HEX
Server: nginx/1.28.1
System: Linux 10-41-63-61 6.8.0-31-generic #31-Ubuntu SMP PREEMPT_DYNAMIC Sat Apr 20 00:40:06 UTC 2024 x86_64
User: www (1001)
PHP: 7.4.33
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
$ pwd: /www/wwwroot/bs.kntsleep.com/install/
Upload Files
File: /www/wwwroot/bs.kntsleep.com/install/index.php
<?php
/*
 * Copyright (c) Huyin Information Technology Co., Ltd. All Rights Reserved.
 * BOSSCMS Content Management System (https://www.bosscms.net/)
 */
if(is_file('../system/install.lock')) die('系统已经安装!如需重新安装请删除/system/目录下的install.lock文件');
$version = 'V3.1.0';
$page = isset($_GET['page'])&&preg_match('/^\w+$/',$_GET['page'])?$_GET['page']:'license';
if(!(isset($_POST) && $_POST)){
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0,user-scalable=0,minimal-ui">
<title>BOSSCMS 网站后台管理系统</title>
<link href="../system/web/common/font/font-awesome.css" rel="stylesheet" />
<link href="../system/admin/common/css/bosscms.css?<?php echo mt_rand(); ?>" rel="stylesheet" />
<link href="css/install.css?<?php echo mt_rand(); ?>" rel="stylesheet" />
<script src="../system/extend/ueditor/third-party/jquery-1.10.2.min.js?<?php echo mt_rand(); ?>" ></script>
<script src="js/install.js?<?php echo mt_rand(); ?>" ></script>
<link href="../favicon.ico" rel="shortcut icon" type="image/x-icon" />
</head>
<body>
<main class="install">
  <header class="head">
	<strong>BOSSCMS</strong>
	<b>程序安装</b>
	<span><?php echo $version; ?></span>
	<p>当前安装版本:</p>
  </header>
<?php include('html/'.$page.'.html'); ?>
</main>
</body>
</html>
<?php
}else{
	require '../system/basic/func/global.func.php';
	if($page == 'form'){
        foreach ($_POST as $k => $v) {
            $post[$k] = str_replace(PHP_EOL,'',$v);
        }
		if(!preg_match('/^\d+$/',$post['port'])){
			alert('端口必须为数字');
		}
		if(!preg_match('/^\w+$/',$post['prefix'])){
			alert('数据表前缀必须为英文、数字、下划线的组合!');
		}
		if(!$post['username']){
			alert('管理员账户不能为空!');
		}
		if($post['password1'] !== $post['passwords']){
			alert('密码输入不一致,请重新输入!');
		}
		if($link = @mysqli_connect($post['host'].':'.$post['port'], $post['user'], $post['password'])){
			mysqli_set_charset($link, 'UTF8');
			if(!mysqli_select_db($link, $post['database'])){
				mysqli_query($link,'CREATE DATABASE '.$post['database']);
				if(!mysqli_select_db($link, $post['database'])){
					alert('创建数据库失败');
				}
			}
			$file = '../system/basic/json/database.json';
			if(!is_file($file)){
				alert('没有可导入数据库文件');
			}
			$database = json_decode(preg_replace("/\/\*[\s\S]+?\*\//",'',file_get_contents($file)),true);
			foreach($database as $table=>$arr){
				mysqli_query($link, "DROP TABLE IF EXISTS `{$post['prefix']}{$table}`;");
				$sql = "CREATE TABLE IF NOT EXISTS `{$post['prefix']}{$table}` (";
				foreach($arr as $column=>$attr){
					$sql .= "`{$column}` {$attr},";
				}
				$sql .= "PRIMARY KEY (`id`) ) ENGINE=InnoDB  DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;";
				if(!mysqli_query($link, $sql)){
					if(!mysqli_query($link, str_replace(' ENGINE=InnoDB ','',$sql))){
						alert('创建数据表失败');
					}
				}
			}
			/* 必须添加一个语言 */
			mysqli_query($link, "INSERT INTO `{$post['prefix']}language` (`id`, `name`, `sign`, `image`, `description`, `defaults`, `display`, `target`, `sort`) VALUE ('1', '中文', 'zh', '..//upload/photo/image/zh-cn.png', '', '1', '1', '0', '0') ;");
			/* 添加版本号 */
			mysqli_query($link, "INSERT INTO `{$post['prefix']}config` (`id`, `name`, `value`, `parent`, `type`, `lang`) VALUE (null, 'version', '{$version}', '0', '1', '0') ;");
			/* 添加必要的后台config参数 */
			$config = json_decode(preg_replace("/\/\*[\s\S]+?\*\//",'',file_get_contents('../system/basic/json/config.json')),true);
			foreach($config as $v){
				mysqli_query($link, "INSERT INTO `{$post['prefix']}config` (`id`, `name`, `value`, `parent`, `type`, `lang`) VALUE (null, '{$v['name']}', '{$v['value']}', '{$v['parent']}', '{$v['type']}', '0') ;");
			}				
			/* 添加必要的前台config参数 */
			$must = json_decode(preg_replace("/\/\*[\s\S]+?\*\//",'',file_get_contents('../system/basic/json/must.json')),true);
			foreach($must as $v){
				mysqli_query($link, "INSERT INTO `{$post['prefix']}config` (`id`, `name`, `value`, `parent`, `type`, `lang`) VALUE (null, '{$v['name']}', '{$v['value']}', '{$v['parent']}', '{$v['type']}', '1') ;");
			}
			file_put_contents('../system/basic/ini/mysql.ini.php','<?php'.PHP_EOL.'/**'.PHP_EOL.' * MYSQL数据库连接设置'.PHP_EOL.' */'.PHP_EOL.'return <<<INI'.PHP_EOL.PHP_EOL.'host      = "'.$post['host'].'" ; /* 数据库地址 */'.PHP_EOL.'port      = "'.$post['port'].'" ; /* 数据库端口 */'.PHP_EOL.'user      = "'.$post['user'].'" ; /* 数据库用户 */'.PHP_EOL.'password  = "'.$post['password'].'" ; /* 数据库密码 */'.PHP_EOL.'database  = "'.$post['database'].'" ; /* 数据库名称 */'.PHP_EOL.'prefix    = "'.$post['prefix'].'" ; /* 数据表前缀 */'.PHP_EOL.PHP_EOL.'INI;'.PHP_EOL.'?>');
			
			define('ROOT_PATH', $_SERVER['DOCUMENT_ROOT']&&is_file($_SERVER['DOCUMENT_ROOT'].'/system/basic/class/into.class.php')?str_replace('/',DIRECTORY_SEPARATOR,$_SERVER['DOCUMENT_ROOT'].'/'):substr(dirname(__FILE__),0,-7));
			define('P', 'BOSSCMS@DEL0T_T');
			function replace($path){
				$path = str_replace('://',':'.P,$path);
				$path = str_replace('//','/',str_replace('///','/',str_replace('\\','/',$path)));
				$path = str_replace(':'.P,'://',$path);
				return $path;
			}
			$root  = replace(ROOT_PATH.'/');
			$aisle = isset($_SERVER['DOCUMENT_ROOT'])?str_ireplace(replace($_SERVER['DOCUMENT_ROOT'].'/'),'/',$root):'';
			$host  = (isset($_SERVER['HTTP_HOST'])?$_SERVER['HTTP_HOST']:$_SERVER['SERVER_NAME']).((isset($_SERVER['SERVER_PORT'])&&$_SERVER['SERVER_PORT']!=80&&$_SERVER['SERVER_PORT']!=443)?':'.$_SERVER['SERVER_PORT']:'');
			$http  = (isset($_SERVER['HTTP_X_CLIENT_SCHEME'])?$_SERVER['HTTP_X_CLIENT_SCHEME']:(isset($_SERVER['REQUEST_SCHEME'])?$_SERVER['REQUEST_SCHEME']:'http')).'://';
			$domain  = $http.replace($host.$aisle);
				
			$result = mysqli_query($link, "SELECT VERSION() AS ver");
			if($result && mysqli_num_rows($result)>0){
				$rows = mysqli_fetch_array($result, MYSQLI_ASSOC);
				$ver = $rows['ver'];
				mysqli_free_result($result);
			}
			$result = mysqli_query($link, "SELECT id FROM {$post['prefix']}manager WHERE username='{$post['username']}'");
			if($result && mysqli_num_rows($result)>0){
				mysqli_query($link, "UPDATE {$post['prefix']}manager SET password=MD5('{$post['password1']}') WHERE username='{$post['username']}'");
			}else{
				$time = time();
				$IP = getIP();
				mysqli_query($link, "DELETE FROM {$post['prefix']}manager WHERE level='1'");
				mysqli_query($link, "INSERT INTO {$post['prefix']}manager (`username`, `password`, `level`, `department`, `ip`, `frequency`, `permit`, `allow`, `ctime`, `ltime`, `image`, `alias`, `email`, `phone`, `open`) VALUE ('{$post['username']}', MD5('{$post['password1']}'), '1', '', '{$IP}', '0', '', '', '{$time}', '{$time}', '', '', '', '', '1')");
				mysqli_query($link, "INSERT INTO {$post['prefix']}models (`id`,`name`,`sign`,`search`,`comments`,`contribute`,`cweight`,`display`) VALUES (2,'新闻模型','news','{\"column\":[\"name\"],\"image\":\"image\",\"text\":\"text\"}',0,0,0,1), (3,'产品模型','product','{\"column\":[\"name\"],\"image\":\"image\",\"text\":\"text\"}',0,0,0,1), (4,'图片模型','image','{\"column\":[\"name\"],\"image\":\"image\",\"text\":\"text\"}',0,0,0,1), (5,'下载模型','download','{\"column\":[\"name\"],\"image\":\"image\",\"text\":\"text\"}',0,0,0,1), (20,'视频模型','video','{\"column\":[\"name\"],\"image\":\"image\",\"text\":\"text\"}',0,0,0,0), (21,'软件模型','software','{\"column\":[\"name\"],\"image\":\"\",\"text\":\"\"}',0,0,0,0), (22,'商城模型','mall','{\"column\":[\"name\"],\"image\":\"image\",\"text\":\"text\"}',0,0,0,0)");
				mysqli_query($link, "INSERT INTO {$post['prefix']}field (`id`,`parent`,`style`,`title`,`name`,`type`,`description`,`value`,`param`,`attribute`,`sort`,`display`) VALUES (1,20,'2','编辑内容','content','mediumtext','','','','{\"width\":\"90%\",\"height\":\"400\"}',0,1), (2,20,'8','上传视频','video','varchar(255)','','','','[]',0,1), (3,20,'6','封面图片','image','varchar(255)','','','','[]',0,1), (4,20,'1','视频代码','code','varchar(255)','','','','[\"width9\",\"height2\"]',0,1), (5,20,'1','简短描述','text','varchar(255)','','','','[\"width9\",\"height2\"]',0,1), (7,22,'2','内容编辑','content','mediumtext','','','','{\"width\":\"90%\",\"height\":\"400\"}',0,1), (8,22,'6','缩略图','image','varchar(255)','','','','[]',0,1), (9,22,'7','商品图集','images','text','','','','[]',0,1), (10,22,'1','简短描述','text','varchar(255)','','','','[\"width9\",\"height2\"]',0,1), (11,21,'2','编辑内容','content','mediumtext','','','','{\"width\":\"90%\",\"height\":\"400\"}',0,1), (12,21,'9','软件下载','file','varchar(255)','','','','[]',0,1), (13,21,'5','文件类型','ftype','varchar(255)','','','{\".exe\":\".exe\",\".zip\":\".zip\",\".rar\":\".rar\",\"其他\":\"其他\"}','{\"width\":\"30%\"}',0,1), (14,21,'1','简单描述','text','varchar(255)','','','','[\"width9\",\"height2\"]',0,1);");
				$db = json_decode(preg_replace("/\/\*[\s\S]+?\*\//",'',file_get_contents('../system/basic/json/database.json')),true);
				$result = mysqli_query($link, "SELECT id,sign FROM {$post['prefix']}models WHERE id>=20");
				if($result && mysqli_num_rows($result)>0){
					while($row = mysqli_fetch_array($result, MYSQLI_ASSOC)){
						mysqli_query($link, "DROP TABLE IF EXISTS {$post['prefix']}model_{$row['sign']};");
						$sql = "CREATE TABLE IF NOT EXISTS {$post['prefix']}model_{$row['sign']} (";
						foreach($db['news'] as $k=>$v){
							$sql .= "`{$k}` {$v},";
						}
						$sql .= "PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1;";
						mysqli_query($link, $sql);
						mysqli_query($link, "DROP TABLE IF EXISTS {$post['prefix']}model_{$row['sign']}_content;");
						$sql = "CREATE TABLE IF NOT EXISTS {$post['prefix']}model_{$row['sign']}_content (";
						foreach($db['news_content'] as $k=>$v){
							if(!preg_match('/\/\*.+\*\//',$v)){
								$sql .= "`{$k}` {$v},";
							}
						}
						$result2 = mysqli_query($link, "SELECT name,type,title FROM {$post['prefix']}field WHERE parent='{$row['id']}'");
						if($result2 && mysqli_num_rows($result2)>0){
							while($row2 = mysqli_fetch_array($result2, MYSQLI_ASSOC)){
								$sql .= "`{$row2['name']}` {$row2['type']} NOT NULL";
								if(preg_match('/^varchar/',$row2['type'])){
									$sql .= " DEFAULT ''";
								}else if(preg_match('/^int/',$row2['type'])){
									$sql .= " DEFAULT '0'";
								}
								$sql .= " COMMENT '{$row2['title']}',";
							}
							mysqli_free_result($result2);
						}
						$sql .= "PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1;";
						mysqli_query($link, $sql);
					}
					mysqli_free_result($result);
				}
				mysqli_query($link, "INSERT INTO {$post['prefix']}grade (`id`,`name`,`weight`,`golds`,`points`,`open`) VALUES (1,'普通会员',5,0,100,1), (2,'初级会员',10,100,400,1), (3,'中级会员',20,200,800,1), (6,'高级会员',40,300,1300,1)");
				mysqli_query($link, "INSERT INTO {$post['prefix']}ranks (`id`,`name`,`points`,`open`) VALUES (7,'少尉',1000,1), (8,'中尉',2000,1), (9,'上尉',3000,1), (11,'列兵',0,1), (12,'中校',5000,1), (13,'大校',6000,1), (14,'少将',8000,1), (15,'中将',10000,1), (16,'大将',12000,1), (17,'上将',17000,1), (18,'元帅',23000,1)");
				mysqli_query($link, "UPDATE {$post['prefix']}config SET value='{$domain}' WHERE name='domain' AND type='0'");
				/* 添加oem信息 */
				if(file_exists($path='../system/admin/common/html/')){
					$handle = opendir($path);
					while(($name=readdir($handle)) !== false){
						if($name!='.' && $name!='..' && is_file($path.$name)){
							preg_match('/^oem(\w+)\.html$/',$name,$match);
							if(isset($match[1]) && $match[1]){
								$con = file_get_contents($path.$name);
								$arr = array('title','remote_market','login_title','frame_title','institution_name','help_content');
								foreach($arr as $v){
									preg_match("/<{$v}>(.+)<\/{$v}>/s",$con,$mat);
									if(isset($mat[1])){
										mysqli_query($link, "INSERT INTO `{$post['prefix']}config` (`id`, `name`, `value`, `parent`, `type`, `lang`) VALUE (null, 'admin_{$v}', '{$mat[1]}', '0', '1', '0') ;");
									}
								}
								break;
							}
						}
					}
					closedir($handle);
				}
				$file = 'sql/data.sql';
				if(isset($post['import']) && $post['import'] && is_file($file) && $text=file_get_contents($file)){
					if($post['prefix'] != 'bosscms_'){
						$text = str_replace(' EXISTS `bosscms_', ' EXISTS `'.$post['prefix'], $text);
						$text = str_replace('INSERT INTO `bosscms_', 'INSERT INTO `'.$post['prefix'], $text);
					}
					function dci($text, $prefix){
						$d = strpos($text,'DROP TABLE IF EXISTS `'.$prefix);
						$c = strpos($text,'CREATE TABLE IF NOT EXISTS `'.$prefix);
						$i = strpos($text,'INSERT INTO `'.$prefix);
						$s = false;
						if(is_numeric($d) && is_numeric($c) && is_numeric($i)){ 
							$s = min($d, $c, $i);
						}else if(is_numeric($d) && is_numeric($c)){ 
							$s = min($d, $c);
						}else if(is_numeric($d) && is_numeric($i)){ 
							$s = min($d, $i);
						}else if(is_numeric($c) && is_numeric($i)){ 
							$s = min($c, $i);
						}else if(is_numeric($d)){ 
							$s = $d;
						}else if(is_numeric($c)){ 
							$s = $c;
						}else if(is_numeric($i)){ 
							$s = $i;
						}
						return $s;
					}
					while($text){
						$text = substr($text, dci($text, $post['prefix']));
						$s2 = dci(substr($text,1), $post['prefix']);
						if(is_numeric($s2)){
							mysqli_query($link, substr($text, 0, $s2));
							$text = substr($text,$s2);
						}else{
							mysqli_query($link, $text);
							$text = false;
						}
					}

					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='..//upload/photo/202112/080901482.png' WHERE name='logo' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='..//upload/photo/202112/080901482.png' WHERE name='logo_mobile' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='..//upload/photo/202112/011123136.jpg' WHERE name='image' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='..//upload/photo/image/favicon.ico' WHERE name='icon' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='BOSSCMS 网站管理系统' WHERE name='title' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='某某演示站' WHERE name='home_title' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='[\"cms系统\",\"建站系统\",\"建站cms\",\"自助建站\",\"快速建站\",\"云建站\",\"建站模板\",\"saas建站\"]' WHERE name='keywords' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='BOSSCMS是一款开源、轻量、简单好用的网站内容管理系统。' WHERE name='description' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='<a href=\"https://beian.miit.gov.cn/\" title=\"网站备案号\" rel=\"nofollow\" target=\"_blank\">浙ICP备2021037909号-2</a>' WHERE name='miit_beian' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='<a href=\"http://www.beian.gov.cn/portal/registerSystemInfo?recordcode=\" title=\"联网备案号\" rel=\"nofollow\" target=\"_blank\"><img src=\"../upload/photo/image/beian.png\" alt=\"联网备案号\" />浙公网安备 33038202004462号</a>' WHERE name='beian' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='<p>BOSSCMS是一款基于自主研发PHP框架+MySQL架构的内容管理系统,系统开源、安全、稳定、简洁、易开发、专注为中小型企业及政企单位、个人站长、广大开发者、建站公司提供一套简单好用的网站内容管理系统解决方案。严禁使用BOSSCMS建站系统从事任何的非法活动。</p>' WHERE name='foot' AND type='0'");
					
					$content = "<?php\n/*\n * Copyright (c) Huyin Information Technology Co., Ltd. All Rights Reserved.\n * BOSSCMS Content Management System (https://www.bosscms.net/)\n */\nrequire '../index.php';\n?>";
					$result = mysqli_query($link, "SELECT folder FROM {$post['prefix']}items WHERE type!='9'");
					if($result && mysqli_num_rows($result)>0){
						while($row = mysqli_fetch_array($result, MYSQLI_ASSOC)){
							if(preg_match('/^\w+$/',$row['folder'])){
								$dir = '../'.$row['folder'].'/';
								if(!is_dir($dir)){
									mkdir($dir);
								}
								$file = $dir.'index.php';
								if(!is_file($file)){
									touch($file);
									file_put_contents($file, $content);
								}
							}
						}
						mysqli_free_result($result);
					}
				}
				$info = array(
					'host' => $domain,
					'php' => PHP_VERSION,
					'mysql' => isset($ver)?$ver:''
				);
				$ch = curl_init();
				curl_setopt($ch, CURLOPT_URL, 'https://api.bosscms.net/rest/safeguard/');
				curl_setopt($ch, CURLOPT_HEADER, false);
				curl_setopt($ch, CURLOPT_NOBODY, true);
				curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
				curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
				curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
				curl_setopt($ch, CURLOPT_TIMEOUT, 30);
				curl_setopt($ch, CURLOPT_POST, 1);
				curl_setopt($ch, CURLOPT_POSTFIELDS, $info);
				$res = curl_exec($ch);
				curl_close($ch);

				header('Location:./?page=success');
				die();
			}
		}else{
			$error = iconv('gbk','utf-8',mysqli_connect_error());
			if(strstr($error,'using password: YES')){
				$error = '数据库密码错误';
			}
			alert($error);
		}
	}
}
?>
@ Telegram