index.php 7.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217
  1. <?php
  2. define('IN_SYS', true);
  3. require '../framework/bootstrap.inc.php';
  4. require IA_ROOT . '/web/common/bootstrap.sys.inc.php';
  5. if (!empty($_GPC['state'])) {
  6. $login_callback_params = OAuth2Client::supportParams($_GPC['state']);
  7. if (!empty($login_callback_params)) {
  8. $controller = 'user';
  9. $action = 'login';
  10. $_GPC['login_type'] = $login_callback_params['from'];
  11. $_GPC['handle_type'] = $login_callback_params['mode'];
  12. }
  13. }
  14. if (empty($_W['isfounder']) && !empty($_W['user']) && ($_W['user']['status'] == USER_STATUS_CHECK || $_W['user']['status'] == USER_STATUS_BAN)) {
  15. isetcookie('__session', '', -10000);
  16. message('您的账号正在审核或是已经被系统禁止,请联系网站管理员解决!', url('user/login'), 'info');
  17. }
  18. $acl = require IA_ROOT . '/web/common/permission.inc.php';
  19. $_W['page'] = array();
  20. $_W['page']['copyright'] = $_W['setting']['copyright'];
  21. if (($_W['setting']['copyright']['status'] == 1) && empty($_W['isfounder']) && $controller != 'cloud' && $controller != 'utility' && $controller != 'account') {
  22. $_W['siteclose'] = true;
  23. if ($controller == 'account' && $action == 'welcome') {
  24. template('account/welcome');
  25. exit();
  26. }
  27. if ($controller == 'user' && $action == 'login') {
  28. if (checksubmit()) {
  29. require _forward($controller, $action);
  30. }
  31. template('user/login');
  32. exit();
  33. }
  34. isetcookie('__session', '', - 10000);
  35. message('站点已关闭,关闭原因:' . $_W['setting']['copyright']['reason'], url('account/welcome'), 'info');
  36. }
  37. $controllers = array();
  38. $handle = opendir(IA_ROOT . '/web/source/');
  39. if (!empty($handle)) {
  40. while ($dir = readdir($handle)) {
  41. if ($dir != '.' && $dir != '..') {
  42. $controllers[] = $dir;
  43. }
  44. }
  45. }
  46. if (!in_array($controller, $controllers)) {
  47. $controller = 'home';
  48. }
  49. $init = IA_ROOT . "/web/source/{$controller}/__init.php";
  50. if (is_file($init)) {
  51. require $init;
  52. }
  53. if (defined('FRAME') && in_array(FRAME, array('account', 'wxapp'))) {
  54. if (!empty($_W['uniacid'])) {
  55. $_W['uniaccount'] = $_W['account'] = uni_fetch($_W['uniacid']);
  56. if (is_error($_W['account'])) {
  57. itoast('', url('account/display'));
  58. }
  59. $_W['acid'] = $_W['account']['acid'];
  60. $_W['weid'] = $_W['uniacid'];
  61. }
  62. }
  63. $actions = array();
  64. $actions_path = file_tree(IA_ROOT . '/web/source/' . $controller);
  65. foreach ($actions_path as $action_path) {
  66. $action_name = str_replace('.ctrl.php', '', basename($action_path));
  67. $section = basename(dirname($action_path));
  68. if ($section !== $controller) {
  69. $action_name = $section . '-' .$action_name;
  70. }
  71. $actions[] = $action_name;
  72. }
  73. if (empty($actions)) {
  74. header('location: ?refresh');
  75. }
  76. if (!in_array($action, $actions)) {
  77. $action = $action . '-' . $action;
  78. }
  79. if (!in_array($action, $actions)) {
  80. $action = $acl[$controller]['default'] ? $acl[$controller]['default'] : $actions[0];
  81. }
  82. if (is_array($acl[$controller]['direct']) && in_array($action, $acl[$controller]['direct'])) {
  83. require _forward($controller, $action);
  84. exit();
  85. }
  86. checklogin();
  87. if ($_W['role'] != ACCOUNT_MANAGE_NAME_FOUNDER) {
  88. if ($_W['role'] == ACCOUNT_MANAGE_NAME_UNBIND_USER) {
  89. itoast('', url('user/third-bind'));
  90. }
  91. if (!defined('FRAME')) {
  92. define('FRAME', '');
  93. }
  94. if (empty($_W['uniacid']) && in_array(FRAME, array('account', 'wxapp')) && $_GPC['m'] != 'store') {
  95. itoast('', url('account/display/platform'), 'info');
  96. }
  97. $acl = permission_build();
  98. if (in_array(FRAME, array('system', 'site', 'account_manage', 'platform', 'module', 'welcome'))) {
  99. $checked_role = $_W['highest_role'];
  100. } else {
  101. $checked_role = $_W['role'];
  102. }
  103. if (empty($acl[$controller][$checked_role]) ||
  104. (!in_array($controller.'*', $acl[$controller][$checked_role]) && !in_array($action, $acl[$controller][$checked_role]))) {
  105. message('不能访问, 需要相应的权限才能访问!');
  106. }
  107. unset($checked_role);
  108. }
  109. require _forward($controller, $action);
  110. define('ENDTIME', microtime());
  111. if (empty($_W['config']['setting']['maxtimeurl'])) {
  112. $_W['config']['setting']['maxtimeurl'] = 10;
  113. }
  114. if ((ENDTIME - STARTTIME) > $_W['config']['setting']['maxtimeurl']) {
  115. $data = array(
  116. 'type' => '1',
  117. 'runtime' => ENDTIME - STARTTIME,
  118. 'runurl' => $_W['sitescheme'] . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'],
  119. 'createtime' => TIMESTAMP
  120. );
  121. pdo_insert('core_performance', $data);
  122. }
  123. function _forward($c, $a) {
  124. $file = IA_ROOT . '/web/source/' . $c . '/' . $a . '.ctrl.php';
  125. if (!file_exists($file)) {
  126. list($section, $a) = explode('-', $a);
  127. $file = IA_ROOT . '/web/source/' . $c . '/' . $section . '/' . $a . '.ctrl.php';
  128. }
  129. return $file;
  130. }
  131. function _calc_current_frames(&$frames) {
  132. global $_W, $controller, $action;
  133. $_W['page']['title'] = (isset($_W['page']['title']) && !empty($_W['page']['title'])) ? $_W['page']['title'] : ($frames['dimension'] == 2 ? $frames['title'] : '');
  134. if (empty($frames['section']) || !is_array($frames['section'])) {
  135. return true;
  136. }
  137. foreach ($frames['section'] as &$frame) {
  138. if (empty($frame['menu'])) {
  139. continue;
  140. }
  141. $finished = false;
  142. foreach ($frame['menu'] as $key => &$menu) {
  143. if (defined('IN_MODULE') && $menu['multilevel']) {
  144. foreach ($menu['childs'] as $module_child_key => $module_child_menu) {
  145. $query = parse_url($module_child_menu['url'], PHP_URL_QUERY);
  146. $server_query = parse_url($_W['siteurl'], PHP_URL_QUERY);
  147. if (strpos($server_query, $query) === 0) {
  148. $menu['childs'][$module_child_key]['active'] = 'active';
  149. break;
  150. }
  151. }
  152. } else {
  153. $query = parse_url($menu['url'], PHP_URL_QUERY);
  154. parse_str($query, $urls);
  155. if (empty($urls)) {
  156. continue;
  157. }
  158. if (defined('ACTIVE_FRAME_URL')) {
  159. $query = parse_url(ACTIVE_FRAME_URL, PHP_URL_QUERY);
  160. parse_str($query, $get);
  161. } else {
  162. $get = $_GET;
  163. $get['c'] = $controller;
  164. $get['a'] = $action;
  165. }
  166. if (!empty($do)) {
  167. $get['do'] = $do;
  168. }
  169. if (strpos($get['do'], 'post') !== false && !in_array($key, array('platform_menu'))) {
  170. $_W['page']['title'] = '';
  171. continue;
  172. }
  173. $diff = array_diff_assoc($urls, $get);
  174. if (empty($diff) ||
  175. $key == 'platform_menu' && $get['a'] == 'menu' && in_array($get['do'], array('display')) ||
  176. $key == 'platform_site' && in_array($get['a'], array('style', 'article', 'category')) ||
  177. $key == 'mc_member' && in_array($get['a'], array('editor', 'group', 'fields')) ||
  178. $key == 'profile_setting' && in_array($get['a'], array('passport', 'tplnotice', 'notify', 'common')) ||
  179. $key == 'profile_payment' && in_array($get['a'], array('refund')) ||
  180. $key == 'statistics_visit' && in_array($get['a'], array('site', 'setting')) ||
  181. $key == 'platform_reply' && in_array($get['a'], array('reply-setting')) ||
  182. $key == 'system_setting_thirdlogin' && in_array($get['a'], array('thirdlogin')) ||
  183. $key == 'system_cloud_sms' && in_array($get['a'], array('profile')) ||
  184. $key == 'wxapp_profile_payment' && in_array($get['a'], array('refund'))) {
  185. $menu['active'] = ' active';
  186. $_W['page']['title'] = !empty($_W['page']['title']) ? $_W['page']['title'] : $menu['title'];
  187. $finished = true;
  188. break;
  189. }
  190. }
  191. }
  192. if ($finished) {
  193. break;
  194. }
  195. }
  196. }