Changeset ec0d8d6
- Timestamp:
- Jun 24, 2011, 10:31:48 PM (12 years ago)
- Branches:
- master
- Children:
- ddaa6a6
- Parents:
- 9cbd158
- Files:
-
- 8 edited
-
cli/iptinit.php (modified) (6 diffs)
-
db_struct.sql (modified) (1 diff)
-
web/core.php (modified) (3 diffs)
-
web/include/doc.poseditor.php (modified) (1 diff)
-
web/include/imgresizer.php (modified) (2 diffs)
-
web/index.php (modified) (1 diff)
-
web/news.php (modified) (1 diff)
-
web/user.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
cli/iptinit.php
r9cbd158 rec0d8d6 4 4 for($i=0;$i<(count($c)-2);$i++) $base_path.=$c[$i].'/'; 5 5 include_once("$base_path/config_cli.php"); 6 7 8 6 9 7 if(!$CONFIG['route']['ext_ip']) … … 14 12 15 13 $ipt='iptables'; 16 17 14 18 15 `echo "1" > /proc/sys/net/ipv4/ip_forward`; … … 38 35 `$ipt -P FORWARD DROP`; 39 36 40 37 if($CONFIG['route']['ulog']['ext_enable']) 38 { 39 `$ipt -A INPUT -s ! {$CONFIG['route']['lan_range']} -j ULOG`; 40 `$ipt -A OUTPUT -d ! {$CONFIG['route']['lan_range']} -j ULOG`; 41 echo "Ext_Ulog enabled!\n"; 42 } 41 43 // Create chain for bad tcp packets 42 44 `$ipt -N bad_tcp_packets`; 43 45 `$ipt -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j DROP`; 44 45 46 46 47 // Create separate chains for ICMP, TCP and UDP to traverse … … 52 53 `$ipt -A allowed -j ACCEPT`; 53 54 54 55 56 55 // TCP rules 57 56 `$ipt -N tcp_packets`; 58 59 `$ipt -A tcp_packets -p TCP -s 189.52.17.130 --dport 25 -j DROP`; // SMTP60 57 61 58 // FTP … … 140 137 141 138 142 143 144 139 if($CONFIG['route']['ulog']['enable']) 145 140 { 146 `$ipt -A OUT_INET_FORWARD -p tcp -m multiport --dport {$CONFIG['route']['ulog']['ports']} -j ULOG`; 141 `$ipt -A OUT_INET_FORWARD -j ULOG`; 142 `$ipt -A IN_INET_FORWARD -j ULOG`; 143 144 echo "Ulog enable!\n"; 147 145 } 148 146 149 147 `$ipt -A IN_INET_FORWARD -j ACCEPT`; 150 148 `$ipt -A OUT_INET_FORWARD -j ACCEPT`; 151 152 149 153 150 … … 184 181 `$ipt -t nat -A PREROUTING -d {$CONFIG['route']['ext_ip']} -i {$CONFIG['route']['ext_iface']} -p tcp -m tcp --dport 4000 -j DNAT --to-destination 192.168.1.45:4000`; 185 182 `$ipt -t nat -A PREROUTING -d {$CONFIG['route']['ext_ip']} -i {$CONFIG['route']['ext_iface']} -p tcp -m tcp --dport 636 -j DNAT --to-destination 192.168.1.22:631`; 186 183 //ATS 184 `$ipt -t nat -A PREROUTING -d {$CONFIG['route']['ext_ip']} -i {$CONFIG['route']['ext_iface']} -p tcp -m tcp --dport 5000 -j DNAT --to-destination 192.168.0.202:5000`; 185 `$ipt -t nat -A PREROUTING -d {$CONFIG['route']['ext_ip']} -i {$CONFIG['route']['ext_iface']} -p tcp -m tcp --dport 5001 -j DNAT --to-destination 192.168.0.202:5001`; 186 `$ipt -t nat -A PREROUTING -d {$CONFIG['route']['ext_ip']} -i {$CONFIG['route']['ext_iface']} -p tcp -m tcp --dport 5002 -j DNAT --to-destination 192.168.0.202:5002`; 187 `$ipt -t nat -A PREROUTING -d {$CONFIG['route']['ext_ip']} -i {$CONFIG['route']['ext_iface']} -p tcp -m tcp --dport 5003 -j DNAT --to-destination 192.168.0.202:5003`; 188 `$ipt -t nat -A PREROUTING -d {$CONFIG['route']['ext_ip']} -i {$CONFIG['route']['ext_iface']} -p tcp -m tcp --dport 5004 -j DNAT --to-destination 192.168.0.202:5004`; 189 `$ipt -t nat -A PREROUTING -d {$CONFIG['route']['ext_ip']} -i {$CONFIG['route']['ext_iface']} -p tcp -m tcp --dport 5005 -j DNAT --to-destination 192.168.0.202:5005`; 190 `$ipt -t nat -A PREROUTING -d {$CONFIG['route']['ext_ip']} -i {$CONFIG['route']['ext_iface']} -p tcp -m tcp --dport 5090 -j DNAT --to-destination 192.168.0.202:5090`; 191 `$ipt -t nat -A PREROUTING -d {$CONFIG['route']['ext_ip']} -i {$CONFIG['route']['ext_iface']} -p tcp -m tcp --dport 23 -j DNAT --to-destination 192.168.0.202:23`; 187 192 188 193 -
db_struct.sql
r9cbd158 rec0d8d6 19 19 -- База данных: `dev` 20 20 -- 21 22 -- -------------------------------------------------------- 23 24 -- 25 -- Структура таблицы `comments` 26 -- 27 28 CREATE TABLE IF NOT EXISTS `comments` ( 29 `id` int(11) NOT NULL AUTO_INCREMENT, 30 `date` datetime NOT NULL, 31 `object_name` varchar(16) NOT NULL COMMENT 'Имя(тип) объекта комментирования', 32 `object_id` int(11) NOT NULL COMMENT 'ID объекта комментирования', 33 `autor_name` varchar(16) NOT NULL COMMENT 'Имя автора (анонимного)', 34 `autor_email` varchar(32) NOT NULL COMMENT 'Электронная почта анонимного автора', 35 `autor_id` int(11) NOT NULL COMMENT 'UID автора', 36 `text` text NOT NULL COMMENT 'Текст коментария', 37 `rate` tinyint(4) NOT NULL COMMENT 'Оценка объекта (0-5)', 38 `ip` varchar(16) NOT NULL, 39 `user_agent` varchar(128) NOT NULL, 40 PRIMARY KEY (`id`), 41 KEY `object_name` (`object_name`), 42 KEY `object_id` (`object_id`), 43 KEY `rate` (`rate`), 44 KEY `date` (`date`) 45 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='Коментарии к товарам, новостям, статьям и пр.'; 46 21 47 22 48 -- -------------------------------------------------------- -
web/core.php
r9cbd158 rec0d8d6 18 18 // 19 19 20 define("MULTIMAG_VERSION", "0.0.1r24 5");20 define("MULTIMAG_VERSION", "0.0.1r249"); 21 21 header("X-Powered-By: MultiMag ".MULTIMAG_VERSION); 22 22 … … 212 212 213 213 // Есть ли право доступа к указанному объекту для указанной операции 214 function isAccess($object, $action )214 function isAccess($object, $action,$no_redirect=0) 215 215 { 216 216 $uid=@$_SESSION['uid']; … … 230 230 if(mysql_errno()) throw new MysqlException("Выборка привилегий не удалась"); 231 231 $access=(mysql_num_rows($res)>0)?true:false; 232 if((!$uid) && (!$access) ) need_auth();232 if((!$uid) && (!$access) && (!$no_redirect)) need_auth(); 233 233 return $access; 234 234 } -
web/include/doc.poseditor.php
r9cbd158 rec0d8d6 172 172 var poslist=PosEditorInit('/doc.php?doc={$this->doc}&mode=srv',{$this->editable}) 173 173 poslist.show_column['sn']='{$this->show_sn}' 174 poslist.show_column['vc']='{$this->show_vc}' 174 175 poslist.show_column['gtd']='{$this->show_gtd}' 175 176 176 177 var skladview=document.getElementById('sklad_view') 177 178 skladview.show_column['vc']='{$this->show_vc}' -
web/include/imgresizer.php
r9cbd158 rec0d8d6 189 189 if($this->dim_x<$this->dim_y) $font_size=$this->dim_x/10; 190 190 else $font_size=$this->dim_y/10; 191 $text_bbox=imageftbbox ( $font_size , 45 , $this->font_watermark , $CONFIG['site'][' display_name'] );191 $text_bbox=imageftbbox ( $font_size , 45 , $this->font_watermark , $CONFIG['site']['name'] ); 192 192 193 193 $min_x=$max_x=$text_bbox[0]; … … 203 203 $delta_y=$this->dim_y-$min_y+$max_y; 204 204 205 imagefttext ( $im , $font_size , 45 , $delta_x/1.9, $delta_y/2 , $bg_c , $this->font_watermark , $CONFIG['site'][' display_name'] );206 imagefttext ( $im , $font_size , 45 , $delta_x/1.9+2, $delta_y/2+2 , $text_c , $this->font_watermark , $CONFIG['site'][' display_name'] );205 imagefttext ( $im , $font_size , 45 , $delta_x/1.9, $delta_y/2 , $bg_c , $this->font_watermark , $CONFIG['site']['name'] ); 206 imagefttext ( $im , $font_size , 45 , $delta_x/1.9+2, $delta_y/2+2 , $text_c , $this->font_watermark , $CONFIG['site']['name'] ); 207 207 } 208 208 // header("Content-type: image/jpg"); -
web/index.php
r9cbd158 rec0d8d6 21 21 include_once("core.php"); 22 22 23 try 24 { 25 23 26 if(file_exists( $CONFIG['site']['location'].'/skins/'.$CONFIG['site']['skin'].'/index.tpl.php' ) ) 24 27 include_once($CONFIG['site']['location'].'/skins/'.$CONFIG['site']['skin'].'/index.tpl.php'); 25 else include_once("vitrina.php"); 28 else 29 { 30 31 include_once("include/doc.core.php"); 32 include_once("include/imgresizer.php"); 33 require_once("include/comments.inc.php"); 34 $tmpl->SetTitle($CONFIG['site']['display_name']); 35 36 if(@$_SESSION['uid']) $res=mysql_query("SELECT `id` FROM `doc_cost` WHERE `vid`='-1'"); 37 else $res=mysql_query("SELECT `id` FROM `doc_cost` WHERE `vid`='1'"); 38 if(mysql_errno()) throw new MysqlException('Не удалось выбрать цену для пользователя'); 39 $cost_id= mysql_result($res,0,0); 40 if(!$cost_id) $cost_id=1; 41 42 43 $tmpl->AddStyle(".pitem { 44 float: left; 45 width: 330px; 46 height: 180px; 47 border: 1px solid #ccc; 48 background: #fafafa; 49 margin: 10px; 50 padding: 5px; 51 border-radius: 10px; 52 -moz-border-radius: 10px; 53 }"); 54 55 $tmpl->AddText(" 56 <table class='index-nsr'> 57 <tr><td> 58 <h3>Акции</h3>"); 59 60 $res=mysql_query("SELECT `news`.`id`, `news`.`text`, `news`.`date`, `news`.`ex_date`, `news`.`img_ext` FROM `news` 61 WHERE `news`.`type`='stock' 62 ORDER BY `date` DESC LIMIT 3"); 63 if(mysql_errno()) throw new MysqlException("Не удалось получить список акций!"); 64 if(mysql_num_rows($res)) 65 { 66 while($nxt=mysql_fetch_assoc($res)) 67 { 68 69 $wikiparser->title=''; 70 $text=$wikiparser->parse(html_entity_decode($nxt['text'],ENT_QUOTES,"UTF-8")); 71 if($nxt['img_ext']) 72 { 73 $miniimg=new ImageProductor($nxt['id'],'n', $nxt['img_ext']); 74 $miniimg->SetX(50); 75 $miniimg->SetY(50); 76 $img="<img src='".$miniimg->GetURI()."' alt=''>"; 77 } 78 else $img=''; 79 $text_a=mb_split( "[.!?]" , strip_tags($text), 2); 80 if(@$text_a) $text=$text_a[0]."..."; 81 $tmpl->AddText("<div class='news'><div class='image'><a href='/news.php?mode=read&id={$nxt['id']}'>$img</a></div> 82 <div class='text'><p class='date'>{$nxt['date']}</p><p class='title'><a href='/news.php?mode=read&id={$nxt['id']}'>{$wikiparser->title}</a></p><p>$text</p></div> 83 <div class='clear'></div> 84 </div>"); 85 } 86 } 87 88 89 $tmpl->AddText("<td><h3>Обзоры</h3>"); 90 91 $res=mysql_query("SELECT `name`, `date`, `text`, `img_ext` FROM `wiki` 92 WHERE `name` LIKE 'review:%' 93 ORDER BY `date` DESC LIMIT 3"); 94 if(mysql_errno()) throw new MysqlException("Не удалось получить список статей!"); 95 if(mysql_num_rows($res)) 96 { 97 while($nxt=mysql_fetch_assoc($res)) 98 { 99 $wikiparser->title=''; 100 $text=$wikiparser->parse(html_entity_decode($nxt['text'],ENT_QUOTES,"UTF-8")); 101 if($nxt['img_ext']) 102 { 103 $miniimg=new ImageProductor($nxt['name'],'a', $nxt['img_ext']); 104 $miniimg->SetX(50); 105 $miniimg->SetY(50); 106 $img="<img src='".$miniimg->GetURI()."' alt=''>"; 107 } 108 else $img=''; 109 $text_a=mb_split( "[.!?]" , strip_tags($text), 2); 110 if(@$text_a) $text=$text_a[0]."..."; 111 $tmpl->AddText("<div class='news'><div class='image'><a href='/wiki/{$nxt['name']}'>$img</a></div> 112 <div class='text'><p class='date'>{$nxt['date']}</p><p class='title'><a href='/wiki/{$nxt['name']}'>{$wikiparser->title}</a></p><p>$text</p></div> 113 <div class='clear'></div> 114 </div>"); 115 } 116 } 117 118 119 $tmpl->AddText("<td><h3><a href='/news.php'>Новости</a></h3>"); 120 121 $res=mysql_query("SELECT `news`.`id`, `news`.`text`, `news`.`date`, `news`.`ex_date`, `news`.`img_ext` FROM `news` 122 WHERE `news`.`type`='' 123 ORDER BY `date` DESC LIMIT 3"); 124 if(mysql_errno()) throw new MysqlException("Не удалось получить список новостей!"); 125 if(mysql_num_rows($res)) 126 { 127 while($nxt=mysql_fetch_assoc($res)) 128 { 129 $wikiparser->title=''; 130 $text=$wikiparser->parse(html_entity_decode($nxt['text'],ENT_QUOTES,"UTF-8")); 131 if($nxt['img_ext']) 132 { 133 $miniimg=new ImageProductor($nxt['id'],'n', $nxt['img_ext']); 134 $miniimg->SetX(50); 135 $miniimg->SetY(50); 136 $img="<img src='".$miniimg->GetURI()."' alt=''>"; 137 } 138 else $img=''; 139 $text_a=mb_split( "[.!?]" , strip_tags($text), 2); 140 if(@$text_a) $text=$text_a[0]."..."; 141 $tmpl->AddText("<div class='news'><div class='image'><a href='/news.php?mode=read&id={$nxt['id']}'>$img</a></div> 142 <div class='text'><p class='date'>{$nxt['date']}</p><p class='title'><a href='/news.php?mode=read&id={$nxt['id']}'>{$wikiparser->title}</a></p><p>$text</p></div> 143 <div class='clear'></div> 144 </div>"); 145 } 146 } 147 148 149 150 $tmpl->AddText("</tr></table>"); 151 152 $res=mysql_query("SELECT `doc_base`.`id`, `doc_base`.`name`, `doc_base`.`desc`, `doc_base`.`cost`, `doc_img`.`id` AS `img_id`, `doc_img`.`type` AS `img_type`, `doc_units`.`printname` AS `units` FROM `doc_base` 153 LEFT JOIN `doc_base_img` ON `doc_base_img`.`pos_id`=`doc_base`.`id` AND `doc_base_img`.`default`='1' 154 LEFT JOIN `doc_img` ON `doc_img`.`id`=`doc_base_img`.`img_id` 155 LEFT JOIN `doc_units` ON `doc_base`.`unit`=`doc_units`.`id` 156 WHERE `hidden`='0' AND `stock`!='0'"); 157 if(mysql_errno()) throw new MysqlException("Выборка спецпредложений не удалась!"); 158 if(mysql_num_rows($res)) 159 { 160 $tmpl->AddText("<h1>Спецпредложения</h1>"); 161 162 while($nxt=mysql_fetch_array($res)) 163 { 164 if($CONFIG['site']['recode_enable']) $link= "/vitrina/ip/$nxt[0].html"; 165 else $link= "/vitrina.php?mode=product&p=$nxt[0]"; 166 if($nxt['img_id']) 167 { 168 $miniimg=new ImageProductor($nxt['img_id'],'p', $nxt['img_type']); 169 $miniimg->SetX(135); 170 $miniimg->SetY(180); 171 $img="<img src='".$miniimg->GetURI()."' style='float: left; margin-right: 10px;' alt='{$nxt['name']}'>"; 172 } 173 else $img="<img src='/img/no_photo.png' alt='no photo'>"; 174 $cost=GetCostPos($nxt['id'], $cost_id); 175 176 $tmpl->AddText("<div class='pitem'> 177 <a href='$link'>$img</a> 178 {$nxt['name']}<br> 179 <b>Цена:</b> $cost руб / {$nxt['units']}<br> 180 <a href='/vitrina.php?mode=korz_add&p={$nxt['id']}&cnt=1' onclick=\"ShowPopupWin('/vitrina.php?mode=korz_adj&p={$nxt['id']}&cnt=1','popwin'); return false;\" rel='nowollow'>В корзину!</a> 181 </div>"); 182 } 183 184 $tmpl->AddText("<br clear='all'>"); 185 } 186 187 $tmpl->AddText("<h1>Популярные товары</h1>"); 188 189 $res=mysql_query("SELECT `doc_base`.`id`, `doc_base`.`name`, `doc_base`.`desc`, `doc_base`.`cost`, `doc_img`.`id` AS `img_id`, `doc_base`.`likvid`, `doc_img`.`type` AS `img_type`, ( SELECT SUM(`doc_base_cnt`.`cnt`) FROM `doc_base_cnt` WHERE `doc_base_cnt`.`id`=`doc_base`.`id` GROUP BY `doc_base`.`id`) AS `count`, `doc_units`.`printname` AS `units` FROM `doc_base` 190 LEFT JOIN `doc_base_img` ON `doc_base_img`.`pos_id`=`doc_base`.`id` AND `doc_base_img`.`default`='1' 191 LEFT JOIN `doc_img` ON `doc_img`.`id`=`doc_base_img`.`img_id` 192 LEFT JOIN `doc_units` ON `doc_base`.`unit`=`doc_units`.`id` 193 WHERE `hidden`='0' 194 ORDER BY `likvid` DESC 195 LIMIT 20"); 196 if(mysql_errno()) throw new MysqlException("Выборка популярных товаров не удалась!"); 197 $i=1; 198 while($nxt=mysql_fetch_array($res)) 199 { 200 if($nxt['cost']==0) continue; 201 if($CONFIG['site']['recode_enable']) $link= "/vitrina/ip/$nxt[0].html"; 202 else $link= "/vitrina.php?mode=product&p=$nxt[0]"; 203 if($nxt['img_id']) 204 { 205 $miniimg=new ImageProductor($nxt['img_id'],'p', $nxt['img_type']); 206 $miniimg->SetX(135); 207 $miniimg->SetY(180); 208 $img="<img src='".$miniimg->GetURI()."' style='float: left; margin-right: 10px;' alt='{$nxt['name']}'>"; 209 } 210 else $img="<img src='/img/no_photo.png' alt='no photo' alt='no photo'>"; 211 $cost=GetCostPos($nxt['id'], $cost_id); 212 213 $tmpl->AddText("<div class='pitem'> 214 <a href='$link'>$img</a> 215 {$nxt['name']}<br> 216 <b>Цена:</b> $cost руб / {$nxt['units']}<br> 217 <a href='/vitrina.php?mode=korz_add&p={$nxt['id']}&cnt=1' onclick=\"ShowPopupWin('/vitrina.php?mode=korz_adj&p={$nxt['id']}&cnt=1','popwin'); return false;\" rel='nowollow'>В корзину!</a> 218 </div>"); 219 220 $i++; 221 } 222 $tmpl->AddText("<br clear='all'>"); 223 } 224 225 } 226 catch(MysqlException $e) 227 { 228 mysql_query("ROLLBACK"); 229 $tmpl->AddText("<br><br>"); 230 $tmpl->msg($e->getMessage(),"err"); 231 } 232 catch(Exception $e) 233 { 234 mysql_query("ROLLBACK"); 235 $tmpl->AddText("<br><br>"); 236 $tmpl->logger($e->getMessage()); 237 } 238 $tmpl->write(); 239 26 240 ?> 27 241 -
web/news.php
r9cbd158 rec0d8d6 26 26 27 27 $tmpl->SetTitle("Новости сайта - ".$CONFIG['site']['display_name']); 28 if(isAccess('generic_news','create' ))28 if(isAccess('generic_news','create',1)) 29 29 { 30 30 if($mode=='') $tmpl->AddText("<a href='?mode=add'>Добавить новость</a><br>"); -
web/user.php
r9cbd158 rec0d8d6 384 384 { 385 385 if(isAccess('sys_ip-log','view')) 386 if($rights['read'])387 386 { 388 387 $tmpl->AddText("<h1>25 часто используемых адресов</h1>");
Note: See TracChangeset
for help on using the changeset viewer.
