begin of thinksaas 3.68

Signed-off-by: kevin <kevin@lmve.net>

app/system/about.php

@@ -0,0 +1,17 @@
+<?php
+defined('IN_TS') or die('Access Denied.');
+return array(
+	'name'	=> '系统管理',
+	'version'	=> '1.2',
+	'desc'	=> '管理所有APP',
+	'url' => 'http://www.thinksaas.cn',
+	'email' => 'thinksaas@qq.com',
+	'author' => '邱君',
+	'author_url' => 'http://www.thinksaas.cn',
+	'isoption'	=> '0',
+	'isinstall'	=> '1',
+	'issql' => '1',
+	'issystem'	=> '1',
+	'isappnav'	=> '0',
+    'ismy'=>'0',
+);

app/system/action/anti.php

@@ -0,0 +1,360 @@
+<?php 
+defined('IN_TS') or die('Access Denied.');
+
+
+switch($ts){
+
+	//垃圾词
+	case "word":
+		
+		$arrWord = $new['system']->findAll('anti_word',null,'id desc');
+		
+		include template('anti_word');
+		break;
+		
+	case "worddo":
+
+		$word = tsTrim($_POST['word']);
+		
+		if($word){
+		
+			$isWord = $new['system']->findCount('anti_word',array(
+				'word'=>$word,
+			));
+			
+			if($isWord == 0){
+				$new['system']->create('anti_word',array(
+					'word'=>$word,
+					'addtime'=>date('Y-m-d H:i:s'),
+				));
+				
+				//生成缓存
+				$arrWords = $new['system']->findAll('anti_word');
+				foreach($arrWords as $key=>$item){
+					$arrWord[] = $item['word'];
+				}
+				
+				$strWord = '';
+				$count = 1;
+				if(is_array($arrWord)){
+					foreach ($arrWord as $item) {
+						if ($count==1) {
+							$strWord .= $item;
+						} else {
+							$strWord .= '|'.$item;
+						}
+							$count++;
+					}
+				}
+				
+				fileWrite('system_anti_word.php','data',$strWord);
+				$tsMySqlCache->set('system_anti_word',$strWord);
+				
+				
+			}
+			
+			qiMsg('敏感词添加成功！');
+			
+		}else{
+		
+			qiMsg('敏感词不能为空！');
+			
+		}
+		
+		break;
+
+    case "worddelall":
+
+        $db->query("TRUNCATE ".dbprefix."anti_word");
+
+        //生成缓存
+        $arrWords = $new['system']->findAll('anti_word');
+        foreach($arrWords as $key=>$item){
+            $arrWord[] = $item['word'];
+        }
+
+        $strWord = '';
+        $count = 1;
+        if(is_array($arrWord)){
+            foreach ($arrWord as $item) {
+                if ($count==1) {
+                    $strWord .= $item;
+                } else {
+                    $strWord .= '|'.$item;
+                }
+                $count++;
+            }
+        }
+
+        fileWrite('system_anti_word.php','data',$strWord);
+        $tsMySqlCache->set('system_anti_word',$strWord);
+
+        qiMsg('删除成功！');
+
+        break;
+	
+	case "worddel":
+		$id = tsIntval($_GET['id']);
+		$new['system']->delete('anti_word',array(
+			'id'=>$id,
+		));
+		
+		//生成缓存
+		$arrWords = $new['system']->findAll('anti_word');
+		foreach($arrWords as $key=>$item){
+			$arrWord[] = $item['word'];
+		}
+		
+		$strWord = '';
+		$count = 1;
+		if(is_array($arrWord)){
+			foreach ($arrWord as $item) {
+				if ($count==1) {
+					$strWord .= $item;
+				} else {
+					$strWord .= '|'.$item;
+				}
+				$count++;
+			}
+		}
+		
+		fileWrite('system_anti_word.php','data',$strWord);
+		$tsMySqlCache->set('system_anti_word',$strWord);
+		
+		qiMsg('删除成功！');
+		break;
+
+	case "wordadd":
+
+		include template('anti_wordadd');
+		break;
+
+	case "wordadddo":
+
+		$word = tsTrim($_POST['word']);
+        if($word==''){
+            qiMsg('敏感词必须填写！');
+        }
+        $arrWord = explode(PHP_EOL,$word);
+		foreach($arrWord as $key=>$item){
+			$word = $item;
+			$isWord = $new['system']->findCount('anti_word',array(
+				'word'=>$word,
+			));
+			if($isWord == 0){
+				$new['system']->create('anti_word',array(
+					'word'=>$word,
+					'addtime'=>date('Y-m-d H:i:s'),
+				));
+			}
+		}
+
+		//生成缓存
+		$arrWords = $new['system']->findAll('anti_word');
+		foreach($arrWords as $key=>$item){
+			$arrWord2[] = $item['word'];
+		}
+		
+		$strWord = '';
+		$count = 1;
+		if(is_array($arrWord2)){
+			foreach ($arrWord2 as $item) {
+				if ($count==1) {
+					$strWord .= $item;
+				} else {
+					$strWord .= '|'.$item;
+				}
+					$count++;
+			}
+		}
+		
+		fileWrite('system_anti_word.php','data',$strWord);
+		$tsMySqlCache->set('system_anti_word',$strWord);
+
+		header('Location: '.SITE_URL.'index.php?app=system&ac=anti&ts=word');
+		exit();
+
+		break;
+		
+	//垃圾IP 
+	case "ip":
+		
+		$arrIp = $new['system']->findAll('anti_ip',null,'addtime desc');
+		
+		include template('anti_ip');
+		break;
+		
+	case "ipdo":
+	
+		$ip = tsTrim($_POST['ip']);
+		if($ip){
+		
+			$isIp = $new['system']->findCount('anti_ip',array(
+				'ip'=>$ip,
+			));
+			
+			if($isIp==0){
+			
+				$new['system']->create('anti_ip',array(
+					'ip'=>$ip,
+					'addtime'=>date('Y-m-d H:i:s'),
+				));
+				
+				//生成缓存
+				$arrIps = $new['system']->findAll('anti_ip');
+				foreach($arrIps as $key=>$item){
+					$arrIp[] = $item['ip'];
+				}
+				fileWrite('system_anti_ip.php','data',$arrIp);
+				$tsMySqlCache->set('system_anti_ip',$arrIp);
+			
+			}
+			
+			qiMsg('垃圾IP添加成功！');
+		
+		}else{
+		
+			qiMsg('垃圾IP不能为空！');
+			
+		}
+	
+		break;
+		
+	case "ipdel":
+
+		$id = tsIntval($_GET['id']);
+		$new['system']->delete('anti_ip',array(
+			'id'=>$id,
+		));
+		
+		//生成缓存
+		$arrIps = $new['system']->findAll('anti_ip');
+		foreach($arrIps as $key=>$item){
+			$arrIp[] = $item['ip'];
+		}
+		fileWrite('system_anti_ip.php','data',$arrIp);
+		$tsMySqlCache->set('system_anti_ip',$arrIp);
+		
+		qiMsg('删除成功！');
+	
+		break;
+		
+	//云词 
+	case "cloud":
+		
+		include template('anti_cloud');
+		break;
+
+
+    #内容举报
+    case "report":
+
+        $page = tsIntval($_GET['page'],1);
+        $url = SITE_URL.'index.php?app=system&ac=anti&ts=report&page=';
+        $lstart = $page*20-20;
+        $arrReport = $new['system']->findAll('anti_report',null,'addtime desc',null,$lstart.',20');
+        $reportNum = $new['system']->findCount('anti_report');
+        $pageUrl = pagination($reportNum, 20, $page, $url);
+
+        include template('anti_report');
+        break;
+    #内容举报删除
+    case "reportdelete":
+
+        $reportid = tsIntval($_GET['reportid']);
+
+        $new['system']->delete('anti_report',array(
+           'reportid'=>$reportid,
+        ));
+
+        qiMsg('删除成功！');
+        break;
+
+
+	case "email":
+
+		$page = tsIntval($_GET['page'],1);
+		$url = SITE_URL.'index.php?app=system&ac=anti&ts=email&page=';
+		$lstart = $page*100-100;
+		$arrEmail = $new['system']->findAll('anti_email',null,'addtime desc',null,$lstart.',100');
+		$emailNum = $new['system']->findCount('anti_email');
+		$pageUrl = pagination($emailNum, 100, $page, $url);
+
+		include template('anti_email');
+		break;
+	
+	case "email_add":
+
+		$email = tsTrim($_POST['email']);
+		if($email){
+			
+			$new['system']->replace('anti_email',array(
+				'email'=>$email,
+			),array(
+				'email'=>$email,
+				'addtime'=>date('Y-m-d H:i:s'),
+			));
+			
+			qiMsg('Email添加成功！');
+		
+		}else{
+		
+			qiMsg('Email不能为空！');
+			
+		}
+
+		break;
+
+	case "email_del":
+
+		$id = tsIntval($_GET['id']);
+		$new['system']->delete('anti_email',array(
+			'id'=>$id,
+		));
+		
+		qiMsg('删除成功！');
+
+		break;
+
+	case "phone":
+
+		$arrPhone = $new['system']->findAll('anti_phone',null,'addtime desc');
+
+		include template('anti_phone');
+		break;
+
+	case "phone_add":
+
+		$phone = tsTrim($_POST['phone']);
+		if($phone){
+			
+			$new['system']->replace('anti_phone',array(
+				'phone'=>$phone,
+			),array(
+				'phone'=>$phone,
+				'addtime'=>date('Y-m-d H:i:s'),
+			));
+			
+			qiMsg('Phone添加成功！');
+		
+		}else{
+		
+			qiMsg('Phone不能为空！');
+			
+		}
+
+		break;
+
+	case "phone_del":
+
+		$id = tsIntval($_GET['id']);
+		$new['system']->delete('anti_phone',array(
+			'id'=>$id,
+		));
+		
+		qiMsg('删除成功！');
+
+		break;
+
+		
+}

app/system/action/apps.php

@@ -0,0 +1,244 @@
+<?php
+defined('IN_TS') or die('Access Denied.');
+
+
+switch($ts){
+	//app列表
+	case "list":
+
+        $arrAppNav = $GLOBALS['TS_SITE']['appnav'];
+
+		$applists	= tsScanDir('app');
+		foreach($applists as $key=>$item){
+			if(is_file('app/'.$item.'/about.php')){
+
+                $arrApps[$key]['name'] = $item;
+
+				$arrApps[$key]['about'] = require_once 'app/'.$item.'/about.php';
+
+                if($arrAppNav[$item]){
+                    $arrApps[$key]['about']['name'] = $arrAppNav[$item];
+                }
+
+                if(is_file('app/'.$item.'/icon.png')){
+                    $arrApps[$key]['icon'] = SITE_URL.'app/'.$item.'/icon.png';
+                }else{
+                    $arrApps[$key]['icon'] = SITE_URL.'public/images/app.png';
+                }
+
+			}
+
+
+
+		}
+
+		foreach($arrApps as $item){
+			$arrApp[] = $item;
+		}
+
+		$title = 'APP管理';
+
+		include template("apps");
+		break;
+	
+	//安装APP
+	/*
+	case "install":
+		$appname = tsTrim($_GET['appname']);
+		
+		$appAbout = require_once 'app/'.$appname.'/about.php';
+		
+		$isinstall = $appAbout['isinstall'];
+		$issql = $appAbout['issql'];
+		$issystem = $appAbout['issystem'];
+		
+		
+		if($isinstall == '0'){
+			if($issql == '1'){
+				//安装数据库
+				$sql = file_get_contents('app/'.$appname.'/sql/install.sql');
+				$sql = str_replace('ts_',dbprefix,$sql);
+				$array_sql = preg_split("/;[\r\n]/", $sql);
+				
+				foreach($array_sql as $sql){
+					$sql = tsTrim($sql);
+					if ($sql){
+						if (strstr($sql, 'CREATE TABLE')){
+							preg_match('/CREATE TABLE ([^ ]*)/', $sql, $matches);
+							$ret = $db->query($sql);
+						} else {
+							$ret = $db->query($sql);
+						}
+					}
+				}
+
+			}
+			//更新about.php文件
+			$appAbout['isinstall'] = '1';
+			AppFileWrite($appAbout,$appname,'about.php');
+			
+			echo '1';
+		
+		}elseif($isinstall == '1'){
+		
+			if($issql == '1'){
+				//卸载数据库
+				$sql = file_get_contents('app/'.$appname.'/sql/uninstall.sql');
+				$sql = str_replace('ts_',dbprefix,$sql);
+				$array_sql = preg_split("/;[\r\n]/", $sql);
+				
+				foreach($array_sql as $sql){
+					$sql = tsTrim($sql);
+					if ($sql){
+						$ret = $db->query($sql);
+					}
+				}
+			}
+		
+			$appAbout['isinstall'] = '0';
+			AppFileWrite($appAbout,$appname,'about.php');
+			
+			echo '2';
+			
+		}else{
+			echo '3';
+		}
+		
+		break;
+	*/
+	//导航 
+	case "appnav":
+		$appkey = $_POST['appkey'];
+		$appname = $_POST['appname'];
+		
+		$arrNav = include 'data/system_appnav.php';
+		
+		if(is_array($arrNav)){
+			$arrNav[$appkey] = $appname;
+		}else{
+			$arrNav = array(
+				$appkey=>$appname,
+			);
+		}
+		
+		foreach($arrNav as $key=>$item){
+			
+			if(!is_dir('app/'.$key)){
+				unset($arrNav[$key]);
+			}
+		}
+		
+		fileWrite('system_appnav.php','data',$arrNav);
+		$GLOBALS['tsMySqlCache']->set('system_appnav',$arrNav);
+		
+		echo '1';
+		
+		break;
+		
+	//取消导航 
+	case "unappnav":
+		
+		$appkey = $_POST['appkey'];
+
+		$arrNav = include 'data/system_appnav.php';
+		
+		unset($arrNav[$appkey]);
+		
+		fileWrite('system_appnav.php','data',$arrNav);
+		$GLOBALS['tsMySqlCache']->set('system_appnav',$arrNav);
+		
+		echo '1';
+		
+		break;
+
+    //我的社区导航
+    case "mynav":
+        $appkey = tsTrim($_POST['appkey']);
+        $appname = tsTrim($_POST['appname']);
+
+        $arrMyNav = include 'data/system_mynav.php';
+
+        if(is_array($arrMyNav)){
+            $arrMyNav[$appkey] = $appname;
+        }else{
+            $arrMyNav = array(
+                $appkey=>$appname,
+            );
+        }
+
+        foreach($arrMyNav as $key=>$item){
+            if(!is_dir('app/'.$key)){
+                unset($arrMyNav[$key]);
+            }
+        }
+
+        fileWrite('system_mynav.php','data',$arrMyNav);
+        $GLOBALS['tsMySqlCache']->set('system_mynav',$arrMyNav);
+
+        echo '1';
+        break;
+
+    case "unmynav":
+        $appkey = tsTrim($_POST['appkey']);
+        $arrMyNav = include 'data/system_mynav.php';
+        unset($arrMyNav[$appkey]);
+        fileWrite('system_mynav.php','data',$arrMyNav);
+        $GLOBALS['tsMySqlCache']->set('system_mynav',$arrMyNav);
+        echo '1';
+		break;
+		
+	case "applist":
+
+		$arrAppNav = include 'data/system_appnav.php';
+
+		include template("apps_applist");
+		break;
+
+	case "applistdo":
+
+		$arrAppNav = include 'data/system_appnav.php';
+
+		$jsondata = stripslashes($_POST['jsondata']);
+
+		$arrJson = json_decode($jsondata,true);
+
+		foreach($arrJson as $key=>$item){
+			$arrNav[$item['id']] = $arrAppNav[$item['id']];
+		}
+
+		//print_r($arrNav);
+
+
+		fileWrite('system_appnav.php','data',$arrNav);
+		$GLOBALS['tsMySqlCache']->set('system_appnav',$arrNav);
+
+
+		break;
+
+	case "mylist":
+
+		$arrMyNav = include 'data/system_mynav.php';
+
+
+		include template("apps_mylist");
+		break;
+
+
+	case "mylistdo":
+
+		$arrMyNav = include 'data/system_mynav.php';
+
+		$jsondata = stripslashes($_POST['jsondata']);
+
+		$arrJson = json_decode($jsondata,true);
+
+		foreach($arrJson as $key=>$item){
+			$arrNav[$item['id']] = $arrMyNav[$item['id']];
+		}
+
+		fileWrite('system_mynav.php','data',$arrNav);
+		$GLOBALS['tsMySqlCache']->set('system_mynav',$arrNav);
+
+		break;
+		
+}

app/system/action/cache.php

@@ -0,0 +1,45 @@
+<?php 
+defined('IN_TS') or die('Access Denied.');
+
+
+
+switch($ts){
+	case "":
+		
+		include template('cache');
+		break;
+	
+	//删除全部
+	case "delall":
+		rmrf('cache/template');
+		rmrf('cache/user');
+		rmrf('cache/group');
+		rmrf('cache/lang');
+		qiMsg('缓存清除完毕！');
+		break;
+		
+	//删除temp
+	case "deltemp":
+		rmrf('cache/template');
+		qiMsg('缓存清除完毕！');
+		break;
+	
+	//删除group
+	case "delgroup":
+		rmrf('cache/group');
+		qiMsg('缓存清除完毕！');
+		break;
+		
+	//删除user
+	case "deluser":
+		rmrf('cache/user');
+		qiMsg('缓存清除完毕！');
+		break;
+		
+	//删除语言包
+	case "dellang":
+		rmrf('cache/lang');
+		qiMsg('缓存清除完毕！');
+		break;
+		
+}

app/system/action/do.php

@@ -0,0 +1,45 @@
+<?php
+defined('IN_TS') or die('Access Denied.');
+
+
+
+switch($ts){
+	case "options":
+	
+		$arrData = array(
+			'site_title' => tsTrim($_POST['site_title']),
+			'site_subtitle' => tsTrim($_POST['site_subtitle']),
+			'site_key' => tsTrim($_POST['site_key']),
+			'site_desc' => tsTrim($_POST['site_desc']),
+			'site_url' => tsTrim($_POST['site_url']),
+			'site_email' => tsTrim($_POST['site_email']),
+			'site_icp' => tsTrim($_POST['site_icp']),
+			'isface'	=> tsIntval($_POST['isface']),
+			'isinvite'=> tsIntval($_POST['isinvite']),
+			'isgzip'	=> tsIntval($_POST['isgzip']),
+			'timezone'	=> $_POST['timezone'],
+			'isverify'=>tsIntval($_POST['isverify']),
+		);
+	
+		foreach ($arrData as $key => $val){
+
+			$new['system']->update('system_options',array(
+				'optionname'=>$key,
+			),array(
+				'optionvalue'=>$val,
+			));
+			
+		}
+		
+		$arrOptions = $new['system']->findAll('system_options',null,null,'optionname,optionvalue');
+		foreach($arrOptions as $item){
+				$arrOption[$item['optionname']] = $item['optionvalue'];
+		}
+		
+		fileWrite('system_options.php','data',$arrOption);
+		$tsMySqlCache->set('system_options',$arrOption);
+		
+		qiMsg("系统选项更新成功，并重置了缓存文件^_^");
+		
+		break;
+}

app/system/action/editor.php

@@ -0,0 +1,44 @@
+<?php 
+defined('IN_TS') or die('Access Denied.');
+
+switch($ts){
+
+    case "list":
+
+        $page = tsIntval($_GET['page'],1);
+		$url = SITE_URL.'index.php?app=system&ac=editor&ts=list&page=';
+		$lstart = $page*20-20;
+		$arrEditor = $new['system']->findAll('editor',null,'addtime desc',null,$lstart.',20');
+		
+		$editorNum = $new['system']->findCount('editor');
+		$pageUrl = pagination($editorNum, 20, $page, $url);
+		
+		include template('editor_list');
+
+    break;
+
+    case "delete":
+
+        $id = tsIntval($_GET['id']);
+
+        $strEditor = $new['system']->find('editor',array(
+            'id'=>$id,
+        ));
+
+        if($strEditor['url']){
+            if($GLOBALS['TS_SITE']['file_upload_type']==1){
+                deleteAliOssFile('uploadfile/editor/'.$strEditor['url']);
+            }else{
+                unlink('uploadfile/editor/'.$strEditor['url']); 
+            }
+        }
+
+        $new['system']->delete('editor',array(
+            'id'=>$id,
+        ));
+
+        qiMsg('删除成功！');
+
+    break;
+
+}

app/system/action/index.php

@@ -0,0 +1,5 @@
+<?php
+defined('IN_TS') or die('Access Denied.');
+
+$title = '管理后台';
+include template("admincp");

app/system/action/login.php

@@ -0,0 +1,49 @@
+<?php
+defined('IN_TS') or die('Access Denied.');
+//登录
+switch($ts){
+	case "":
+		$title = '登录后台';
+		include template("login");
+		break;
+		
+	case "do":
+		
+		$email = tsTrim($_POST['email']);
+		$pwd = tsTrim($_POST['pwd']);
+		$cktime = $_POST['cktime'];
+		
+		if($email=='' || $pwd=='') qiMsg("所有输入项都不能为空^_^");
+		
+		$countAdmin = $new['system']->findCount('user',array(
+			'email'=>$email,
+		));
+		
+		if($countAdmin == 0) qiMsg('用户Email不存在！');
+		
+		$strAdmin = $new['system']->find('user',array(
+			'email'=>$email,
+		));
+			
+		if(md5($strAdmin['salt'].$pwd)!==$strAdmin['pwd']) tsNotice('用户密码错误！');
+		
+		$strAdminInfo = $new['system']->find('user_info',array(
+			'email'=>$email,
+		),'userid,username,isadmin');
+		
+		if($strAdminInfo['isadmin'] != 1) qiMsg("你无权登录后台管理！");
+		
+		$_SESSION['tsadmin'] = $strAdminInfo;
+		
+		header("Location: ".SITE_URL."index.php?app=system");
+		
+		break;
+		
+	//退出 
+	case "out":
+		unset($_SESSION['tsadmin']);
+		
+		header("Location: ".SITE_URL."index.php?app=system&ac=login");
+		
+		break;
+}

app/system/action/logo.php

@@ -0,0 +1,45 @@
+<?php
+defined('IN_TS') or die('Access Denied.');
+
+
+
+$dest_dir = 'uploadfile/logo';
+
+createFolders ( $dest_dir );
+
+$arrType = explode ( '.', strtolower ( $_FILES ['filedata'] ['name'] ) ); // 转小写一下
+
+$type = array_pop ( $arrType );
+
+if (in_array ( $type, array('jpg','jpeg','gif','png') )) {
+	
+	$name =  'logo.' . $type;
+	
+	$dest = $dest_dir . '/' . $name;
+	
+	// 先删除
+	unlink ( $dest );
+	// 后上传
+	move_uploaded_file ( $_FILES ['filedata'] ['tmp_name'], mb_convert_encoding ( $dest, "gb2312", "UTF-8" ) );
+	
+	chmod ( $dest, 0777 );
+	
+	$new['system']->delete('system_options',array(
+		'optionname'=>'logo',
+	));
+	$new['system']->create('system_options',array(
+		'optionname'=>'logo',
+		'optionvalue'=>$name.'?v='.time(),
+	));
+	
+	$arrOptions = $new['system']->findAll('system_options',null,null,'optionname,optionvalue');
+	foreach($arrOptions as $item){
+		$arrOption[$item['optionname']] = $item['optionvalue'];
+	}
+	
+	fileWrite('system_options.php','data',$arrOption);
+	$tsMySqlCache->set('system_options',$arrOption);
+	
+	echo SITE_URL.$dest.'?v='.rand();
+	
+}

app/system/action/logs.php

@@ -0,0 +1,52 @@
+<?php 
+defined('IN_TS') or die('Access Denied.');
+
+switch($ts){
+
+    case "list":
+
+        $page = tsIntval($_GET['page'],1);
+		$url = SITE_URL.'index.php?app=system&ac=logs&ts=list&page=';
+		$lstart = $page*20-20;
+		$arrLogs = $new['system']->findAll('logs',null,'addtime desc',null,$lstart.',20');
+		
+		$logsNum = $new['system']->findCount('logs');
+		$pageUrl = pagination($logsNum, 20, $page, $url);
+		
+		include template('logs_list');
+
+    break;
+
+    case "show":
+
+        $logid = tsIntval($_GET['logid']);
+
+        $strLog = $new['system']->find('logs',array(
+            'logid'=>$logid,
+        ));
+
+        include template('logs_show');
+
+    break;
+
+    case "delete":
+
+        $logid = tsIntval($_GET['logid']);
+
+        $new['system']->delete('logs',array(
+            'logid'=>$logid,
+        ));
+
+        qiMsg('删除成功！');
+        
+    break;
+
+    case "clean":
+        
+        $db->query("TRUNCATE `".dbprefix."logs`;");
+
+        qiMsg('操作成功！');
+
+    break;
+
+}

app/system/action/main.php

@@ -0,0 +1,24 @@
+<?php
+defined('IN_TS') or die('Access Denied.');
+
+
+$os = explode(" ", php_uname());
+if(!function_exists("gd_info")){$gd = '不支持,无法处理图像';}
+if(function_exists("gd_info")) {  $gd = gd_info();  $gd = $gd["GD Version"];  $gd ? '&nbsp; 版本：'.$gd : '';}
+
+				  
+$systemInfo = array(
+	'server'	=> $_SERVER['SERVER_SOFTWARE'],
+	'phpos'	=> PHP_OS,
+	'phpversion'	=> PHP_VERSION,
+	'mysql'	=> $db->getMysqlVersion(),
+	'os' =>$os[0] .''.$os[1].' '.$os[3],
+	'gd'=>$gd,
+	'upload' =>'表单允许 (post_max_size) '.ini_get('post_max_size').',上传总大小 (upload_max_filesize) '.ini_get('upload_max_filesize'),
+	'memory'=> 'memory_limit '.ini_get('memory_limit'),
+);
+
+//获取域名
+#$theAuthUrl = GetUrlToDomain($_SERVER['HTTP_HOST']);
+
+include template("main");

app/system/action/options.php

@@ -0,0 +1,93 @@
+<?php
+defined('IN_TS') or die('Access Denied.');
+
+
+switch($ts){
+
+	case "":
+		
+		$arrOptions = $new['system']->findAll('system_options');
+
+		foreach($arrOptions as $item){
+			$strOption[$item['optionname']] = stripslashes($item['optionvalue']);
+		}
+
+		//时区和语言
+		$arrTime = getArrTimezone();
+		
+		$arrTheme	= tsScanDir('theme');
+
+		include template("options");
+	
+		break;
+		
+	//保存配置
+	
+	case "do":
+	
+		$strLogo = $new['system']->find('system_options',array(
+			'optionname'=>'logo',
+		));
+	
+		//先清空数据 
+		$db->query("TRUNCATE TABLE `".dbprefix."system_options`");
+	
+		foreach($_POST['option'] as $key=>$item){
+			
+			$optionname = $key;
+			$optionvalue = tsTrim($item);
+			
+			$new['system']->create('system_options',array(
+			
+				'optionname'=>$optionname,
+				'optionvalue'=>$optionvalue,
+			
+			));
+		
+		}
+		
+		$new['system']->create('system_options',array(
+			'optionname'=>'logo',
+			'optionvalue'=>$strLogo['optionvalue'],
+		));
+	
+		
+		$arrOptions = $new['system']->findAll('system_options',null,null,'optionname,optionvalue');
+		foreach($arrOptions as $item){
+			$arrOption[$item['optionname']] = $item['optionvalue'];
+		}
+		
+		fileWrite('system_options.php','data',$arrOption);
+		$tsMySqlCache->set('system_options',$arrOption);
+		
+		
+		//生成伪静态文件
+		if($_POST['option']['site_urltype'] == 3 || $_POST['option']['site_urltype'] == 4 || $_POST['option']['site_urltype'] == 5 || $_POST['option']['site_urltype'] == 6 || $_POST['option']['site_urltype'] == 7){
+		
+			$scriptName = explode('index.php',$_SERVER['SCRIPT_NAME']);
+			
+			//生成.htaccess文件
+			$fp =  fopen(THINKROOT.'/.htaccess','w');
+			
+			if(!is_writable(THINKROOT.'/.htaccess')) qiMsg("文件(.htaccess)不可写。如果您使用的是Unix/Linux主机，请修改该文件的权限为777。如果您使用的是Windows主机，请联系管理员，将此文件设为everyone可写");
+			$htaccess = "RewriteEngine On\n"
+					."RewriteBase ".$scriptName[0]."\n"
+					."RewriteRule ^index\.php$ - [L]\n"
+					."RewriteCond %{REQUEST_FILENAME} !-f\n"
+					."RewriteCond %{REQUEST_FILENAME} !-d\n"
+					."RewriteRule . ".$scriptName[0]."index.php [L]\n"
+					."RewriteCond %{REQUEST_METHOD} ^TRACE\n"
+					."RewriteRule .* - [F]";
+			
+			$fw =  fwrite($fp,$htaccess);
+			
+		}
+		
+		//更新皮肤
+		setcookie('tsTheme',$_POST['option']['site_theme']);
+		
+		qiMsg("系统选项更新成功，并重置了缓存文件^_^");
+	
+		break;
+
+}

app/system/action/phpinfo.php

@@ -0,0 +1,10 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: Administrator
+ * Date: 2018/9/19
+ * Time: 17:14
+ */
+defined('IN_TS') or die('Access Denied.');
+
+phpinfo();

app/system/action/plugin.php

@@ -0,0 +1,114 @@
+<?php 
+defined('IN_TS') or die('Access Denied.');
+switch($ts){
+	//插件列表
+	case "list":
+	
+		$arrApps = tsScanDir('plugins');
+
+		foreach($arrApps as $key=>$item){
+		    $arrAppsAbout[$item] = fileRead('app/'.$item.'/about.php');
+        }
+
+
+        //print_r($arrAppsAbout);
+
+	
+		$apps = tsFilter($_GET['apps']);
+
+		$hook = tsTrim($_GET['hook']);
+
+
+		$arrPlugins = tsScanDir('plugins/'.$apps);
+	
+		foreach($arrPlugins as $key=>$item){
+			if(is_file('plugins/'.$apps.'/'.$item.'/about.php')){
+				$arrPlugin1[$key]['name'] = $item;
+				$arrPlugin1[$key]['about'] = require_once 'plugins/'.$apps.'/'.$item.'/about.php';
+			}
+		}
+
+		if($arrPlugin1 && $hook){
+		    foreach($arrPlugin1 as $key=>$item){
+                if($item['about']['hook']==$hook){
+                    $arrPlugin[] = $item;
+                }
+            }
+        }else{
+		    $arrPlugin = $arrPlugin1;
+        }
+		
+		$app_plugins = fileRead('data/'.$apps.'_plugins.php');
+
+		if($app_plugins==''){
+			$app_plugins = $tsMySqlCache->get($apps.'_plugins');
+		}
+		
+		include template("plugin_list");
+		break;
+	
+	//插件停启用
+	case "do":
+	
+		$apps = tsFilter($_GET['apps']);
+		
+		$isused =  tsIntval($_GET['isused']);
+		$pname = tsFilter($_GET['pname']);
+		
+		$app_plugins = fileRead('data/'.$apps.'_plugins.php');
+		if($app_plugins==''){
+			$app_plugins = $tsMySqlCache->get($apps.'_plugins');
+		}
+
+		
+		//0停用1启用
+		if($isused == '0'){
+		
+			$pkey = array_search($pname,$app_plugins);
+			unset($app_plugins[$pkey]);
+
+			fileWrite($apps.'_plugins.php','data',$app_plugins);
+			$tsMySqlCache->set($apps.'_plugins',$app_plugins);
+			
+			qiMsg("插件停用成功！");
+			
+		}elseif($isused == '1'){
+
+            $pkey = array_search($pname,$app_plugins);
+            unset($app_plugins[$pkey]);
+		
+			array_push($app_plugins,$pname);
+
+			if(file_exists('plugins/'.$apps.'/'.$pname.'/install.sql')){
+				$sql=file_get_contents('plugins/'.$apps.'/'.$pname.'/install.sql');
+				$sql=str_replace('ts_',''.dbprefix.'',$sql);
+				$ret=$db->query($sql);
+				 if($ret=='1')
+				 {
+					fileWrite($apps.'_plugins.php','data',$app_plugins);
+					$tsMySqlCache->set($apps.'_plugins',$app_plugins);
+					$msg='插件启用成功！';
+				 }else{
+					 $msg=$ret;
+					 }
+				}else{
+					fileWrite($apps.'_plugins.php','data',$app_plugins);
+					$tsMySqlCache->set($apps.'_plugins',$app_plugins);
+					$msg='插件启用成功！';
+				}
+			
+			qiMsg($msg);
+		
+		}
+		break;
+		
+	//删除插件
+	case "delete":
+		$apps = tsUrlCheck($_GET['apps']);
+		$pname = tsUrlCheck($_GET['pname']);
+		
+		delDir('plugins/'.$apps.'/'.$pname);
+		
+		qiMsg('删除成功！');
+		break;
+}

app/system/action/redis.php

@@ -0,0 +1,16 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: Administrator
+ * Date: 2019/5/7
+ * Time: 14:42
+ */
+defined('IN_TS') or die('Access Denied.');
+
+//实例化redis
+$redis = new Redis();
+//连接
+$redis->connect($TS_CF['redis']['host'], $TS_CF['redis']['port']);
+//检测是否连接成功
+echo "Server is running: " . $redis->ping();
+// 输出结果 Server is running: +PONG

app/system/action/spam.php

@@ -0,0 +1,61 @@
+<?php  
+defined('IN_TS') or die('Access Denied.');
+
+
+
+switch($ts){
+
+	case "":
+		$title = '反垃圾';
+		include template('spam');
+		break;
+		
+	case "get":
+		
+		$api = file_get_contents('https://www.thinksaas.cn/index.php?app=service&ac=spam&ts=api');
+		
+		$arrSpam = json_decode($api,true);
+		
+		foreach($arrSpam as $key=>$item){
+		
+			$isword = $new['system']->findCount('anti_word',array(
+				'word'=>$item,
+			));
+			
+			if($isword==0){
+				$new['system']->create('anti_word',array(
+					'word'=>$item,
+					'addtime'=>date('Y-m-d H:i:s'),
+				));
+			}
+		
+		}
+		
+		//生成缓存
+		$arrWords = $new['system']->findAll('anti_word');
+		foreach($arrWords as $key=>$item){
+			$arrWord[] = $item['word'];
+		}
+		
+		$strWord = '';
+		$count = 1;
+		if(is_array($arrWord)){
+			foreach ($arrWord as $item) {
+				if ($count==1) {
+					$strWord .= $item;
+				} else {
+					$strWord .= '|'.$item;
+				}
+					$count++;
+			}
+		}
+		
+		fileWrite('system_anti_word.php','data',$strWord);
+		$tsMySqlCache->set('system_anti_word',$strWord);
+		
+		
+		header('Location: '.SITE_URL.'index.php?app=system&ac=anti&ts=word');
+		
+		break;
+
+}

app/system/action/sql.php

@@ -0,0 +1,6 @@
+<?php 
+defined('IN_TS') or die('Access Denied.');
+
+
+
+include template('sql');

app/system/action/test.php

@@ -0,0 +1,25 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: Administrator
+ * Date: 2018/9/19
+ * Time: 17:14
+ */
+defined('IN_TS') or die('Access Denied.');
+
+switch($ts){
+
+    case "":
+
+
+        include template('test');
+        break;
+
+
+    case "do":
+
+        print_r($_FILES['file']);
+
+        break;
+
+}

app/system/action/update.php

@@ -0,0 +1,209 @@
+<?php 
+defined('IN_TS') or die('Access Denied.');
+function file_list($path){
+    if ($handle = opendir($path)){
+        while (false !== ($file = readdir($handle))){
+            if ($file != "." && $file != ".."){
+                if (is_dir($path."/".$file)){
+                    file_list($path."/".$file);
+                }else{
+					$upfile = $path."/".$file;
+					$nfile = substr($path.'/'.$file,13);
+					$npath = substr($path,13);
+
+					if(abcefile($npath)==='1'){
+					    #return $npath;
+					    getJson($npath.'目录没有可写权限，linux请给755权限',1,0);
+                    }
+
+					if(is_file($nfile)){
+
+                        if(copy($upfile,$nfile)===false){
+                            getJson('升级文件覆盖失败',1,0);
+                        }
+					
+					}else{
+						if(copy($upfile,$nfile)===false){
+                            getJson('升级文件覆盖失败',1,0);
+						}
+					}
+                }
+            }
+        }
+    }
+}
+function abcefile($path){
+    if ($handle = opendir($path)){
+        while (false !== ($file = readdir($handle))){
+            if ($file != "." && $file != ".."){
+                if (is_dir($path."/".$file)){
+                    abcefile($path."/".$file);
+                }else{
+					$upfile = $path."/".$file;
+					//如果文件存在
+					if(is_file($upfile)){
+						//检测文件是否可写
+						if(is_writable($upfile)==false){
+							return '1';exit;//不可写就停止并返回1
+						}
+					}
+					
+                }
+            }
+        }
+    }
+}
+
+
+switch($ts){
+	
+	case "":
+		include template('update');
+		break;
+		
+ 	case "iswritable":
+	
+        $msg = '';
+
+        #检测php必要函数
+        if(function_exists('opendir')==false) $msg .= 'opendir函数不可用<br />';#opendir
+        if(function_exists('readdir')==false) $msg .= 'readdir函数不可用<br />';#readdir
+        if(function_exists('copy')==false) $msg .= 'copy函数不可用<br />';#copy
+
+        #检查php必要扩展
+        if(extension_loaded('Fileinfo')==false) $msg .= 'Fileinfo扩展不可用<br />';#Fileinfo
+
+        #检测upgrade目录是否可写
+		if(abcefile('upgrade')) $msg .= 'upgrade目录不可写<br />';
+
+
+		echo $msg;
+
+
+		break;
+
+    //手动升级检测
+    case "hand":
+
+        $upid = tsIntval($_GET['upid']);
+
+        include template('update_hand');
+        break;
+
+		
+	//第一步检测可写权限
+	case "one":
+		
+		include template('update_one');
+		break;
+		
+	//第二步，升级数据库
+	case "two":
+		
+		include template('update_two');
+		break;
+		
+	case "twodo":
+		
+		$upsql = tsTrim($_POST['upsql']);
+
+		if($upsql){
+		
+			$arrSql = explode('--------------------',$upsql);
+			foreach($arrSql as $item){
+				$item = tsTrim($item);
+				if ($item){
+					$db->query($item);
+				}
+			}
+			
+			//执行成功
+			echo '1';exit;
+		
+		}else{
+		
+			//无SQL可执行
+			echo '0';exit;
+		
+		}
+		
+		//echo '1';exit;
+		
+		break;
+		
+	//第三部，升级系统文件
+	case "three":
+	
+		include template('update_three');
+		break;
+		
+	case "threedo":
+
+		$upversion = tsTrim($_GET['upversion']);
+
+		if($upversion==''){
+		    getJson('版本号有问题',1,0);
+        }
+
+		$filezip = $upversion.'.zip';
+
+		//先删除旧的zip升级文件
+		unlink('upgrade/'.$filezip);
+        delDir('upgrade/'.$upversion);
+
+		//拼接出要下载的远程文件
+		$upfile = 'https://www.thinksaas.cn/upgrade/'.$filezip;
+		
+		//第一步：多线程下载zip压缩文件
+		$urls=array(
+			$upfile,
+			$upfile,
+			$upfile,
+		);
+		$save_to='upgrade/';
+
+		$mh=curl_multi_init();
+		foreach($urls as $i=>$url){
+			//$g=$save_to.basename($url);
+			$g = $save_to.$filezip;
+			if(!is_file($g)){
+				$conn[$i]=curl_init($url);
+				$fp[$i]=fopen($g,"w");
+				curl_setopt($conn[$i],CURLOPT_USERAGENT,"Mozilla/4.0(compatible; MSIE 7.0; Windows NT 6.0)");
+				curl_setopt($conn[$i],CURLOPT_FILE,$fp[$i]);
+				curl_setopt($conn[$i],CURLOPT_HEADER ,0);
+				curl_setopt($conn[$i],CURLOPT_CONNECTTIMEOUT,60);
+				curl_multi_add_handle($mh,$conn[$i]);
+			}
+		}
+		do{
+			$n=curl_multi_exec($mh,$active);
+		}while($active);
+		foreach($urls as $i=>$url){
+			curl_multi_remove_handle($mh,$conn[$i]);
+			curl_close($conn[$i]);
+			fclose($fp[$i]);
+		}
+		curl_multi_close($mh);
+
+		chmod('upgrade/'.$filezip,0755);
+		
+		//第二步：下载完之后开始解压覆盖原有文件
+		include 'thinksaas/pclzip.lib.php';
+		$archive = new PclZip('upgrade/'.$filezip);
+		if ($archive->extract(PCLZIP_OPT_PATH, 'upgrade/'.$upversion,PCLZIP_OPT_REPLACE_NEWER) == 0) {
+            getJson('升级包解压失败',1,0);
+			
+		}else{
+			unlink('upgrade/'.$filezip);
+		}
+
+		//直接循环覆盖吧
+		file_list('upgrade/'.$upversion);
+		
+		//删除目录
+        delDir('upgrade/'.$upversion);
+
+        getJson('升级成功',1,1);
+		break;
+}

app/system/class.system.php

@@ -0,0 +1,187 @@
+<?php
+defined('IN_TS') or die('Access Denied.');
+
+class system extends tsApp{
+
+	//构造函数
+	public function __construct($db){
+		
+        $tsAppDb = array();
+		include 'app/system/config.php';
+		
+		//判断APP是否采用独立数据库
+		if($tsAppDb){
+			$db = new MySql($tsAppDb);
+		}
+		
+		parent::__construct($db);
+	}
+	
+	/**
+	 * 垃圾词过滤
+	 * 返回true:存在垃圾词
+	 * 返回false:不存在垃圾词
+	 */
+	public function antiWord($text,$js=0,$re=0){
+		
+		//先干掉所有空格，不管你是所有空格+全角空格
+		$text =preg_replace("/\s|　/","",$text);
+	
+		$arrWords = $this->findAll('anti_word');
+		foreach($arrWords as $key=>$item){
+			$arrWord[] = $item['word'];
+		}
+		
+		$strWord = '';
+		$count = 1;
+		if(is_array($arrWord)){
+			foreach ($arrWord as $item) {
+				if ($count==1) {
+					$strWord .= $item;
+				} else {
+					$strWord .= '|'.$item;
+				}
+					$count++;
+			}
+			
+			//第一过滤层，大致的扫一下
+			if($text){
+				preg_match("/$strWord/i",$text, $matche1);
+				if(!empty($matche1[0])){
+					//tsNotice('提示：内容中存在被禁止使用的词汇：'.$matche1[0]);
+                    if($re==1){
+                        return false;exit;
+                    }else{
+                        getJson('非法操作',$js,0);
+                    }
+
+				}
+			}
+			
+			//第二过滤层
+			preg_match("/$strWord/i",t($text), $matche2);
+			if(!empty($matche2[0])){
+				//tsNotice('内容中存在被禁止使用的词汇：'.$matche2[0]);
+                if($re==1){
+                    return false;exit;
+                }else{
+                    getJson('非法操作',$js,0);
+                }
+			}
+			
+			//第三过滤层，滤中文中的特殊字符
+			$text3 = @preg_replace("/[^\x{4e00}-\x{9fa5}]/iu",'',$text);
+			preg_match("/$strWord/i",t($text3), $matche3);
+			if(!empty($matche3[0])){
+				//tsNotice('内容中存在被禁止使用的词汇：'.$matche3[0]);
+                if($re==1){
+                    return false;exit;
+                }else{
+                    getJson('非法操作',$js,0);
+                }
+			}
+			
+			//第四过滤层，过滤QQ号，电话，妈的，老子就不信搞不死你
+			$text4 = @preg_replace("/[^\d]/iu",'',$text);
+			preg_match("/$strWord/i",t($text4), $matche4);
+			if(!empty($matche4[0])){
+				//tsNotice('内容中存在被禁止使用的词汇：'.$matche4[0]);
+                if($re==1){
+                    return false;exit;
+                }else{
+                    getJson('非法操作',$js,0);
+                }
+			}
+			
+		}
+		
+		return true;exit;
+		
+	}
+	
+	//过滤用户ID
+	function antiUser(){
+		$arrUsers = $this->findAll('anti_user');
+		foreach($arrUsers as $key=>$item){
+			$arrUser[] = $item['userid'];
+		}
+		return $arrUser;
+	}
+	
+	//过滤用户ip
+	function antiIp(){
+		$arrIps = $this->findAll('anti_ip');
+		foreach($arrIps as $key=>$item){
+			$arrIp[] = $item['ip'];
+		}
+		return $arrIp;
+	}
+	
+	//APP OPTION 配置APP文件缓存
+	function appOption($app,$option){
+		//先清空数据 
+		$db->query("TRUNCATE TABLE `".dbprefix.$app."_options`");
+	
+		foreach($option as $key=>$item){
+			
+			$optionname = $key;
+			$optionvalue = tsTrim($item);
+			
+			$this->create($app.'_options',array(
+			
+				'optionname'=>$optionname,
+				'optionvalue'=>$optionvalue,
+			
+			));
+		
+		}
+		
+		$arrOptions = $this->findAll($app.'_options',null,null,'optionname,optionvalue');
+		foreach($arrOptions as $item){
+			$arrOption[$item['optionname']] = $item['optionvalue'];
+		}
+		
+		fileWrite($app.'_options.php','data',$arrOption);
+		$tsMySqlCache->set($app.'_options',$arrOption);
+	}
+	
+
+	function searchDir($path,&$data){ 
+		if(is_dir($path)){ 
+			$dp=dir($path); 
+			while($file=$dp->read()){ 
+				if($file!='.'&& $file!='..'){ 
+					$this->searchDir($path.'/'.$file,$data); 
+				} 
+			} 
+			$dp->close(); 
+		} 
+		if(is_file($path)){ 
+			$data[]=$path; 
+		} 
+	} 
+	 
+	function getfile($dir){ 
+		$data=array(); 
+		$this->searchDir($dir,$data); 
+		return $data; 
+	}
+
+    /**
+     * 发布内容开放时间
+     */
+	public function pubTime(){
+	    if($GLOBALS['TS_SITE']['pubtime']){
+	        $arrHour = explode('|',$GLOBALS['TS_SITE']['pubtime']);
+	        $hour = date('H');
+	        if(in_array($hour,$arrHour)){
+	            return true;
+            }else{
+	            return false;
+            }
+        }else{
+            return true;
+        }
+    }
+
+}

app/system/config.php

@@ -0,0 +1,6 @@
+<?php
+defined('IN_TS') or die('Access Denied.');
+
+$skin = 'default';
+
+$TS_APP['appname']	= '管理'; 

app/system/html/admincp.html

@@ -0,0 +1,93 @@
+<!-- Put IE into quirks mode -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>{$title} - {$TS_SITE['site_title']}</title>
+
+<link rel="stylesheet" href="{SITE_URL}public/bootstrap/css/bootstrap.min.css">
+<link rel="stylesheet" href="{SITE_URL}public/bootstrap-icons/bootstrap-icons.css">
+
+<style type="text/css">
+html {height:100%;max-height:100%;padding:0;margin:0;border:0;background:#fff;font-size:12px;font-family:Arial;
+/* hide overflow:hidden from IE5/Mac */
+/* \*/
+overflow: hidden;
+/* */
+}
+
+body{height:100%;max-height:100%;overflow:hidden;padding:0;margin:0; border:0;}
+
+.midder{overflow:hidden; position:absolute; z-index:3; top:75px; width:100%;bottom:60px;}
+
+*html .midder {top:0; height:100%; max-height:100%; width:100%; overflow:auto;position:absolute; z-index:3;border-bottom:60px solid #fff;padding-top:60px;}
+
+.header{position:absolute;margin:0;top:0;display:block;width:100%;background:#3A81C0;background-position:0 0; background-repeat:no-repeat;z-index:5;overflow:hidden;box-shadow: 0px 1px 5px #ddd;}
+.header .logo{float:left;padding-top:20px;padding-left: 10px;}
+
+.header .right{margin-left:200px;overflow:hidden;}
+
+
+.header .menu{overflow:hidden;padding-right:20px;}
+.header .menu a{float:left;color:#FFFFFF;font-size:16px;text-align:center;padding:10px 20px;font-weight: bold;}
+.header .menu .on{background:#FFFFFF;color:#3A81C0;}
+
+
+
+.header .user{padding:6px;font-size:12px;text-align:right;color:#FFFFFF;margin:0px 20px 0 0;}
+.header .user a{color:#FFFFFF;margin-left:20px;}
+
+.footer{position:absolute; margin:0;bottom:0;display:block;width:100%;height:50px;line-height:50px;font-size:1em;z-index:5;overflow:hidden;text-align:center;background:#F0F0F0;color:#999999;}
+
+a {color:#336699;text-decoration:none;}
+img{border:none;}
+</style>
+<script src="{SITE_URL}public/js/jquery.min.js" type="text/javascript"></script>
+<script>
+$(function(){
+   $(".menu a").click(function(){
+		var index = $(this).index();
+	   $(this).addClass("on").siblings().removeClass("on");
+	})
+})
+</script>
+
+
+</head>
+<body>
+<div class="header">
+<div class="logo"><a href="index.php?app=system"><img src="app/{$app}/skin/logo.png" alt="ThinkSAAS社区管理" width="177" /></a></div>
+
+<div class="right">
+
+<div class="user">
+欢迎您，<i class="bi bi-person-circle"></i> {$TS_USER[username]}
+<a href="index.php" target="_blank"><i class="bi bi-house"></i> 回前台</a>
+<a href="index.php?app=user&ac=logout"><i class="bi bi-box-arrow-right"></i> 退出</a>
+</div>
+
+
+<div class="menu">
+<a class="on" href="index.php?app=system&ac=main"  target="main"><i class="bi bi-house-door"></i> 首页</a>
+<a href="index.php?app=system&ac=options"  target="main"><i class="bi bi-gear"></i> 系统管理</a>
+<a href="index.php?app=system&ac=apps&ts=list"  target="main"><i class="bi bi-grid"></i> 应用管理</a>
+<a href="index.php?app=system&ac=plugin&ts=list&apps=pubs"  target="main"><i class="bi bi-sliders"></i> 插件管理</a>
+<a href="index.php?app=system&ac=anti&ts=word"  target="main"><i class="bi bi-shield-shaded"></i> 安全中心</a>
+<a href="index.php?app=system&ac=update"  target="main"><i class="bi bi-cloud-arrow-up"></i> 系统升级</a>
+
+</div>
+
+
+</div>
+
+</div>
+
+<div class="footer">
+Copyright (C) {$TS_CF['info']['year']}-{php echo date('Y')} <a href="{$TS_CF['info']['url']}">{$TS_CF['info']['name']} {$TS_CF['info']['version']}</a>
+</div>
+
+<div class="midder">
+<iframe src="index.php?app=system&ac=main" id="main" name="main" width="100%" height="100%" frameborder="0" scrolling="yes" style="overflow: visible;margin:0;padding:0;"></iframe>
+</div>
+</body>
+</html>

app/system/html/anti_cloud.html

@@ -0,0 +1,48 @@
+{php include pubTemplate("header_admin")}
+
+<!--main-->
+<div class="midder">
+{template anti_menu}
+
+
+<div>
+
+<h6>远程提交敏感词语</h6>
+<p>如果你发现有敏感词语，请通过下面输入远程提交给ThinkSAAS，我们将建立强大的敏感词云存储库。</p>
+<table class="table table-hover">
+    <tbody class="fs12">
+<tr>
+<td width="100">敏感词：</td><td>
+
+<input id="spamword" type="text" name="word" /> 
+<input type="button" value="提交" onclick="postword();" />
+
+</td>
+</tr>
+
+<tr><td>其他操作：</td><td><a href="{SITE_URL}index.php?app=system&ac=spam&ts=get">一键更新云敏感词库到本地>></a></td></tr>
+    </tbody>
+</table>
+
+</div>
+
+
+</div>
+<script>var siteUrl = '{SITE_URL}';</script>
+<script src="{SITE_URL}public/js/jquery.min.js" type="text/javascript"></script>
+<script>
+function postword(){
+	var word = $("#spamword").val();
+	if(word==''){
+		alert('敏感词不能为空！');return false;
+	}else{
+		$.post("https://www.thinksaas.cn/index.php?app=service&ac=spam", { 'word': word},
+		function(rs){			
+			alert('添加成功！感谢您的提供！');
+			$("#spamword").val('');
+			return false;
+		})
+	}
+}
+</script>
+{php include pubTemplate("footer_admin")}

app/system/html/anti_email.html

@@ -0,0 +1,37 @@
+{php include pubTemplate("header_admin")}
+
+<div class="midder">
+{template anti_menu}
+
+
+<div>
+<form method="post" action="{SITE_URL}index.php?app=system&ac=anti&ts=email_add">
+Email：<input name="email" /> <input type="submit" value="添加" /> <span class="fs12 text-danger">添加后Email不可以再注册</span>
+</form>
+</div>
+
+<div class="page">{$pageUrl}</div>
+
+<div class="mt-3">
+    <table class="table table-hover">
+        <thead class="thead-light">
+
+<tr><th>Email</th><th>添加时间</th><th>操作</th></tr>
+        </thead>
+        <tbody class="fs12 c9">
+{loop $arrEmail $key $item}
+<tr class="odd"><td>{$item['email']}</td>
+    <td>{$item['addtime']}</td>
+    <td><a href="{SITE_URL}index.php?app=system&ac=anti&ts=email_del&id={$item['id']}"><i class="bi bi-trash"></i> 删除</a></td>
+</tr>
+{/loop}
+        </tbody>
+</table>
+
+</div>
+
+<div class="page">{$pageUrl}</div>
+
+</div>
+
+{php include pubTemplate("footer_admin")}

app/system/html/anti_ip.html

@@ -0,0 +1,33 @@
+{php include pubTemplate("header_admin")}
+
+<!--main-->
+<div class="midder">
+{template anti_menu}
+
+
+<div>
+<form method="post" action="{SITE_URL}index.php?app=system&ac=anti&ts=ipdo">
+IP：<input name="ip" /> <input type="submit" value="添加" /> <span class="fs12 text-danger">添加后IP用户不可以再访问</span>
+</form>
+</div>
+
+
+<div class="mt-3">
+    <table class="table table-hover">
+        <thead class="thead-light">
+
+<tr><th>IP</th><th>添加时间</th><th>操作</th></tr>
+        </thead>
+        <tbody class="fs12 c9">
+{loop $arrIp $key $item}
+<tr class="odd"><td>{$item['ip']}</td><td>{$item['addtime']}</td><td><a href="{SITE_URL}index.php?app=system&ac=anti&ts=ipdel&id={$item['id']}"><i class="bi bi-trash"></i> 删除</a></td></tr>
+{/loop}
+        </tbody>
+</table>
+
+</div>
+
+
+</div>
+
+{php include pubTemplate("footer_admin")}

app/system/html/anti_menu.html

@@ -0,0 +1,29 @@
+
+<div class="tabnav">
+<ul>
+<li {if $ts=='word' || $ts=='wordadd'}class="select"{/if}><a href="index.php?app=system&ac=anti&ts=word">敏感词过滤</a></li>
+
+<li {if $ts=='cloud'}class="select"{/if}><a href="index.php?app=system&ac=anti&ts=cloud">远程云过滤</a></li>
+
+<li {if $ts=='ip'}class="select"{/if}><a href="index.php?app=system&ac=anti&ts=ip">IP过滤</a></li>
+
+<li {if $ts=='email'}class="select"{/if}><a href="index.php?app=system&ac=anti&ts=email">Email过滤</a></li>
+<li {if $ts=='phone'}class="select"{/if}><a href="index.php?app=system&ac=anti&ts=phone">手机号过滤</a></li>
+
+
+
+<li {if $ts=='report'}class="select"{/if}><a href="index.php?app=system&ac=anti&ts=report">内容举报</a></li>
+
+<li {if $ac=='logs'}class="select"{/if}><a href="index.php?app=system&ac=logs&ts=list">日志记录</a></li>
+
+<li {if $ac=='editor'}class="select"{/if}><a href="index.php?app=system&ac=editor&ts=list">Editor</a></li>
+
+<li {if $ac=='phpinfo'}class="select"{/if}><a href="index.php?app=system&ac=phpinfo">phpinfo</a></li>
+
+<li {if $ac=='test'}class="select"{/if}><a href="index.php?app=system&ac=test">上传测试</a></li>
+
+<li {if $ac=='redis'}class="select"{/if}><a href="index.php?app=system&ac=redis">redis测试</a></li>
+
+</ul>
+</div>
+<div style="height: 65px;"></div>

app/system/html/anti_phone.html

@@ -0,0 +1,35 @@
+{php include pubTemplate("header_admin")}
+
+<div class="midder">
+{template anti_menu}
+
+
+<div>
+<form method="post" action="{SITE_URL}index.php?app=system&ac=anti&ts=phone_add">
+手机号：<input name="phone" /> <input type="submit" value="添加" /> <span class="fs12 text-danger">添加后Phone不可以再注册</span>
+</form>
+</div>
+
+
+<div class="mt-3">
+    <table class="table table-hover">
+        <thead class="thead-light">
+
+<tr><th>Phone</th><th>添加时间</th><th>操作</th></tr>
+        </thead>
+        <tbody class="fs12 c9">
+{loop $arrPhone $key $item}
+<tr class="odd"><td>{$item['phone']}</td>
+    <td>{$item['addtime']}</td>
+    <td><a href="{SITE_URL}index.php?app=system&ac=anti&ts=phone_del&id={$item['id']}"><i class="bi bi-trash"></i> 删除</a></td>
+</tr>
+{/loop}
+        </tbody>
+</table>
+
+</div>
+
+
+</div>
+
+{php include pubTemplate("footer_admin")}

app/system/html/anti_report.html

@@ -0,0 +1,30 @@
+{php include pubTemplate("header_admin")}
+
+<!--main-->
+<div class="midder">
+    {template anti_menu}
+
+
+    <div>
+        <table class="table table-hover">
+
+            <thead class="thead-light">
+            <tr><th>ID</th><th>举报链接</th><th>举报内容</th><th>时间</th><th>操作</th></tr>
+            </thead>
+
+            <tbody>
+            {loop $arrReport $key $item}
+            <tr><td>{$item['reportid']}</td><td><a target="_blank" href="{php echo tsTitle($item['url'])}">{php echo tsTitle($item['url'])}</a></td><td>{php echo tsTitle($item['content'])}</td><td>{$item['addtime']}</td><td><a onclick="return confirm('确定删除?')" href="{SITE_URL}index.php?app=system&ac=anti&ts=reportdelete&reportid={$item['reportid']}">删除</a></td></tr>
+            {/loop}
+            </tbody>
+
+
+
+        </table>
+
+    </div>
+
+
+</div>
+
+{php include pubTemplate("footer_admin")}

app/system/html/anti_word.html

@@ -0,0 +1,43 @@
+{php include pubTemplate("header_admin")}
+
+<!--main-->
+<div class="midder">
+{template anti_menu}
+
+
+<div>
+    <form method="post" action="{SITE_URL}index.php?app=system&ac=anti&ts=worddo">
+        敏感词：<input name="word" /> <input type="submit" value="添加" /> 
+        <a class="btn btn-sm btn-outline-primary" href="{SITE_URL}index.php?app=system&ac=anti&ts=worddelall">一键删除所有敏感词</a> 
+        
+        
+
+        <a class="btn btn-sm btn-outline-primary" href="{SITE_URL}index.php?app=system&ac=anti&ts=wordadd">批量添加敏感词</a>
+
+    </form>
+</div>
+
+
+
+<div class="mt-3">
+<table class="table table-hover">
+<thead class="thead-light">
+<tr><th>ID</th><th>敏感词 <small class="text-danger">请至少保留一个敏感词</small></th><th>添加时间</th><th>操作</th></tr>
+</thead>
+
+<tbody class="fs12 c9">
+{loop $arrWord $key $item}
+<tr><td>{$item['id']}</td><td>{$item['word']}</td><td>{$item['addtime']}</td><td><a href="{SITE_URL}index.php?app=system&ac=anti&ts=worddel&id={$item['id']}"><i class="bi bi-trash"></i> 删除</a></td></tr>
+{/loop}
+</tbody>
+
+
+
+</table>
+
+</div>
+
+
+</div>
+
+{php include pubTemplate("footer_admin")}

app/system/html/anti_wordadd.html

@@ -0,0 +1,24 @@
+{php include pubTemplate("header_admin")}
+
+<!--main-->
+<div class="midder">
+{template anti_menu}
+
+
+<form method="post" action="{SITE_URL}index.php?app=system&ac=anti&ts=wordadddo">
+
+    <div class="form-group">
+        <label class="text-danger">输入敏感词(一行一个)：</label>
+        <textarea style="height: 300px;" class="form-control" name="word"></textarea>
+    </div>
+
+    <div>
+        <button type="submit" class="btn btn-primary">执行批量添加</button>
+    </div>
+
+</form>
+
+
+</div>
+
+{php include pubTemplate("footer_admin")}

app/system/html/apps.html

@@ -0,0 +1,127 @@
+{php include pubTemplate("header_admin")}
+
+<script src="public/js/jquery.min.js" type="text/javascript"></script>
+<script>
+//设为导航
+function isappnav(appkey,appname){
+	$.ajax({
+		type:"POST",
+		url:"index.php?app=system&ac=apps&ts=appnav",
+		data:"&appkey="+appkey+"&appname="+appname,
+		beforeSend:function(){},
+		success:function(result){
+			if(result == '1'){
+				window.location.reload(true); 
+			}
+		}
+	})
+}
+
+//取消导航
+function unisappnav(appkey){
+	$.ajax({
+		type:"POST",
+		url:"index.php?app=system&ac=apps&ts=unappnav",
+		data:"&appkey="+appkey,
+		beforeSend:function(){},
+		success:function(result){
+			if(result == '1'){
+				window.location.reload(true); 
+			}
+		}
+	})
+}
+
+function ismynav(appkey,appname){
+    $.post('index.php?app=system&ac=apps&ts=mynav',{'appkey':appkey,'appname':appname},function(rs){
+        if(rs==1){
+            window.location.reload(true);
+        }
+    })
+}
+
+function unismynav(appkey){
+    $.post('index.php?app=system&ac=apps&ts=unmynav',{'appkey':appkey},function(rs){
+        if(rs==1){
+            window.location.reload(true);
+        }
+    })
+}
+
+</script>
+
+
+<div class="midder">
+
+    {template apps_menu}
+
+<table class="table table-hover">
+    <thead class="thead-light">
+    <tr>
+        <th>应用名称</th>
+        <th>版本</th>
+        <th>介绍</th>
+        <th>作者</th>
+        <th>管理</th>
+        <th>顶部导航</th>
+        <th>我的社区导航</th>
+    </tr>
+    </thead>
+
+    <tbody>
+{loop $arrApp $keys $item}
+<tr>
+<td>
+    <img width="24" height="24" src="{$item['icon']}">
+    {$item['about']['name']}({$item['name']})
+</td>
+<td class="fs12 c9">{$item['about']['version']}
+</td>
+<td class="fs12 c9">{$item['about']['desc']}</td>
+<td class="fs12 c9">{$item['about']['author']}</td>
+<td>
+{if $item['about']['isoption'] == '1' && $item['about']['isinstall']=='1'}
+    <a class="btn btn-sm btn-outline-info fs12" href="index.php?app={$item['name']}&ac=admin&mg=options"><i class="bi bi-list-check"></i>管理</a>
+    {/if}
+</td>
+
+
+<td>
+
+
+{if $item['about']['isappnav'] == '1' && $TS_SITE['appnav'][$item['name']] == ''}
+    <a class="btn btn-outline-primary btn-sm fs12" href="javascript:void('0');" onclick="isappnav('{$item['name']}','{$item['about']['name']}');"><i class="bi bi-play-circle"></i>开启</a>
+    {/if}
+
+{if $item['about']['isappnav'] == '1' && $TS_SITE['appnav'][$item['name']] != ''}
+    <a class="btn btn-outline-secondary btn-sm fs12" href="javascript:void('0');" onclick="unisappnav('{$item['name']}');"><i class="bi bi-stop-circle"></i>取消</a>
+    {/if}
+
+
+
+</td>
+
+
+    <td>
+
+        {if $item[about]['ismy'] == '1' && $TS_SITE['mynav'][$item['name']] == ''}
+        <a class="btn btn-outline-primary btn-sm fs12" href="javascript:void('0');" onclick="ismynav('{$item['name']}','{$item['about']['name']}');"><i class="bi bi-play-circle"></i>开启</a>
+        {/if}
+
+        {if $item['about']['ismy'] == '1' && $TS_SITE['mynav'][$item['name']] != ''}
+        <a class="btn btn-outline-secondary btn-sm fs12" href="javascript:void('0');" onclick="unismynav('{$item['name']}');"><i class="bi bi-stop-circle"></i>取消</a>
+        {/if}
+
+    </td>
+
+
+</tr>
+{/loop}
+    </tbody>
+
+
+</table>
+
+</div>
+
+{php include pubTemplate("footer_admin")}

app/system/html/apps_applist.html

@@ -0,0 +1,153 @@
+{php include pubTemplate("header_admin")}
+<script src="public/js/jquery.min.js" type="text/javascript"></script>
+<script src="public/js/jquery.nestable.js"></script>
+
+<style>
+    /**
+     * Nestable
+     */
+
+    .dd { position: relative; display: block; margin: 0 auto; padding: 0; max-width: 200px; list-style: none; font-size: 13px; line-height: 20px; }
+
+    .dd-list { display: block; position: relative; margin: 0; padding: 0; list-style: none; }
+    .dd-list .dd-list { padding-left: 30px; }
+    .dd-collapsed .dd-list { display: none; }
+
+    .dd-item,
+    .dd-empty,
+    .dd-placeholder { display: block; position: relative; margin: 0; padding: 0; min-height: 20px; font-size: 13px; line-height: 20px; }
+
+    .dd-handle { display: block; height: 30px; margin: 5px 0; padding: 5px 10px; color: #333; text-decoration: none; font-weight: bold; border: 1px solid #ccc;
+        background: #fafafa;
+        background: -webkit-linear-gradient(top, #fafafa 0%, #eee 100%);
+        background:    -moz-linear-gradient(top, #fafafa 0%, #eee 100%);
+        background:         linear-gradient(top, #fafafa 0%, #eee 100%);
+        -webkit-border-radius: 3px;
+        border-radius: 3px;
+        box-sizing: border-box; -moz-box-sizing: border-box;
+    }
+    .dd-handle:hover { color: #2ea8e5; background: #fff; }
+
+    .dd-item > button { display: block; position: relative; cursor: pointer; float: left; width: 25px; height: 20px; margin: 5px 0; padding: 0; text-indent: 100%; white-space: nowrap; overflow: hidden; border: 0; background: transparent; font-size: 12px; line-height: 1; text-align: center; font-weight: bold; }
+    .dd-item > button:before { content: '+'; display: block; position: absolute; width: 100%; text-align: center; text-indent: 0; }
+    .dd-item > button[data-action="collapse"]:before { content: '-'; }
+
+    .dd-placeholder,
+    .dd-empty { margin: 5px 0; padding: 0; min-height: 30px; background: #f2fbff; border: 1px dashed #b6bcbf; box-sizing: border-box; -moz-box-sizing: border-box; }
+    .dd-empty { border: 1px dashed #bbb; min-height: 100px; background-color: #e5e5e5;
+        background-image: -webkit-linear-gradient(45deg, #fff 25%, transparent 25%, transparent 75%, #fff 75%, #fff),
+        -webkit-linear-gradient(45deg, #fff 25%, transparent 25%, transparent 75%, #fff 75%, #fff);
+        background-image:    -moz-linear-gradient(45deg, #fff 25%, transparent 25%, transparent 75%, #fff 75%, #fff),
+        -moz-linear-gradient(45deg, #fff 25%, transparent 25%, transparent 75%, #fff 75%, #fff);
+        background-image:         linear-gradient(45deg, #fff 25%, transparent 25%, transparent 75%, #fff 75%, #fff),
+        linear-gradient(45deg, #fff 25%, transparent 25%, transparent 75%, #fff 75%, #fff);
+        background-size: 60px 60px;
+        background-position: 0 0, 30px 30px;
+    }
+
+    .dd-dragel { position: absolute; pointer-events: none; z-index: 9999; }
+    .dd-dragel > .dd-item .dd-handle { margin-top: 0; }
+    .dd-dragel .dd-handle {
+        -webkit-box-shadow: 2px 4px 6px 0 rgba(0,0,0,.1);
+        box-shadow: 2px 4px 6px 0 rgba(0,0,0,.1);
+    }
+
+    /**
+     * Nestable Extras
+     */
+
+    .nestable-lists { display: block; clear: both; padding: 30px 0; width: 100%; border: 0; border-top: 2px solid #ddd; border-bottom: 2px solid #ddd; }
+
+    #nestable-menu { padding: 0; margin: 20px 0; }
+
+    #nestable-output,
+    #nestable2-output { width: 100%; height: 7em; font-size: 0.75em; line-height: 1.333333em; font-family: Consolas, monospace; padding: 5px; box-sizing: border-box; -moz-box-sizing: border-box; }
+
+    #nestable2 .dd-handle {
+        color: #fff;
+        border: 1px solid #999;
+        background: #bbb;
+        background: -webkit-linear-gradient(top, #bbb 0%, #999 100%);
+        background:    -moz-linear-gradient(top, #bbb 0%, #999 100%);
+        background:         linear-gradient(top, #bbb 0%, #999 100%);
+    }
+    #nestable2 .dd-handle:hover { background: #bbb; }
+    #nestable2 .dd-item > button:before { color: #fff; }
+
+
+
+    .dd-hover > .dd-handle { background: #2ea8e5 !important; }
+
+</style>
+
+<div class="midder">
+
+    {template apps_menu}
+
+
+    <div style="text-align: center">上下拖动排序</div>
+
+
+    <div style="width: 200px;margin:0 auto;">
+        <div class="dd" id="nestable2">
+            <ol class="dd-list">
+                {loop $arrAppNav $key $item}
+                <li class="dd-item" data-id="{$key}">
+                    <div class="dd-handle">{$item}</div>
+                </li>
+                {/loop}
+            </ol>
+        </div>
+    </div>
+
+
+
+    <!--
+    <textarea id="nestable2-output"></textarea>
+    -->
+
+
+</div>
+
+
+<script>
+    $(document).ready(function() {
+
+        var updateOutput = function(e)
+        {
+            var list   = e.length ? e : $(e.target),
+                output = list.data('output');
+            if (window.JSON) {
+
+                //alert(window.JSON.stringify(list.nestable('serialize')))
+                var jsondata = window.JSON.stringify(list.nestable('serialize'))
+
+                $.post('index.php?app=system&ac=apps&ts=applistdo',{'jsondata':jsondata},function (rs) {
+                    
+                })
+
+
+                output.val(window.JSON.stringify(list.nestable('serialize')));//, null, 2));
+            } else {
+                output.val('JSON browser support required for this demo.');
+            }
+        };
+
+
+
+        // activate Nestable for list 2
+        $('#nestable2').nestable({
+            group: 1
+        })
+            .on('change', updateOutput);
+
+        // output initial serialised data
+        updateOutput($('#nestable2').data('output', $('#nestable2-output')));
+
+
+    })
+
+
+</script>
+
+{php include pubTemplate("footer_admin")}

app/system/html/apps_menu.html

@@ -0,0 +1,8 @@
+<div class="tabnav">
+<ul>
+<li {if $ts=='list'}class="select"{/if}><a href="index.php?app=system&ac=apps&ts=list">应用列表</a></li>
+<li {if $ts=='applist'}class="select"{/if}><a href="index.php?app=system&ac=apps&ts=applist">应用导航排序</a></li>
+<li {if $ts=='mylist'}class="select"{/if}><a href="index.php?app=system&ac=apps&ts=mylist">我的导航排序</a></li>
+</ul>
+</div>
+<div style="height: 65px;"></div>

app/system/html/apps_mylist.html

@@ -0,0 +1,154 @@
+{php include pubTemplate("header_admin")}
+<script src="public/js/jquery.min.js" type="text/javascript"></script>
+<script src="public/js/jquery.nestable.js"></script>
+
+<style>
+    /**
+     * Nestable
+     */
+
+    .dd { position: relative; display: block; margin: 0 auto; padding: 0; max-width: 200px; list-style: none; font-size: 13px; line-height: 20px; }
+
+    .dd-list { display: block; position: relative; margin: 0; padding: 0; list-style: none; }
+    .dd-list .dd-list { padding-left: 30px; }
+    .dd-collapsed .dd-list { display: none; }
+
+    .dd-item,
+    .dd-empty,
+    .dd-placeholder { display: block; position: relative; margin: 0; padding: 0; min-height: 20px; font-size: 13px; line-height: 20px; }
+
+    .dd-handle { display: block; height: 30px; margin: 5px 0; padding: 5px 10px; color: #333; text-decoration: none; font-weight: bold; border: 1px solid #ccc;
+        background: #fafafa;
+        background: -webkit-linear-gradient(top, #fafafa 0%, #eee 100%);
+        background:    -moz-linear-gradient(top, #fafafa 0%, #eee 100%);
+        background:         linear-gradient(top, #fafafa 0%, #eee 100%);
+        -webkit-border-radius: 3px;
+        border-radius: 3px;
+        box-sizing: border-box; -moz-box-sizing: border-box;
+    }
+    .dd-handle:hover { color: #2ea8e5; background: #fff; }
+
+    .dd-item > button { display: block; position: relative; cursor: pointer; float: left; width: 25px; height: 20px; margin: 5px 0; padding: 0; text-indent: 100%; white-space: nowrap; overflow: hidden; border: 0; background: transparent; font-size: 12px; line-height: 1; text-align: center; font-weight: bold; }
+    .dd-item > button:before { content: '+'; display: block; position: absolute; width: 100%; text-align: center; text-indent: 0; }
+    .dd-item > button[data-action="collapse"]:before { content: '-'; }
+
+    .dd-placeholder,
+    .dd-empty { margin: 5px 0; padding: 0; min-height: 30px; background: #f2fbff; border: 1px dashed #b6bcbf; box-sizing: border-box; -moz-box-sizing: border-box; }
+    .dd-empty { border: 1px dashed #bbb; min-height: 100px; background-color: #e5e5e5;
+        background-image: -webkit-linear-gradient(45deg, #fff 25%, transparent 25%, transparent 75%, #fff 75%, #fff),
+        -webkit-linear-gradient(45deg, #fff 25%, transparent 25%, transparent 75%, #fff 75%, #fff);
+        background-image:    -moz-linear-gradient(45deg, #fff 25%, transparent 25%, transparent 75%, #fff 75%, #fff),
+        -moz-linear-gradient(45deg, #fff 25%, transparent 25%, transparent 75%, #fff 75%, #fff);
+        background-image:         linear-gradient(45deg, #fff 25%, transparent 25%, transparent 75%, #fff 75%, #fff),
+        linear-gradient(45deg, #fff 25%, transparent 25%, transparent 75%, #fff 75%, #fff);
+        background-size: 60px 60px;
+        background-position: 0 0, 30px 30px;
+    }
+
+    .dd-dragel { position: absolute; pointer-events: none; z-index: 9999; }
+    .dd-dragel > .dd-item .dd-handle { margin-top: 0; }
+    .dd-dragel .dd-handle {
+        -webkit-box-shadow: 2px 4px 6px 0 rgba(0,0,0,.1);
+        box-shadow: 2px 4px 6px 0 rgba(0,0,0,.1);
+    }
+
+    /**
+     * Nestable Extras
+     */
+
+    .nestable-lists { display: block; clear: both; padding: 30px 0; width: 100%; border: 0; border-top: 2px solid #ddd; border-bottom: 2px solid #ddd; }
+
+    #nestable-menu { padding: 0; margin: 20px 0; }
+
+    #nestable-output,
+    #nestable2-output { width: 100%; height: 7em; font-size: 0.75em; line-height: 1.333333em; font-family: Consolas, monospace; padding: 5px; box-sizing: border-box; -moz-box-sizing: border-box; }
+
+    #nestable2 .dd-handle {
+        color: #fff;
+        border: 1px solid #999;
+        background: #bbb;
+        background: -webkit-linear-gradient(top, #bbb 0%, #999 100%);
+        background:    -moz-linear-gradient(top, #bbb 0%, #999 100%);
+        background:         linear-gradient(top, #bbb 0%, #999 100%);
+    }
+    #nestable2 .dd-handle:hover { background: #bbb; }
+    #nestable2 .dd-item > button:before { color: #fff; }
+
+
+
+    .dd-hover > .dd-handle { background: #2ea8e5 !important; }
+
+</style>
+
+<div class="midder">
+
+    {template apps_menu}
+
+
+    <div style="text-align: center">上下拖动排序</div>
+
+
+    <div style="width: 200px;margin:0 auto;">
+        <div class="dd" id="nestable2">
+            <ol class="dd-list">
+                {loop $arrMyNav $key $item}
+                <li class="dd-item" data-id="{$key}">
+                    <div class="dd-handle">{$item}</div>
+                </li>
+                {/loop}
+            </ol>
+        </div>
+    </div>
+
+
+
+    <!--
+    <textarea id="nestable2-output"></textarea>
+    -->
+
+
+</div>
+
+
+<script>
+    $(document).ready(function() {
+
+        var updateOutput = function(e)
+        {
+            var list   = e.length ? e : $(e.target),
+                output = list.data('output');
+            if (window.JSON) {
+
+                //alert(window.JSON.stringify(list.nestable('serialize')))
+                var jsondata = window.JSON.stringify(list.nestable('serialize'))
+
+                $.post('index.php?app=system&ac=apps&ts=mylistdo',{'jsondata':jsondata},function (rs) {
+
+                })
+
+
+                output.val(window.JSON.stringify(list.nestable('serialize')));//, null, 2));
+            } else {
+                output.val('JSON browser support required for this demo.');
+            }
+        };
+
+
+
+        // activate Nestable for list 2
+        $('#nestable2').nestable({
+            group: 1
+        })
+            .on('change', updateOutput);
+
+        // output initial serialised data
+        updateOutput($('#nestable2').data('output', $('#nestable2-output')));
+
+
+    })
+
+
+</script>
+
+
+{php include pubTemplate("footer_admin")}

app/system/html/cache.html

@@ -0,0 +1,20 @@
+{php include pubTemplate("header_admin")}
+
+<div class="midder">
+{template menu}
+    <table class="table table-hover">
+        <tbody>
+<tr><td width="100">全站：</td><td><a href="index.php?app=system&ac=cache&ts=delall">清理全站缓存</a></td></tr>
+
+
+<tr><td>模板：</td><td><a href="index.php?app=system&ac=cache&ts=deltemp">清理模板缓存</a></td></tr>
+
+<tr><td>小组头像：</td><td><a href="index.php?app=system&ac=cache&ts=delgroup">清理小组头像缓存</a></td></tr>
+
+<tr><td>用户头像：</td><td><a href="index.php?app=system&ac=cache&ts=deluser">清理用户头像缓存</a></td></tr>
+
+        </tbody>
+</table>
+
+</div>
+{php include pubTemplate("footer_admin")}

app/system/html/editor_list.html

@@ -0,0 +1,53 @@
+{php include pubTemplate("header_admin")}
+
+<div class="midder">
+    {template anti_menu}
+    
+    
+    <div class="page">{$pageUrl}</div>
+
+    <div>
+        <table class="table table-hover">
+            <thead class="thead-light">
+    
+    <tr>
+        <th>ID</th>
+        <th>UserID</th>
+        <th>type</th>
+        <th>title</th>
+        <th></th>
+        <th>addtime</th>
+        <th>操作</th>
+    </tr>
+            </thead>
+            <tbody>
+    {loop $arrEditor $key $item}
+    <tr>
+        <td>{$item['id']}</td>
+        <td>{$item['userid']}</td>
+        <td>{$item['type']}</td>
+        <td>{$item['title']}</td>
+        <td>
+
+            {if $item['type']=='photo'}
+            <a target="_blank" href="{php echo tsXimg($item['url'],'editor')}"><img src="{php echo tsXimg($item['url'],'editor')}" width="100"></a>
+            {else}
+            <a target="_blank" href="{SITE_URL}uploadfile/editor/{$item['url']}">uploadfile/editor/{$item['url']}</a>
+            {/if}
+
+        </td>
+        <td>{php echo date('Y-m-d H:i:s',$item['addtime'])}</td>
+        <td><a href="{SITE_URL}index.php?app=system&ac=editor&ts=delete&id={$item['id']}"><i class="bi bi-trash"></i> 删除</a></td>
+    </tr>
+    {/loop}
+            </tbody>
+    </table>
+    
+    </div>
+
+    <div class="page">{$pageUrl}</div>
+    
+    
+</div>
+
+{php include pubTemplate("footer_admin")}

app/system/html/logs_list.html

@@ -0,0 +1,72 @@
+{php include pubTemplate("header_admin")}
+
+<div class="midder">
+    {template anti_menu}
+
+
+    <div class="mb-3">
+        <a class="btn btn-sm btn-outline-primary" href="index.php?app=system&ac=logs&ts=clean">一键清空日志</a>
+    </div>
+    
+    
+    <div class="page">{$pageUrl}</div>
+
+    <div>
+        <table class="table table-hover">
+            <thead class="thead-light">
+    
+    <tr>
+        <th>ID</th>
+        <th>ptable</th>
+        <th>pkey</th>
+        <th>pid</th>
+        <th>userid</th>
+        <th>title</th>
+        <th>status</th>
+        <th>addtime</th>
+        <th>操作</th>
+    </tr>
+            </thead>
+            <tbody>
+    {loop $arrLogs $key $item}
+    <tr>
+        <td>{$item['logid']}</td>
+        <td>{$item['ptable']}</td>
+        <td>{$item['pkey']}</td>
+        <td>{$item['pid']}</td>
+
+        <td>{$item['userid']}</td>
+        
+        <td>{php echo tsTitle($item['title'])}</td>
+
+        <td>
+            {if $item['status']==1}
+            修改
+            {elseif $item['status']==2}
+            删除
+            {else}
+            添加
+            {/if}
+
+        </td>
+
+        <td>{php echo date('Y-m-d H:i:s',$item['addtime'])}</td>
+        <td>
+            
+            <a href="index.php?app=system&ac=logs&ts=show&logid={$item['logid']}">详情</a> | 
+            <a href="index.php?app=system&ac=logs&ts=delete&logid={$item['logid']}">删除</a>
+        
+        </td>
+    </tr>
+    {/loop}
+            </tbody>
+    </table>
+    
+    </div>
+
+    <div class="page">{$pageUrl}</div>
+    
+    
+</div>
+
+{php include pubTemplate("footer_admin")}

app/system/html/logs_show.html

@@ -0,0 +1,31 @@
+{php include pubTemplate("header_admin")}
+
+<div class="midder">
+    {template anti_menu}
+    
+    
+    
+
+
+    <div>
+
+        <table class="table">
+            <tr><td width="100">logid</td><td>{$strLog['logid']}</td></tr>
+            <tr><td>ptable</td><td>{$strLog['ptable']}</td></tr>
+            <tr><td>pkey</td><td>{$strLog['pkey']}</td></tr>
+            <tr><td>pid</td><td>{$strLog['pid']}</td></tr>
+            <tr><td>userid</td><td>{$strLog['userid']}</td></tr>
+            <tr><td>status</td><td>{$strLog['status']}</td></tr>
+            <tr><td>addtime</td><td>{php echo date('Y-m-d H:i:s',$strLog['addtime'])}</td></tr>
+            <tr><td>title</td><td>{php echo tsTitle($strLog['title'])}</td></tr>
+            <tr><td>content</td><td>{php echo tsDecode($strLog['content'])}</td></tr>
+        </table>
+
+    </div>
+
+
+
+    
+</div>
+
+{php include pubTemplate("footer_admin")}

app/system/html/main.html

@@ -0,0 +1,134 @@
+{php include pubTemplate("header_admin")}
+<script src="public/js/jquery.min.js" type="text/javascript"></script>
+<script>
+$(document).ready(function(){
+	$.getJSON("https://www.thinksaas.cn/index.php?app=notice&ac=new&callback=?",
+	function(data){
+		$.each(data, function(i,item){
+			$("#admindex_msg table").append("<tr><td width=\"120\">"+item.time+"</td><td><a href=\""+item.url+"\" target=\"_blank\">"+item.title+"</a></td></tr>");
+		});
+		return false;
+	});
+
+    var theAuthUrl = getLocation();
+    var theVersion = "{$TS_CF['info']['version']}";
+	$.getJSON("https://www.thinksaas.cn/index.php?app=service&ac=auth&ts=isauth&url="+theAuthUrl+"&version="+theVersion+"&callback=?",
+	function(rs){
+		if(rs){
+			if(rs.isaudit==1){
+				$("#authurl").html(theAuthUrl+'当前域名已获得商业授权');
+				return false;
+			}else{
+				$("#authurl").html(theAuthUrl+'当前域名未被授权 <a target=\"_blank\" href=\"https://www.thinksaas.cn/service/down/\">【购买商业授权】</a>');
+				return false;
+			}
+		}else{
+			$("#authurl").html(theAuthUrl+'当前域名未被授权 <a target=\"_blank\" href=\"https://www.thinksaas.cn/service/down/\">【购买商业授权】</a>');
+			return false;
+		}
+	});
+});
+
+function getLocation(){
+    var arr = document.domain.split('.');
+    if(arr.length === 2){
+        return document.domain;
+    }
+    if(arr.length > 2 && arr[0] !== 'www'){
+        return arr.slice(1).join('.')
+    }
+    return arr.slice(1).join('.')
+}
+</script>
+
+
+
+<div class="midder">
+
+
+    <div class="row mt-3">
+
+        <div class="col-md-6">
+
+            <div class="card mb-3">
+                <div class="card-header">目录权限</div>
+                <div class="card-body">
+
+                    <table class="table table-sm table-borderless fs12">
+                        <tbody>
+                        <tr><td width="120">cache目录：</td><td>{if iswriteable('cache')==0}<font color="red">不可写</font>(请设置为可写777权限){else}可写{/if}</td></tr>
+                        <tr><td>data目录：</td><td>{if iswriteable('data')==0}<font color="red">不可写</font>(请设置为可写777权限){else}可写{/if}</td></tr>
+                        <tr><td>tslogs目录：</td><td>{if iswriteable('tslogs')==0}<font color="red">不可写</font>(请设置为可写777权限){else}可写{/if}</td></tr>
+                        <tr><td>upgrade目录：</td><td>{if iswriteable('upgrade')==0}<font color="red">不可写</font>(请设置为可写777权限){else}可写{/if}</td></tr>
+                        <tr><td>uploadfile目录：</td><td>{if iswriteable('uploadfile')==0}<font color="red">不可写</font>(请设置为可写777权限){else}可写{/if}</td></tr>
+                        </tbody>
+                    </table>
+                </div>
+            </div>
+
+
+        </div>
+        <div class="col-md-6">
+
+
+            <div class="card mb-3">
+                <div class="card-header">软件信息</div>
+                <div class="card-body">
+            <table class="table table-sm table-borderless fs12">
+                <tbody>
+                <tr><td width="120">程序版本：</td><td>{$TS_CF['info']['name']} {$TS_CF['info']['version']}  <span id="upgrade"></span></td></tr>
+                <tr><td>联系方式：</td><td>QQ:{$TS_CF['info']['qq']} 微信：{$TS_CF['info']['weixin']}</td></tr>
+                <tr><td>官方网址：</td><td><a href="{$TS_CF['info']['url']}" target='_blank'>{$TS_CF['info']['url']}</a></td></tr>
+                <tr><td>官方社区：</td><td><a target="_blank" href="https://demo.thinksaas.cn/">https://demo.thinksaas.cn/</a></td></tr>
+                <tr><td>域名授权：</td><td class="text-danger"><span id="authurl"></span></td></tr>
+                </tbody>
+            </table>
+                </div>
+            </div>
+
+        </div>
+        <div class="col-md-6">
+
+            <div class="card mb-3">
+                <div class="card-header">服务器信息</div>
+                <div class="card-body">
+            <table class="table table-sm table-borderless fs12">
+                <tbody>
+                <tr><td width="120">服务器软件：</td><td>{$systemInfo[server]}</td></tr>
+                <tr><td>操作系统：</td><td>{$systemInfo[phpos]}</td></tr>
+                <tr><td>PHP版本：</td><td>{$systemInfo[phpversion]}</td></tr>
+                <tr><td>MySQL版本：</td><td>{$systemInfo[mysql]}</td></tr>
+                <tr><td>物理路径：</td><td>$_SERVER[DOCUMENT_ROOT]</td></tr>
+                <tr><td>php附件上传限制：</td><td>{$systemInfo['upload']}</td></tr>
+                <tr><td>php内存限制：</td><td>{$systemInfo['memory']}</td></tr>
+                <tr><td>php图像处理：</td><td>{$systemInfo['gd']} </td></tr>
+                <tr><td>语言：</td><td>{$_SERVER[HTTP_ACCEPT_LANGUAGE]}</td></tr>
+                <tr><td>gzip压缩：</td><td>{if $_SERVER[HTTP_ACCEPT_ENCODING]}{$_SERVER[HTTP_ACCEPT_ENCODING]}{else}不支持{/if}</td></tr>
+                </tbody>
+            </table>
+                </div>
+            </div>
+
+        </div>
+        <div class="col-md-6" id="admindex_msg">
+
+            <div class="card mb-3">
+                <div class="card-header">ThinkSAAS消息</div>
+                <div class="card-body">
+            <table class="table table-sm table-borderless fs12">
+                <tbody>
+
+                </tbody>
+            </table>
+                </div>
+            </div>
+
+        </div>
+
+    </div>
+
+
+
+
+</div>
+{php include pubTemplate("footer_admin")}

app/system/html/menu.html

@@ -0,0 +1,13 @@
+
+<div class="tabnav">
+<ul>
+<li {if $ac=='options'}class="select"{/if}><a href="index.php?app=system&ac=options">选项配置</a></li>
+
+<li {if $ac=='cache'}class="select"{/if}><a href="index.php?app=system&ac=cache">缓存管理</a></li>
+
+
+<li {if $ac=='sql'}class="select"{/if}><a href="index.php?app=system&ac=sql">数据库管理</a></li>
+
+</ul>
+</div>
+<div style="height: 65px;"></div>

app/system/html/options.html

@@ -0,0 +1,403 @@
+{php include pubTemplate("header_admin")}
+<script src="public/js/jquery.min.js" type="text/javascript"></script>
+<script type="text/javascript" src="{SITE_URL}public/js/jquery.upload.v2.js"></script>
+
+<script>
+    $(function(){
+        $("#upload").upload({
+            action: "{SITE_URL}index.php?app=system&ac=logo", //上传地址
+            fileName: "filedata",    //文件名称。用于后台接收
+            params: {},         //参数
+            accept: ".jpg,.png,.gif",     //文件类型
+            complete: function (rs) {  //上传完成
+				$("#logo img").attr("src",rs);
+            },
+            submit: function () {   //提交之前
+                //alert("submit");
+            }
+        });
+    })
+</script>
+
+<div class="midder">
+{template menu}
+<form method="POST" action="index.php?app=system&ac=options&ts=do">
+
+<h6>常规选项</h6>
+
+<table class="table table-hover">
+    <tbody>
+<tr><td width="200">网站标题：</td><td><input type="text" style="width:300px;" name="option[site_title]" value="{$strOption[site_title]}" /></td></tr>
+<tr><td>副标题：</td><td><input type="text" style="width:300px;" name="option[site_subtitle]" value="{$strOption[site_subtitle]}" /> (例如：又一个ThinkSAAS社区小组)</td></tr>
+
+<tr><td>关键词：</td><td><input type="text" style="width:300px;" name="option[site_key]" value="{$strOption[site_key]}" /> (关键词有助于SEO)</td></tr>
+
+<tr><td>网站说明：</td><td><textarea type="text" style="width:300px;height:50px;font-size:12px;" name="option[site_desc]">{$strOption[site_desc]}</textarea> (用简洁的文字描述本站点。)</td></tr>
+
+<tr><td>站点地址（URL）:</td><td><input type="text" style="width:300px;" name="option[site_url]" value="{$strOption[site_url]}" />(必须以http://开头，以/结尾。如果采用相对路径，请只填写/)</td></tr>
+
+<tr><td>固定地址:</td><td><input type="text" style="width:300px;" name="option[link_url]" value="{$strOption[link_url]}" />(例如：http://www.thinksaas.cn/，必须以/结尾，主要用于采用固定链接的URL)</td></tr>
+
+    <tr><td>网站密钥:</td><td><input id="sitepkey" type="text" style="width:300px;" name="option[site_pkey]" value="{$strOption[site_pkey]}" /> <a href="javascript:void(0)" onclick="reSitePkey('{php echo md5(rand())}')">重新生成</a> <span style="color: red;">(非常重要，切勿泄漏)</span></td></tr>
+
+<tr><td>网站Logo:</td><td>
+<div id="logo"><img src="{SITE_URL}uploadfile/logo/{$strOption['logo']}" width="190" height="40" /></div>
+<input type="button" value="点击上传" id="upload" />(支持png,gif,jpg格式，宽度285px高度60px)</td></tr>
+
+<tr><td>电子邮件 :</td><td><input type="text" style="width:300px;" name="option[site_email]" value="{$strOption[site_email]}" /></td></tr>
+
+<tr><td>ICP备案号 :</td><td><input type="text" style="width:300px;" name="option[site_icp]" value="{$strOption[site_icp]}" /> （京ICP备09050100号）</td></tr>
+
+<tr><td>是否上传头像 :</td><td>
+    <input type="radio" {if $strOption[isface]=='0'}checked="select"{/if} name="option[isface]" value="0" />不需要 
+    <input type="radio" {if $strOption[isface]=='1'}checked="select"{/if} name="option[isface]" value="1" />需要
+</td></tr>
+
+<tr><td>用户注册 :</td><td>
+    <input type="radio" {if $strOption[isinvite]=='0'}checked="select"{/if} name="option[isinvite]" value="0" />开放注册 
+    <input type="radio" {if $strOption[isinvite]=='1'}checked="select"{/if} name="option[isinvite]" value="1" />邀请注册
+    <input type="radio" {if $strOption[isinvite]=='2'}checked="select"{/if} name="option[isinvite]" value="2" />关闭注册
+</td></tr>
+
+<tr><td>注册方式 :</td><td>
+    <input type="radio" {if $strOption['regtype']=='0'}checked="select"{/if} name="option[regtype]" value="0" />Email邮箱
+    <input type="radio" {if $strOption['regtype']=='1'}checked="select"{/if} name="option[regtype]" value="1" />手机号
+    <input type="radio" {if $strOption['regtype']=='2'}checked="select"{/if} name="option[regtype]" value="2" />Email邮箱+手机号
+    <small class="text-danger">(手机号注册需要先安装手机号注册功能)</small>
+</td></tr>
+
+
+<tr><td>是否开启短信登录:</td><td>
+    <input type="radio" {if $strOption[isplogin]=='0'}checked="select"{/if} name="option[isplogin]" value="0" />不开启
+    <input type="radio" {if $strOption[isplogin]=='1'}checked="select"{/if} name="option[isplogin]" value="1" />开启
+</td></tr>
+
+
+<tr><td>是否验证Email :</td><td>
+    <input type="radio" {if $strOption[isverify]=='0'}checked="select"{/if} name="option[isverify]" value="0" />不验证Email 
+    <input type="radio" {if $strOption[isverify]=='1'}checked="select"{/if} name="option[isverify]" value="1" />验证Email 
+
+    <small class="text-danger">(当开启Email注册的时候才会验证email)</small>
+
+</td></tr>
+
+
+<tr><td>是否验证手机号 :</td><td>
+
+    <input type="radio" {if $strOption[isverifyphone]=='0'}checked="select"{/if} name="option[isverifyphone]" value="0" />不验证手机号
+    <input type="radio" {if $strOption[isverifyphone]=='1'}checked="select"{/if} name="option[isverifyphone]" value="1" />验证手机号
+
+    <small class="text-danger">(手机号验证后同时可以使用手机号登录网站，注册方式中使用手机号注册的自动验证)</small>
+
+</td></tr>
+
+<tr><td>登录是否跳转 :</td><td><input type="radio" {if $strOption[istomy]=='0'}checked="select"{/if} name="option[istomy]" value="0" />不跳转 <input type="radio" {if $strOption[istomy]=='1'}checked="select"{/if} name="option[istomy]" value="1" />跳转到我的社区</td></tr>
+
+
+<tr><td>是否开启验证码 :</td><td><input type="radio" {if $strOption[isauthcode]=='0'}checked="select"{/if} name="option[isauthcode]" value="0" />不开启 <input type="radio" {if $strOption[isauthcode]=='1'}checked="select"{/if} name="option[isauthcode]" value="1" />开启</td></tr>
+
+
+    <tr><td>是否token验证 :</td><td><input type="radio" {if $strOption[istoken]=='0'}checked="select"{/if} name="option[istoken]" value="0" />否 <input type="radio" {if $strOption[istoken]=='1'}checked="select"{/if} name="option[istoken]" value="1" />是</td></tr>
+
+
+
+<tr><td>是否开启公众平台登录:</td><td>
+
+    <div>
+        <input type="radio" {if $strOption['is_weixin']=='0'}checked="select"{/if} name="option[is_weixin]" value="0" />否 
+        <input type="radio" {if $strOption['is_weixin']=='1'}checked="select"{/if} name="option[is_weixin]" value="1" />是 <small class="text-danger">(请先获取微信公众号所需要的参数，<a class="font-weight-bold" target="_blank" href="https://mp.weixin.qq.com/">点击去获取</a>)</small>
+    </div>
+
+
+    <div id="weixin_option" {if $strOption['is_weixin']=='0' || $strOption['is_weixin']==''}style="display: none;"{/if}>
+    
+        <div class="d-flex mt-2">
+            <div style="width: 80px;">AppID：</div>
+            <div><input style="width:300px;" type="text" name="option[weixin_appid]" value="{$strOption['weixin_appid']}"></div>
+        </div>
+
+        <div class="d-flex mt-2">
+            <div style="width: 80px;">AppSecret：</div>
+            <div><input style="width:300px;" type="text" name="option[weixin_appsecret]" value="{$strOption['weixin_appsecret']}"></div>
+        </div>
+
+    </div>
+
+
+</td></tr>
+
+
+
+<tr><td>是否开启人机验证 :</td><td>
+
+    <div>
+        <input type="radio" {if $strOption['is_vaptcha']=='0'}checked="select"{/if} name="option[is_vaptcha]" value="0" />否 
+        <input type="radio" {if $strOption['is_vaptcha']=='1'}checked="select"{/if} name="option[is_vaptcha]" value="1" />是 <small class="text-danger">(请先获取人机验证所需要的参数，<a class="font-weight-bold" target="_blank" href="https://www.vaptcha.com/">点击去获取</a>)</small>
+    </div>
+
+
+    <div id="vaptcha_option" {if $strOption['is_vaptcha']=='0'}style="display: none;"{/if}>
+    
+        <div class="d-flex mt-2">
+            <div style="width: 40px;">VID：</div>
+            <div><input style="width:300px;" type="text" name="option[vaptcha_vid]" value="{$strOption['vaptcha_vid']}"></div>
+        </div>
+
+        <div class="d-flex mt-2">
+            <div style="width: 40px;">KEY：</div>
+            <div><input style="width:300px;" type="text" name="option[vaptcha_key]" value="{$strOption['vaptcha_key']}"></div>
+        </div>
+
+    </div>
+
+
+</td></tr>
+
+
+
+
+
+
+<tr><td>时区:</td><td>
+<select name="option[timezone]">
+{loop $arrTime $key $item}
+<option {if $key==$strOption[timezone]}selected="selected"{/if} value="{$key}">{$item}</option>
+{/loop}
+</select>
+</td>
+</tr>
+
+
+    </tbody>
+</table>
+
+
+
+<h6>内容设定</h6>
+
+    <table class="table table-hover">
+        <tbody>
+
+
+
+        <tr><td  width="200">用户访问内容权限：</td><td>
+            <input type="radio" name="option[visitor]" value="0" {if $strOption['visitor']=='0'}checked="select"{/if} />不需要登录
+            <input type="radio" name="option[visitor]" value="1" {if $strOption['visitor']=='1'}checked="select"{/if} />需要登录
+        </td></tr>
+
+
+
+
+        <tr><td>用户发布内容权限：</td><td>
+            <input type="radio" name="option[publisher]" value="0" {if $strOption['publisher']=='0'}checked="select"{/if} />注册用户
+            <input type="radio" name="option[publisher]" value="isverify" {if $strOption['publisher']=='isverify'}checked="select"{/if} />仅Email验证用户
+            <input type="radio" name="option[publisher]" value="isverifyphone" {if $strOption['publisher']=='isverifyphone'}checked="select"{/if} />仅手机注册用户
+            <input type="radio" name="option[publisher]" value="isrenzheng" {if $strOption['publisher']=='isrenzheng'}checked="select"{/if} />仅手工认证用户
+            <input type="radio" name="option[publisher]" value="isadmin" {if $strOption['publisher']=='isadmin'}checked="select"{/if} />仅管理员
+        </td></tr>
+
+
+
+        <tr><td>是否开启匿名发布内容：</td><td>
+            <input type="radio" name="option[isniming]" value="0" {if $strOption['isniming']=='0'}checked="select"{/if} />不开启
+            <input type="radio" name="option[isniming]" value="1" {if $strOption['isniming']=='1'}checked="select"{/if} />开启
+        </td></tr>
+
+
+        <tr><td>用户发布内容时间 :</td><td><textarea style="width:500px;" type="text" name="option[pubtime]">{$strOption['pubtime']}</textarea> <br />(24小时制，以|分割。留空为不限制)</td></tr>
+
+
+        <tr><td>发布内容间隔时间 :</td><td><input type="text" name="option[timeblank]" value="{$strOption['timeblank']}"> <small class="text-danger">(0不限制；例如1分钟=60秒，30分钟就是30*60=1800秒；1小时3600秒)</small></td></tr>
+
+
+        <tr><td>用户修改内容权限 :</td><td><input type="radio" {if $strOption['isallowedit']=='0'}checked="select"{/if} name="option[isallowedit]" value="0" />允许 <input type="radio" {if $strOption['isallowedit']=='1'}checked="select"{/if} name="option[isallowedit]" value="1" />不允许 (管理员除外)</td></tr>
+
+
+        <tr><td>用户删除内容权限 :</td><td><input type="radio" {if $strOption['isallowdelete']=='0'}checked="select"{/if} name="option[isallowdelete]" value="0" />允许 <input type="radio" {if $strOption['isallowdelete']=='1'}checked="select"{/if} name="option[isallowdelete]" value="1" />不允许 (管理员除外)</td></tr>
+
+        <tr><td>内容敏感词处理方式 :</td><td><input type="radio" {if $strOption['anti_word_type']=='0'}checked="select"{/if} name="option[anti_word_type]" value="0" />拦截发布 <input type="radio" {if $strOption['anti_word_type']=='1'}checked="select"{/if} name="option[anti_word_type]" value="1" />替换成*** (管理员除外)</td></tr>
+
+
+        <tr><td ></td><td></td></tr>
+        </tbody>
+    </table>
+
+
+<h6>系统主题</h6>
+
+    <table class="table table-hover">
+        <tbody>
+<tr>
+<td  width="200">选择主题：</td>
+
+<td>
+
+<div class="theme">
+<ul>
+{loop $arrTheme $key $item}
+<li>
+<img src="theme/{$item}/preview.jpg">
+<br />
+<input type="radio" {if $strOption[site_theme]==$item}checked="select"{/if} name="option[site_theme]" value="{$item}" /> {$item}
+</li>
+{/loop}
+</ul>
+</div>
+
+</td>
+</tr>
+        </tbody>
+</table>
+
+
+<h6>链接形式</h6>
+
+    <table class="table table-hover">
+        <tbody>
+    <tr>
+	<td  width="200">形式1：</td><td><input type="radio" {if $strOption[site_urltype]==1}checked="select"{/if} name="option[site_urltype]" value="1" /> index.php?app=group&ac=show&id=1</td></tr>
+    <tr><td>形式2：</td><td><input type="radio" {if $strOption[site_urltype]==2}checked="select"{/if} name="option[site_urltype]" value="2" /> index.php/group/show/id-1</td></tr>
+	<tr><td>形式3：</td><td><input type="radio" {if $strOption[site_urltype]==3}checked="select"{/if} name="option[site_urltype]" value="3" /> group-show-id-1.html </td></tr>
+	<tr><td>形式4：</td><td><input type="radio" {if $strOption[site_urltype]==4}checked="select"{/if} name="option[site_urltype]" value="4" /> group/show/id-1 </td></tr>
+<tr><td>形式5：</td><td><input type="radio" {if $strOption[site_urltype]==5}checked="select"{/if} name="option[site_urltype]" value="5" /> group/show/1 </td></tr>
+<tr><td>形式6：</td><td><input type="radio" {if $strOption[site_urltype]==6}checked="select"{/if} name="option[site_urltype]" value="6" /> group/show/id/1 </td></tr>
+<tr><td>形式7：</td><td><input type="radio" {if $strOption[site_urltype]==7}checked="select"{/if} name="option[site_urltype]" value="7" /> group/show/1/ </td></tr>
+
+
+</tbody>
+</table>
+
+
+    <div class="alert alert-info">默认支持Apache环境的rewrite，如果是nginx环境，请点击查看 <a class="font-weight-bold" target="_blank" href="https://www.thinksaas.cn/article/show/13/">ThinkSAAS社区URL重写规则之Nginx篇</a></div>
+
+
+<h6>其他选项</h6>
+    <table class="table table-hover">
+        <tbody>
+
+
+<tr><td>文件存储方式：<br><span class="text-danger font-weight-bold">【重要：用户上传数据后切勿来回切换存储方式，后果自负！如本地存储数据需要上云存储，请联系ThinkSAAS官方指导处理！】</span></td><td>
+
+
+    <input type="radio" {if $strOption['file_upload_type']=='0'}checked="select"{/if} name="option[file_upload_type]" value="0" /> 本地存储 
+    <input type="radio" {if $strOption['file_upload_type']=='1'}checked="select"{/if} name="option[file_upload_type]" value="1" /> 阿里云(对象存储OSS)
+
+
+    <div id="alioss_option" {if $strOption['file_upload_type']=='0' || $strOption['file_upload_type']==''}style="display: none;"{/if}>
+
+        <hr />
+
+        <div class="text-danger">
+            使用阿里云(对象云存储OSS)，需要购买阿里云对象存储，<a class="font-weight-bold" target="_blank" href="https://www.aliyun.com/minisite/goods?userCode=t0dihnz2">点击去购买</a>，并获取以下参数。
+        </div>
+    
+        <div class="d-flex mt-2">
+            <div style="width: 180px;">AccessKey ID：</div>
+            <div><input style="width:300px;" type="text" name="option[alioss_accesskey_id]" value="{$strOption['alioss_accesskey_id']}"></div>
+            
+        </div>
+
+        <div class="d-flex mt-2">
+            <div style="width: 180px;">AccessKey Secret：</div>
+            <div><input style="width:300px;" type="text" name="option[alioss_accesskey_secret]" value="{$strOption['alioss_accesskey_secret']}"></div>
+        </div>
+
+
+        <div class="d-flex mt-2">
+            <div style="width: 180px;">Bucket 名称：</div>
+            <div><input style="width:300px;" type="text" name="option[alioss_bucket]" value="{$strOption['alioss_bucket']}"></div>
+            <div class="ml-2 c9">例如：thinksaas</div>
+        </div>
+
+        <div class="d-flex mt-2">
+            <div style="width: 180px;">Endpoint（地域节点）：</div>
+            <div><input style="width:300px;" type="text" name="option[alioss_endpoint]" value="{$strOption['alioss_endpoint']}"></div>
+            <div class="ml-2 c9">例如：https://oss-cn-beijing.aliyuncs.com</div>
+        </div>
+
+        <div class="d-flex mt-2">
+            <div style="width: 180px;">Bucket 域名：</div>
+            <div><input style="width:300px;" type="text" name="option[alioss_bucket_url]" value="{$strOption['alioss_bucket_url']}"></div>
+            <div class="ml-2 c9">例如：https://thinksaas.oss-cn-beijing.aliyuncs.com</div>
+        </div>
+
+
+    </div>
+
+
+</td></tr>
+
+
+<tr><td width="200">图片上传大小：</td><td><input name="option[photo_size]" value="$strOption['photo_size']" />M (请填写数字，例如2)</td></tr>
+<tr><td>图片上传格式：</td><td><input name="option[photo_type]" value="$strOption['photo_type']" />(请以英文逗号分割，例如：jpg,gif,png)</td></tr>
+
+<tr><td>是否开启正文图片检测：</td><td>
+
+
+    <input type="radio" {if $strOption['photo_check']=='0'}checked="select"{/if} name="option[photo_check]" value="0" />不开启 
+    <input type="radio" {if $strOption['photo_check']=='1'}checked="select"{/if} name="option[photo_check]" value="1" />开启
+
+</td></tr>
+
+
+<tr><td>图片处理组件：</td><td>
+
+    <input type="radio" {if $strOption['photo_driver']=='gd'}checked="select"{/if} name="option[photo_driver]" value="gd" />gd 
+    <input type="radio" {if $strOption['photo_driver']=='imagick'}checked="select"{/if} name="option[photo_driver]" value="imagick" />imagick <small class="text-danger">(服务器和php环境必须支持imagick扩展)</small>
+
+</td></tr>
+
+
+<tr><td>附件上传大小：</td><td><input name="option[attach_size]" value="$strOption['attach_size']" />M (请填写数字，例如2)</td></tr>
+<tr><td>附件上传格式：</td><td><input name="option[attach_type]" value="$strOption['attach_type']" />(请以英文逗号分割，例如：zip,rar,doc,txt,ppt)</td></tr>
+
+
+
+    <tr><td>用户每日获得积分上限:</td><td><input name="option[dayscoretop]" value="{$strOption['dayscoretop']}" /> 积分（设置每日获得积分上限后，用户当天的内容动作不再获得积分奖励。）</td></tr>
+
+
+
+<tr><td></td><td><input type="submit" class="btn btn-primary" value="提交修改" /></td></tr>
+        </tbody>
+</table>
+
+
+</form>
+</div>
+<script>
+    function reSitePkey(value) {
+        $("#sitepkey").val(value);
+    }
+
+    //微信公众号选项
+    $('input[name="option[is_weixin]"]').click(function(){
+        var value  = $('input[name="option[is_weixin]"]:checked').val();
+        if(value=='1'){
+            $("#weixin_option").show()
+        }else if(value=='0'){
+            $("#weixin_option").hide()
+        }
+    });
+
+    //人机验证选项
+    $('input[name="option[is_vaptcha]"]').click(function(){
+        var value  = $('input[name="option[is_vaptcha]"]:checked').val();
+        if(value=='1'){
+            $("#vaptcha_option").show()
+        }else if(value=='0'){
+            $("#vaptcha_option").hide()
+        }
+    });
+
+    //文件存储选项
+    $('input[name="option[file_upload_type]"]').click(function(){
+        var value  = $('input[name="option[file_upload_type]"]:checked').val();
+        if(value=='1'){
+            $("#alioss_option").show()
+        }else if(value=='0'){
+            $("#alioss_option").hide()
+        }
+    });
+
+</script>
+{php include pubTemplate("footer_admin")}

app/system/html/plugin_list.html

@@ -0,0 +1,76 @@
+{php include pubTemplate("header_admin")}
+
+<div class="midder">
+
+
+<div class="tabnav">
+<ul>
+
+{loop $arrAppsAbout $key $item}
+<li {if $apps==$key}class="select"{/if}><a href="index.php?app=system&ac=plugin&ts=list&apps={$key}">{$item['name']}插件</a></li>
+{/loop}
+
+</ul>
+</div>
+<div style="height: 65px;"></div>
+
+
+
+    {if $arrAppsAbout[$apps]['hook']}
+
+    <div class="mb-3">
+
+        <a class="btn btn-sm btn-outline-secondary" href="index.php?app=system&ac=plugin&ts=list&apps={$apps}">全部</a>
+
+        {loop $arrAppsAbout[$apps]['hook'] $key $item}
+        <a class="btn btn-sm btn-outline-secondary" href="index.php?app=system&ac=plugin&ts=list&apps={$apps}&hook={$key}">{$item}</a>
+        {/loop}
+
+    </div>
+
+    {/if}
+
+
+
+<table class="table table-hover">
+    <thead class="thead-light">
+    <tr><th>名称</th ><th>版本</th>
+
+        <th>介绍</th>
+        <th>作者</th>
+
+        <th>操作</th></tr>
+    </thead>
+
+    <tbody>
+
+{loop $arrPlugin $key $item}
+<tr>
+    <td>{$item['about']['name']} ({$item['name']})</td>
+    <td class="fs12 c9">{$item['about']['version']}</td>
+    <td class="fs12 c9">{$item['about']['desc']}</td>
+    <td class="fs12"><a target="_blank" href="{$item['about']['author_url']}">{$item['about']['author']}</a></td>
+    <td>
+
+{if in_array($item['name'],$app_plugins)}
+    <a class="btn btn-outline-secondary btn-sm fs12" href="index.php?app=system&ac=plugin&ts=do&apps={$apps}&pname={$item['name']}&isused=0"><i class="bi bi-stop-circle"></i>停用</a>
+    {else}
+    <a class="btn btn-outline-primary btn-sm fs12" href="index.php?app=system&ac=plugin&ts=do&apps={$apps}&pname={$item['name']}&isused=1"><i class="bi bi-play-circle"></i>启用</a>
+    {/if}
+
+{if $item['about']['isedit']=='1' && in_array($item['name'],$app_plugins)}
+    <a class="btn btn-outline-info btn-sm fs12" href="index.php?app={$apps}&ac=plugin&plugin={$item['name']}&in=edit&ts=set"><i class="bi bi-pencil-square"></i>编辑</a>
+    {/if}
+
+    <!--
+<a class="btn btn-outline-secondary btn-sm fs12" onclick="return  confirm('确定删除吗？')" href="index.php?app=system&ac=plugin&ts=delete&apps={$apps}&pname={$item['name']}"><i class="bi bi-trash"></i>删除</a>
+    -->
+
+</td>
+</tr>
+{/loop}
+    </tbody>
+</table>
+
+</div>
+{php include pubTemplate("footer_admin")}

app/system/html/spam.html

@@ -0,0 +1,83 @@
+{php include pubTemplate("header_admin")}
+
+<div class="midder">
+
+<h2>反垃圾设置</h2>
+<p>针对日益猖獗的垃圾广告和垃圾内容，ThinkSAAS成立反垃圾广告和内容联盟，自启用之日起就将和垃圾广告和内容战斗到底。</p>
+
+<table>
+<tr><td width="100"><strong>禁止用户：</strong></td>
+
+<td>
+禁止用户会同时禁止用户登录和禁止用户IP登录
+<br />
+操作方法：<br />
+用户管理->停用
+<br />
+<a href="{SITE_URL}index.php?app=user&ac=admin&mg=user&ts=list">进入用户管理>></a>
+</td>
+
+</tr>
+
+<tr>
+<td><strong>清空用户数据：</strong></td><td>
+
+清空垃圾用户所发的所有垃圾内容
+<br />
+操作方法：<br />
+用户管理->清空数据
+<br />
+<a href="{SITE_URL}index.php?app=user&ac=admin&mg=user&ts=list">进入用户管理>></a>
+</td>
+</tr>
+
+<tr><td><strong>垃圾词过滤：</strong></td><td>
+
+通过开启《敏感词语过滤插件 (wast_word)》来过滤和杜绝垃圾广告和内容
+<br />
+操作方法：<br />
+插件管理->敏感词语过滤插件 (wast_word)->开启
+<br /><a href="{SITE_URL}index.php?app=system&ac=plugin&ts=list&apps=pubs">进入插件管理>></a>  |  <a href="{SITE_URL}index.php?app=system&ac=spam&ts=get">更新云垃圾词库>></a>
+</td></tr>
+
+<tr>
+<td><strong>开启验证码：</strong></td>
+<td>
+通过开启发帖验证码，评论回复验证码来限制垃圾用户创造垃圾内容
+</td>
+</tr>
+
+</table>
+
+<h2>远程提交垃圾词语</h2>
+<p>如果你发现有垃圾词语，请通过下面输入远程提交给ThinkSAAS，我们将建立强大的垃圾词云存储库。</p>
+<table>
+<tr>
+<td width="100">垃圾词：</td><td>
+
+<input id="spamword" type="text" name="word" /> 
+<input type="button" value="提交" onclick="postword();" />
+
+</td>
+</tr>
+</table>
+
+</div>
+<script>var siteUrl = '{SITE_URL}';</script>
+<script src="{SITE_URL}public/js/jquery.min.js" type="text/javascript"></script>
+<script>
+function postword(){
+	var word = $("#spamword").val();
+	if(word==''){
+		alert('垃圾词不能为空！');return false;
+	}else{
+		$.post("http://www.thinksaas.cn/index.php?app=service&ac=spam", { 'word': word},
+		function(rs){			
+			alert('添加成功！感谢您的提供！');
+			$("#spamword").val('');
+			return false;
+		})
+	}
+}
+</script>
+{php include pubTemplate("footer_admin")}

app/system/html/sql.html

@@ -0,0 +1,17 @@
+{php include pubTemplate("header_admin")}
+
+<div class="midder">
+{template menu}
+
+<div class="alert alert-info">
+<p>1、出于对数据库安全的考虑，ThinkSAAS将不直接通过后台对数据库进行任何的操作。</p>
+<p>2、ThinkSAAS推荐你使用 <strong>免费的mysql管理工具</strong> 来管理你的数据库。
+
+    <a class="btn btn-sm btn-success" target="_blank" href="https://www.thinksaas.cn/article/show/3/">点击去查看下载</a>
+
+</p>
+
+</div>
+
+</div>
+{php include pubTemplate("footer_admin")}

app/system/html/test.html

@@ -0,0 +1,31 @@
+{php include pubTemplate("header_admin")}
+
+<div class="midder">
+    {template anti_menu}
+
+    <div>
+        <form method="post" action="index.php?app=system&ac=test&ts=do" enctype="multipart/form-data">
+
+
+            <table class="table">
+                <tr>
+                    <td>选择文件</td>
+                    <td>
+                        <input type="file" name="file">
+                    </td>
+                </tr>
+
+                <tr>
+                    <td></td>
+                    <td><input type="submit" value="提交"></td>
+                </tr>
+
+            </table>
+
+
+        </form>
+    </div>
+
+</div>
+
+{php include pubTemplate("footer_admin")}

app/system/html/update.html

@@ -0,0 +1,28 @@
+{php include pubTemplate("header_admin")}
+<div class="container mt-3">
+<div id="upgrade" class="update">
+
+</div>
+
+</div>
+
+<script>
+//检测是否有升级
+function isupdate(version){
+	$('#upgrade').html('<img src="public/images/loading.gif" />加载中...');
+	$.getJSON("https://www.thinksaas.cn/index.php?app=upcenter&ac=find&version="+version+"&callback=?", function(rs){
+		if(rs){
+			$('#upgrade').html('<h1>哇喔！发现新版本：'+rs.upversion+'</h1><div class="uplog">'+rs.uplog.replace(/\n|\r|(\r\n)|(\u0085)|(\u2028)|(\u2029)/g, "<br />")+'</div><div class="uptime">'+rs.uptime+'</div><div class="alert alert-warning">提示：后台升级只针对用户未做程序改动的ThinkSAAS版本，自行修改过程序的用户谨慎采用此升级方式。升级前请注意备份网站和数据库！</div><div class="mt-3 mb-3"><a id="isauto" class="btn btn-primary" href="index.php?app=system&ac=update&ts=one">点击自动升级</a> <a class="btn btn-primary" href="index.php?app=system&ac=update&ts=hand&upid='+rs.upid+'">我要手动升级</a></div>');
+
+			if(rs.isauto==0){
+			    $("#isauto").hide();
+            }
+
+		}else{
+			$('#upgrade').html('<h1>已经是最新版本</h1><div class="uplog">无需升级</div></div>');
+		}
+	});   
+}
+isupdate("{$TS_CF['info']['version']}");
+</script>
+{php include pubTemplate("footer_admin")}

app/system/html/update_hand.html

@@ -0,0 +1,45 @@
+{php include pubTemplate("header_admin")}
+<!--main-->
+<div class="container mt-3">
+
+
+
+<div class="update">
+<h1>手动升级：检测系统基本权限</h1>
+<div class="uplog"></div>
+
+<div id="upgo" class="upgo mt-3" style="display:none;">
+    <a target="_blank" class="btn btn-primary" href="https://www.thinksaas.cn/service/update/{$upid}/">手动下载升级包</a>
+</div>
+
+<div class="notice alert alert-warning mt-3" style="display:none;">
+
+</div>
+
+<div id="rego" class="upgo mt-3" style="display:none;">
+    <a class="btn btn-outline-primary" href="index.php?app=system&ac=update&ts=hand">刷新权限</a>
+</div>
+
+
+</div>
+
+
+</div>
+
+<script>
+//检测是否有升级
+function iswritable(){
+	$(".uplog").html('<img src="public/images/loading.gif" />权限检测中...')
+    $.get('index.php?app=system&ac=update&ts=iswritable',function(rs){
+        if(rs){
+            $(".uplog").html(rs);
+            $("#rego").show();
+        } else {
+            $(".uplog").html('权限通过！');
+            $("#upgo").show();
+        }
+    })
+}
+iswritable();
+</script>
+{php include pubTemplate("footer_admin")}

app/system/html/update_one.html

@@ -0,0 +1,47 @@
+{php include pubTemplate("header_admin")}
+<!--main-->
+<div class="container mt-3">
+
+
+
+<div class="update">
+<h1>第一步：检测系统基本权限</h1>
+<div class="uplog"></div>
+
+<div id="upgo" class="upgo mt-3" style="display:none;"><a class="btn btn-primary" href="index.php?app=system&ac=update&ts=two">下一步：升级数据库</a></div>
+
+<div class="notice alert alert-warning mt-3" style="display:none;">
+
+</div>
+
+<div id="rego" class="upgo mt-3" style="display:none;">
+    <a class="btn btn-outline-primary" href="index.php?app=system&ac=update&ts=one">刷新权限</a>
+</div>
+
+
+</div>
+
+
+</div>
+
+<script>
+//检测是否有升级
+function iswritable(){
+	$(".uplog").html('<img src="public/images/loading.gif" />权限检测中...')
+
+
+    $.get('index.php?app=system&ac=update&ts=iswritable',function(rs){
+        if(rs){
+            $(".uplog").html(rs);
+            $("#rego").show();
+        } else {
+            $(".uplog").html('权限通过！');
+            $("#upgo").show();
+        }
+    })
+
+
+}
+iswritable();
+</script>
+{php include pubTemplate("footer_admin")}

app/system/html/update_three.html

@@ -0,0 +1,44 @@
+{php include pubTemplate("header_admin")}
+<!--main-->
+<div class="container mt-3">
+
+
+
+<div class="update">
+<h1>第三步：升级系统文件</h1>
+
+<div class="uplog"></div>
+
+
+    <div class="upgo mt-3" style="display:none;">
+        <a class="btn btn-outline-primary" href="index.php?app=system&ac=update&ts=three">刷新重试</a>
+    </div>
+
+
+</div>
+
+
+</div>
+
+<script>
+//检测是否有升级
+function upfile(version){
+	$(".uplog").html('<img src="public/images/loading.gif" />升级进行中，时间可能有点长，请不要刷新或者关闭当前页面')
+	$.getJSON("https://www.thinksaas.cn/index.php?app=upcenter&ac=find&version="+version+"&callback=?", function(rs){
+		if(rs){
+			$.getJSON('index.php?app=system&ac=update&ts=threedo',{'upversion':rs.upversion},function(rss){
+				if(rss.status==0){
+					$(".uplog").html(rss.msg);
+
+					$(".upgo").show();
+
+				}else{
+                    $(".uplog").html(rss.msg);
+                }
+			})
+		}
+	});   
+}
+upfile("{$TS_CF['info']['version']}");
+</script>
+{php include pubTemplate("footer_admin")}

app/system/html/update_two.html

@@ -0,0 +1,42 @@
+{php include pubTemplate("header_admin")}
+<!--main-->
+<div class="container mt-3">
+
+
+
+<div class="update">
+<h1>第二步：升级数据库</h1>
+
+<div class="uplog" id="notice"></div>
+
+<div class="upgo mt-3" style="display:none;">
+<a class="btn btn-primary" href="index.php?app=system&ac=update&ts=three">下一步：升级系统文件</a>
+</div>
+
+</div>
+
+
+</div>
+
+<script>
+//检测是否有升级
+function upsql(version){
+	$('#upgrade').html('<img src="public/images/loading.gif" />');
+	$.getJSON("https://www.thinksaas.cn/index.php?app=upcenter&ac=find&version="+version+"&callback=?", function(rs){
+		if(rs){
+
+			$.post('index.php?app=system&ac=update&ts=twodo',{'upsql':rs.upsql},function(rss){
+				if(rss=='1'){
+					$("#notice").html("数据库升级完成，点击进入下一步。");
+					$(".upgo").show();
+				}else if(rss=='0'){
+					$("#notice").html("数据库无需升级，点击进入下一步。");
+					$(".upgo").show();
+				}
+			})
+		}
+	});   
+}
+upsql('{$TS_CF[info][version]}');
+</script>
+{php include pubTemplate("footer_admin")}

app/system/skin/style.css

@@ -0,0 +1,79 @@
+/**框架CSS**/
+body{ margin:0; padding:0; font-family:Verdana, sans-serif, 宋体;font-size:14px;color:#555555;background:#FFFFFF;}
+
+
+
+.c9{color:#999999;}
+
+.fs12{font-size: 12px;}
+.fs14{font-size: 14px;}
+.fs16{font-size: 16px;}
+
+
+
+/*导航*/
+.tabnav {
+    padding:15px 0px 15px 0px;
+    overflow:hidden;
+    margin-bottom:20px;
+    position: fixed;
+    width: 100%;
+    background: #FFFFFF;
+    z-index:100000;
+    
+}
+
+.tabnav h6{
+    margin-bottom: 15px;
+    font-weight: bold;
+}
+
+.tabnav ul {
+    list-style: none;
+    margin:0;
+    padding:0;
+    width: 100%;
+    overflow: hidden;
+    border-bottom:1px solid #3A81C0;
+}
+.tabnav ul li {
+    list-style: none;
+    border:solid 1px #3A81C0;
+    float:left;
+    margin-right:5px;
+    padding:0px 10px;
+    height:30px;
+    line-height: 30px;
+    font-size:14px;
+    border-bottom:none;
+}
+
+.tabnav a {color: #3A81C0;}
+
+.tabnav .select {
+background:#3A81C0;
+}
+.tabnav .select a {
+color:#FFFFFF;
+font-weight:bold;
+}
+
+
+/*中部*/
+.midder{margin:0 auto;padding:0px 10px 10px 10px;overflow:hidden;background:#FFFFFF;}
+
+
+
+/*theme*/
+.theme{overflow:hidden;}
+.theme ul{overflow:hidden;}
+.theme ul li{height:120px;float:left;padding:5px;overflow:hidden;}
+
+
+/**/
+.update{float:left;width:100%;}
+.update h1{font-size:18px;}
+.update .uptitle{font-weight: bold;}
+.update .uplog{font-size:14px;background:#F8F8F8;padding:20px;border:solid 1px #EEEEEE;border-radius: 4px 4px 4px 4px;}
+.update .uptime{padding:10px;font-size: 12px;}
+

app/system/skins/default/style.css

@@ -0,0 +1,62 @@
+/**框架CSS**/
+body{ margin:0; padding:0; font-family:Verdana, sans-serif, 宋体;font-size:14px;color:#555555;background:#FFFFFF;}
+
+
+
+.c9{color:#999999;}
+
+.fs12{font-size: 12px;}
+
+
+
+/*导航*/
+.tabnav {
+padding:0px;
+overflow:hidden;
+border-bottom:1px solid #3A81C0;
+margin-bottom:20px;
+}
+.tabnav ul {
+    list-style: none;
+margin:0;
+padding:0;
+}
+.tabnav ul li {
+    list-style: none;
+border:solid 1px #3A81C0;
+float:left;
+margin-right:5px;
+padding:5px 10px;
+font-size:14px;
+border-bottom:none;
+}
+
+.tabnav a {color: #3A81C0;}
+
+.tabnav .select {
+background:#3A81C0;
+}
+.tabnav .select a {
+color:#FFFFFF;
+font-weight:bold;
+}
+
+
+/*中部*/
+.midder{margin:0 auto;padding:10px;overflow:hidden;background:#FFFFFF;}
+
+
+
+/*theme*/
+.theme{overflow:hidden;}
+.theme ul{overflow:hidden;}
+.theme ul li{height:120px;float:left;padding:5px;overflow:hidden;}
+
+
+/**/
+.update{float:left;width:100%;}
+.update h1{font-size:18px;}
+.update .uptitle{font-weight: bold;}
+.update .uplog{font-size:14px;background:#F8F8F8;padding:20px;border:solid 1px #EEEEEE;border-radius: 4px 4px 4px 4px;}
+.update .uptime{padding:10px;font-size: 12px;}
+