languages'.DIRECTORY_SEPARATOR.$lang.DIRECTORY_SEPARATOR.'system_menu.lang.php'; if(file_exists(CODE_PATH.'languages'.DIRECTORY_SEPARATOR.$lang.DIRECTORY_SEPARATOR.ROUTE_M.'.lang.php')) require_once CODE_PATH.'languages'.DIRECTORY_SEPARATOR.$lang.DIRECTORY_SEPARATOR.ROUTE_M.'.lang.php'; } if(!empty($modules)) { $modules = explode(',',$modules); foreach($modules AS $m) { if(!isset($LANG_MODULES[$m])) require_once CODE_PATH.'languages'.DIRECTORY_SEPARATOR.$lang.DIRECTORY_SEPARATOR.$m.'.lang.php'; } } if(!array_key_exists($language,$LANG)) { return $language; } else { $language = $LANG[$language]; if($pars) { foreach($pars AS $_k=>$_v) { $language = str_replace('{'.$_k.'}',$_v,$language); } } return $language; }}function template($module = 'content', $template = 'index', $style = '') { if(strpos($module, 'plugin/')!== false) { $plugin = str_replace('plugin/', '', $module); return p_template($plugin, $template,$style); } $module = str_replace('/', DIRECTORY_SEPARATOR, $module); if(!empty($style) && preg_match('/([a-z0-9\-_]+)/is',$style)) { } elseif (empty($style) && !defined('STYLE')) { if(defined('SITEID')) { $siteid = SITEID; } else { $siteid = param::get_cookie('siteid'); } if (!$siteid) $siteid = 1; $sitelist = getcache('sitelist','commons'); if(!empty($siteid)) { $style = $sitelist[$siteid]['default_style']; } } elseif (empty($style) && defined('STYLE')) { $style = STYLE; } else { $style = 'default'; } if(!$style) $style = 'default'; $template_cache = app_base::load_sys_class('template_cache'); $compiledtplfile = ROOT_PATH.'caches'.DIRECTORY_SEPARATOR.'caches_template'.DIRECTORY_SEPARATOR.$style.DIRECTORY_SEPARATOR.$module.DIRECTORY_SEPARATOR.$template.'.php'; if(file_exists(CODE_PATH.'templates'.DIRECTORY_SEPARATOR.$style.DIRECTORY_SEPARATOR.$module.DIRECTORY_SEPARATOR.$template.'.html')) { if(!file_exists($compiledtplfile) || (@filemtime(CODE_PATH.'templates'.DIRECTORY_SEPARATOR.$style.DIRECTORY_SEPARATOR.$module.DIRECTORY_SEPARATOR.$template.'.html') > @filemtime($compiledtplfile))) { $template_cache->template_compile($module, $template, $style); } } else { $compiledtplfile = ROOT_PATH.'caches'.DIRECTORY_SEPARATOR.'caches_template'.DIRECTORY_SEPARATOR.'default'.DIRECTORY_SEPARATOR.$module.DIRECTORY_SEPARATOR.$template.'.php'; if(!file_exists($compiledtplfile) || (file_exists(CODE_PATH.'templates'.DIRECTORY_SEPARATOR.'default'.DIRECTORY_SEPARATOR.$module.DIRECTORY_SEPARATOR.$template.'.html') && filemtime(CODE_PATH.'templates'.DIRECTORY_SEPARATOR.'default'.DIRECTORY_SEPARATOR.$module.DIRECTORY_SEPARATOR.$template.'.html') > filemtime($compiledtplfile))) { $template_cache->template_compile($module, $template, 'default'); } elseif (!file_exists(CODE_PATH.'templates'.DIRECTORY_SEPARATOR.'default'.DIRECTORY_SEPARATOR.$module.DIRECTORY_SEPARATOR.$template.'.html')) { showmessage('Template does not exist.'.DIRECTORY_SEPARATOR.$style.DIRECTORY_SEPARATOR.$module.DIRECTORY_SEPARATOR.$template.'.html'); } } return $compiledtplfile;}function my_error_handler($errno, $errstr, $errfile, $errline) { if($errno==8) return ''; $errfile = str_replace(ROOT_PATH,'',$errfile); if(app_base::load_config('system','errorlog')) { error_log(''.date('m-d H:i:s',SYS_TIME).' | '.$errno.' | '.str_pad($errstr,30).' | '.$errfile.' | '.$errline."\r\n", 3, CACHE_PATH.'error_log.php'); } else { $str = 'errorno:' . $errno . ',str:' . $errstr . ',file:' . $errfile . ',line' . $errline .'
Need Help?'; echo $str; }}function showmessage($msg, $url_forward = 'goback', $ms = 1250, $dialog = '', $returnjs = '') { if(defined('IN_ADMIN')) { include(admin::admin_tpl('showmessage', 'admin')); } else { include(template('content', 'message')); } exit;}function str_exists($haystack, $needle){ return !(strpos($haystack, $needle) === FALSE);}function fileext($filename) { return strtolower(trim(substr(strrchr($filename, '.'), 1, 10)));}function tpl_cache($name,$times = 0) { $filepath = 'tpl_data'; $info = getcacheinfo($name, $filepath); if (SYS_TIME - $info['filemtime'] >= $times) { return false; } else { return getcache($name,$filepath); }}function setcache($name, $data, $filepath='', $type='file', $c AND ', $in_column = false) { if($in_column && is_array($data)) { $ids = '\''.implode('\',\'', $data).'\''; $sql = "$in_column IN ($ids)"; return $sql; } else { if ($front == '') { $front = ' AND '; } if(is_array($data) && count($data) > 0) { $sql = ''; foreach ($data as $key => $val) { $sql .= $sql ? " $front $key = '$val' " : " $key = '$val' "; } return $sql; } else { return $data; } }}function pages($num, $curr_page, $perpage = 20, $urlrule = '', $array = array(),$setpages = 10) { if(defined('URLRULE') && $urlrule == '') { $urlrule = URLRULE; $array = $GLOBALS['URL_ARRAY']; } elseif($urlrule == '') { $urlrule = url_par('page={$page}'); } $multipage = ''; if($num > $perpage) { $page = $setpages+1; $offset = ceil($setpages/2-1); $pages = ceil($num / $perpage); if (defined('IN_ADMIN') && !defined('PAGES')) define('PAGES', $pages); $from = $curr_page - $offset; $to = $curr_page + $offset; $more = 0; if($page >= $pages) { $from = 2; $to = $pages-1; } else { if($from <= 1) { $to = $page-1; $from = 2; } elseif($to >= $pages) { $from = $pages-($page-2); $to = $pages-1; } $more = 1; } //$multipage .= ''.$num.L('page_item').''; if($curr_page>0) { $multipage .= ' '.L('previous').''; if($curr_page==1) { $multipage .= ' 1'; } elseif($curr_page>6 && $more) { $multipage .= ' 1..'; } else { $multipage .= ' 1'; } } for($i = $from; $i <= $to; $i++) { if($i != $curr_page) { $multipage .= ' '.$i.''; } else { $multipage .= ' '.$i.''; } } if($curr_page<$pages) { if($curr_page<$pages-5 && $more) { $multipage .= ' ..'.$pages.' '.L('next').''; } else { $multipage .= ' '.$pages.' '.L('next').''; } } elseif($curr_page==$pages) { $multipage .= ' '.$pages.' '.L('next').''; } else { $multipage .= ' '.$pages.' '.L('next').''; } } return $multipage;}function pages1($num, $curr_page, $perpage = 20, $urlrule = '', $array = array(),$setpages = 10) { if(defined('URLRULE') && $urlrule == '') { $urlrule = URLRULE; $array = $GLOBALS['URL_ARRAY']; } elseif($urlrule == '') { $urlrule = url_par('page={$page}'); } $multipage = ''; if($num > $perpage) { $page = $setpages+1; $offset = ceil($setpages/2-1); $pages = ceil($num / $perpage); if (defined('IN_ADMIN') && !defined('PAGES')) define('PAGES', $pages); $from = $curr_page - $offset; $to = $curr_page + $offset; $more = 0; if($page >= $pages) { $from = 2; $to = $pages-1; } else { if($from <= 1) { $to = $page-1; $from = 2; } elseif($to >= $pages) { $from = $pages-($page-2); $to = $pages-1; } $more = 1; } //$multipage .= ''.$num.L('page_item').''; if($curr_page>0) { $multipage .= ' '.L('previous').''; if($curr_page==1) { $multipage .= ' 1'; } elseif($curr_page>6 && $more) { $multipage .= ' ..'; } else { $multipage .= ' '; } } for($i = $from; $i <= $to; $i++) { if($i != $curr_page) { $multipage .= ' '; } else { $multipage .= ' '.$i.''; } } if($curr_page<$pages) { if($curr_page<$pages-5 && $more) { $multipage .= ' .. '.L('next').''; } else { $multipage .= ' '.L('next').''; } } elseif($curr_page==$pages) { $multipage .= ' '.$pages.' '.L('next').''; } else { $multipage .= ' '.L('next').''; } } return $multipage;}function pages2($num, $curr_page, $pages, $urlrule = '', $array = array(),$setpages = 10) { if(defined('URLRULE') && $urlrule == '') { $urlrule = URLRULE; $array = $GLOBALS['URL_ARRAY']; } elseif($urlrule == '') { $urlrule = url_par('page={$page}'); } $multipage = ''; if($pages > 1) { $page = $setpages+1; $offset = ceil($setpages/2-1); if (defined('IN_ADMIN') && !defined('PAGES')) define('PAGES', $pages); $from = $curr_page - $offset; $to = $curr_page + $offset; $more = 0; if($page >= $pages) { $from = 2; $to = $pages-1; } else { if($from <= 1) { $to = $page-1; $from = 2; } elseif($to >= $pages) { $from = $pages-($page-2); $to = $pages-1; } $more = 1; } //$multipage .= ''.$num.L('page_item').''; if($curr_page>0) { $multipage .= ' '.L('previous').''; if($curr_page==1) { $multipage .= ' 1'; } elseif($curr_page>6 && $more) { $multipage .= ' ..'; } else { $multipage .= ' '; } } for($i = $from; $i <= $to; $i++) { if($i != $curr_page) { $multipage .= ' '; } else { $multipage .= ' '.$i.''; } } if($curr_page<$pages) { if($curr_page<$pages-5 && $more) { $multipage .= ' .. '.L('next').''; } else { $multipage .= ' '.L('next').''; } } elseif($curr_page==$pages) { $multipage .= ' '.$pages.' '.L('next').''; } else { $multipage .= ' '.L('next').''; } } return $multipage;}function pageurl($urlrule, $page, $array = array()) { if(strpos($urlrule, '~')) { $urlrules = explode('~', $urlrule); $urlrule = $page < 2 ? $urlrules[0] : $urlrules[1]; } $findme = array('{$page}'); $replaceme = array($page); if (is_array($array)) foreach ($array as $k=>$v) { $findme[] = '{$'.$k.'}'; $replaceme[] = $v; } $url = str_replace($findme, $replaceme, $urlrule); $url = str_replace(array('http://','//','~'), array('~','/','http://'), $url); return $url;}function url_par($par, $url = '') { if($url == '') $url = get_url(); $pos = strpos($url, '?'); if($pos === false) { $url .= '?'.$par; } else { $querystring = substr(strstr($url, '?'), 1); parse_str($querystring, $pars); $query_array = array(); foreach($pars as $k=>$v) { if($k != 'page') $query_array[$k] = $v; } $querystring = http_build_query($query_array).'&'.$par; $url = substr($url, 0, $pos).'?'.$querystring; } return $url;}function is_email($email) { return strlen($email) > 6 && preg_match("/^[\w\-\.]+@[\w\-\.]+(\.\w+)+$/", $email);}if (!function_exists('iconv')) { function iconv($in_charset, $out_charset, $str) { $in_charset = strtoupper($in_charset); $out_charset = strtoupper($out_charset); if (function_exists('mb_convert_encoding')) { return mb_convert_encoding($str, $out_charset, $in_charset); } else { app_base::load_sys_func('iconv'); $in_charset = strtoupper($in_charset); $out_charset = strtoupper($out_charset); if ($in_charset == 'UTF-8' && ($out_charset == 'GBK' || $out_charset == 'GB2312')) { return utf8_to_gbk($str); } if (($in_charset == 'GBK' || $in_charset == 'GB2312') && $out_charset == 'UTF-8') { return gbk_to_utf8($str); } return $str; } }}function show_ad($siteid, $id) { $siteid = intval($siteid); $id = intval($id); if(!$id || !$siteid) return false; $p = app_base::load_model('poster_model'); $r = $p->get_one(array('spaceid'=>$id, 'siteid'=>$siteid), 'disabled, setting', 'id ASC'); if ($r['disabled']) return ''; if ($r['setting']) { $c = string2array($r['setting']); } else { $r['code'] = ''; } return $c['code'];}function get_siteid() { static $siteid; if (!empty($siteid)) return $siteid; if (defined('IN_ADMIN')) { if ($d = param::get_cookie('siteid')) { $siteid = $d; } else { return ''; } } else { $data = getcache('sitelist', 'commons'); if(!is_array($data)) return '1'; $site_url = SITE_PROTOCOL.SITE_URL; foreach ($data as $v) { if ($v['url'] == $site_url.'/') $siteid = $v['siteid']; } } if (empty($siteid)) $siteid = 1; return $siteid;}function get_nickname($userid='', $field='') { $return = ''; if(is_numeric($userid)) { $member_db = app_base::load_model('member_model'); $memberinfo = $member_db->get_one(array('userid'=>$userid)); if(!empty($field) && $field != 'nickname' && isset($memberinfo[$field]) &&!empty($memberinfo[$field])) { $return = $memberinfo[$field]; } else { $return = isset($memberinfo['nickname']) && !empty($memberinfo['nickname']) ? $memberinfo['nickname'].'('.$memberinfo['username'].')' : $memberinfo['username']; } } else { if (param::get_cookie('_nickname')) { $return .= '('.param::get_cookie('_nickname').')'; } else { $return .= '('.param::get_cookie('_username').')'; } } return $return;}function get_memberinfo($userid, $field='') { if(!is_numeric($userid)) { return false; } else { static $memberinfo; if (!isset($memberinfo[$userid])) { $member_db = app_base::load_model('member_model'); $memberinfo[$userid] = $member_db->get_one(array('userid'=>$userid)); } if(!empty($field) && !empty($memberinfo[$userid][$field])) { return $memberinfo[$userid][$field]; } else { return $memberinfo[$userid]; } }}function get_memberinfo_buyusername($username, $field='') { if(empty($username)){return false;} static $memberinfo; if (!isset($memberinfo[$username])) { $member_db = app_base::load_model('member_model'); $memberinfo[$username] = $member_db->get_one(array('username'=>$username)); } if(!empty($field) && !empty($memberinfo[$username][$field])) { return $memberinfo[$username][$field]; } else { return $memberinfo[$username]; }}function menu_linkage($linkageid = 0, $id = 'linkid', $defaultvalue = 0, $defaultlabel = array()) { $linkageid = intval($linkageid); $datas = array(); $datas = getcache($linkageid,'linkage'); $infos = $datas['data']; if($datas['style']=='1') { $title = $datas['title']; $container = 'content'.create_randomnum(100, 999).date('is'); if(!defined('DIALOG_INIT_1')) { define('DIALOG_INIT_1', 1); $string .= ''; //TODO $string .= '来源地址:https://blog.csdn.net/tongluren381/article/details/132451531