删除多余文件，删除有安全隐患的方法

crmeb/.version

@@ -1,2 +1,2 @@
-version=CRMEB-DT v3.2.7
+version=CRMEB-DTKY v3.2.7
 version_code=134

crmeb/app/admin/controller/system/SystemUpgradeclient.php

@@ -69,24 +69,6 @@ class SystemUpgradeclient extends AuthController
         Json::successful('ok', ['list' => $list, 'page' => input('post.page/d') + 1]);
     }
 
-    //删除备份文件
-    public function setcopydel()
-    {
-        $post = input('post.');
-        if (!isset($post['id'])) Json::fail('删除备份文件失败，缺少参数ID');
-        if (!isset($post['ids'])) Json::fail('删除备份文件失败，缺少参数IDS');
-        $fileservice = new uService;
-        if (is_array($post['ids'])) {
-            foreach ($post['ids'] as $file) {
-                $fileservice->del_dir(app()->getRootPath() . 'public' . DS . 'copyfile' . $file);
-            }
-        }
-        if ($post['id']) {
-            $copyFile = app()->getRootPath() . 'public' . DS . 'copyfile' . $post['id'];
-            $fileservice->del_dir($copyFile);
-        }
-        Json::successful('删除成功');
-    }
 
     public function get_new_version_conte()
     {
@@ -99,113 +81,4 @@ class SystemUpgradeclient extends AuthController
             return Json::fail('服务器异常');
         }
     }
-
-    //一键升级
-    public function auto_upgrad()
-    {
-        $prefix = config('database.prefix');
-        $fileservice = new uService;
-        $post = $this->request->post();
-        if (!isset($post['id'])) Json::fail('缺少参数ID');
-        $versionInfo = $fileservice->request_post(uService::$isNowVersion, ['id' => $post['id']]);
-        if ($versionInfo === null) Json::fail('服务器异常，请稍后再试');
-        if (isset($versionInfo['code']) && $versionInfo['code'] == 400) Json::fail(isset($versionInfo['msg']) ? $versionInfo['msg'] : '您暂时没有权限升级，请联系管理员！');
-        if (is_array($versionInfo) && isset($versionInfo['data'])) {
-            $list = $versionInfo['data'];
-            $id = [];
-            foreach ($list as $key => $val) {
-                $savefile = app()->getRootPath() . 'public' . DS . 'upgrade_lv';
-                //1，检查远程下载文件，并下载
-                if (($save_path = $fileservice->check_remote_file_exists($val['zip_name'], $savefile)) === false) Json::fail('远程升级包不存在');
-                //2，首先解压文件
-                $savename = app()->getRootPath() . 'public' . DS . 'upgrade_lv' . DS . time();
-                $fileservice->zipopen($save_path, $savename);
-                //3，执行SQL文件
-                Db::startTrans();
-                try {
-                    //参数3不介意大小写的
-                    $sqlfile = $fileservice->list_dir_info($savename . DS, true, 'sql');
-                    if (is_array($sqlfile) && !empty($sqlfile)) {
-                        foreach ($sqlfile as $file) {
-                            if (file_exists($file)) {
-                                //为一键安装做工作记得表前缀要改为[#DB_PREFIX#]哦
-                                $execute_sql = explode(";\r", str_replace(['[#DB_PREFIX#]', "\n"], [$prefix, "\r"], file_get_contents($file)));
-                                foreach ($execute_sql as $_sql) {
-                                    if ($query_string = trim(str_replace(array(
-                                        "\r",
-                                        "\n",
-                                        "\t"
-                                    ), '', $_sql))) Db::execute($query_string);
-                                }
-                                //执行完sql记得删掉哦
-                                $fileservice->unlink_file($file);
-                            }
-                        }
-                    }
-                    Db::commit();
-                } catch (\Exception $e) {
-                    Db::rollback();
-                    //删除解压下的文件
-                    $fileservice->del_dir(app()->getRootPath() . 'public' . DS . 'upgrade_lv');
-                    //删除压缩包
-                    $fileservice->unlink_file($save_path);
-                    //升级失败发送错误信息
-                    $fileservice->request_post(uService::$isInsertLog, [
-                        'content' => '升级失败，错误信息为:' . $e->getMessage(),
-                        'add_time' => time(),
-                        'ip' => $this->request->ip(),
-                        'http' => $this->request->domain(),
-                        'type' => 'error',
-                        'version' => $val['version']
-                    ]);
-                    return Json::fail('升级失败SQL文件执行有误');
-                }
-                //4,备份文件
-                $copyFile = app()->getRootPath() . 'public' . DS . 'copyfile' . $val['id'];
-                $copyList = $fileservice->get_dirs($savename . DS);
-                if (isset($copyList['dir'])) {
-                    if ($copyList['dir'][0] == '.' && $copyList['dir'][1] == '..') {
-                        array_shift($copyList['dir']);
-                        array_shift($copyList['dir']);
-                    }
-                    foreach ($copyList['dir'] as $dir) {
-                        if (file_exists(app()->getRootPath() . $dir, $copyFile . DS . $dir)) {
-                            $fileservice->copy_dir(app()->getRootPath() . $dir, $copyFile . DS . $dir);
-                        }
-                    }
-                }
-                //5，覆盖文件
-                $fileservice->handle_dir($savename, app()->getRootPath());
-                //6,删除升级生成的目录
-                $fileservice->del_dir(app()->getRootPath() . 'public' . DS . 'upgrade_lv');
-                //7,删除压缩包
-                $fileservice->unlink_file($save_path);
-                //8,改写本地升级文件
-                $handle = fopen(app()->getRootPath() . '.version', 'w+');
-                if ($handle === false) Json::fail(app()->getRootPath() . '.version' . '无法写入打开');
-                $content = <<<EOT
-version={$val['version']}
-version_code={$val['id']}
-EOT;
-                if (fwrite($handle, $content) === false) Json::fail('升级包写入失败');
-                fclose($handle);
-                //9,向服务端发送升级日志
-                $posts = [
-                    'ip' => $this->request->ip(),
-                    'https' => $this->request->domain(),
-                    'update_time' => time(),
-                    'content' => '一键升级成功，升级版本号为：' . $val['version'] . '。版本code为：' . $val['id'],
-                    'type' => 'log',
-                    'versionbefor' => $this->serverweb['version'],
-                    'versionend' => $val['version']
-                ];
-                $inset = $fileservice->request_post(uService::$isInsertLog, $posts);
-                $id[] = $val['id'];
-            }
-            //10,升级完成
-            Json::successful('升级成功', ['code' => end($id), 'version' => $val['version']]);
-        } else {
-            Json::fail('服务器异常，请稍后再试');
-        }
-    }
 }

crmeb/update.sql

@@ -1,37 +0,0 @@
-UPDATE `eb_system_menus` SET `controller` = 'setting.system_droup_data' WHERE `controller` = 'setting.systemGroupData';
-
-TRUNCATE `eb_routine_template`;
-
-INSERT INTO `eb_routine_template` (`id`, `tempkey`, `name`, `content`, `tempid`, `add_time`, `status`) VALUES
-(1, '1128', '订单配送通知', '商品信息{{thing8.DATA}}\n订单编号{{character_string1.DATA}}\n配送人{{name4.DATA}}\n配送员电话{{phone_number10.DATA}}', '4wN7p3nF1IPiPNIPZnoOY3nZlrVP3dzM-Km0OLcpW48', '1575364233', 1),
-(2, '1470', '提现结果通知', '提现状态{{thing1.DATA}}\n提现金额{{amount2.DATA}}\n提现账号{{thing3.DATA}}\n提现时间{{date4.DATA}}', 'xtBEkHdxyFSIQfiNe_CRga2mrmQizfArgSk7zC3hnbs', '1575364292', 1),
-(3, '1481', '收货结果通知', '订单类型{{thing1.DATA}}\n订单商品{{thing2.DATA}}\n收货时间{{date5.DATA}}', 'AVmUHvKandN9a9ms_-5QsP9_PAzDoJ_VBB0vqQI1Eo0', '1575364327', 1),
-(4, '1134', '订单取消通知', '取消原因{{thing1.DATA}}\n订单号{{number7.DATA}}\n取消时间{{date2.DATA}}\n订单类型{{thing5.DATA}}', 'xBilsNHAH527HBqrMgNoIA_biTfQ7A_bCbMxMx1uMM0', '1575364399', 1),
-(5, '1458', '发货通知', '快递单号{{character_string2.DATA}}\n快递公司{{thing1.DATA}}\n发货时间{{time3.DATA}}\n订单商品{{thing5.DATA}}', 'vBrJgvoj4CgBOUIVQcRfsUkYun4orcllCfQ11SSs4wk', '1575364437', 1),
-(6, '3098', '拼团成功通知', '活动名称{{thing1.DATA}}\n团长{{name3.DATA}}\n开团时间{{date5.DATA}}\n成团人数{{number2.DATA}}', 'V9fd7ssFZr5_twdgf--RfAExR4N08zU9Hk9auWDAI8g', '1575364508', 1),
-(7, '2727', '砍价成功通知', '商品名称{{thing1.DATA}}\n底价{{amount2.DATA}}\n备注{{thing3.DATA}}', 'ehNGy-NRBJIENTdlwT8nBddGW2B4dPo6eKv3x1H6fOg', '1575364579', 1),
-(8, '3116', ' 核销成功通知', '商品名称{{thing2.DATA}}\n订单号{{character_string3.DATA}}\n核销时间{{time4.DATA}}', '5wiR0TK43wguWdGzexocKvn9-nhELiJtoBKeqptsf84', '1575364738', 1),
-(9, '1476', ' 新订单提醒', '订单商品{{thing2.DATA}}\n订单金额{{amount3.DATA}}\n订单编号{{character_string4.DATA}}\n订单时间{{date6.DATA}}\n订单类型{{thing1.DATA}}', 'F7ju2FdKqFQ8rXXzkB34HSYKa5_kOzJrpF9EZQc1pJ8', '1575364792', 1),
-(10, '1451', ' 退款通知', '退款状态{{thing1.DATA}}\n退款商品{{thing2.DATA}}\n退款金额{{amount3.DATA}}\n退款单号{{character_string6.DATA}}', 'aqp6PzdU9vCUOUCHsuGFWvkZgp_cGQ_RKW7XCe9118I', '1575364895', 1),
-(11, '755', ' 充值成功通知', '交易单号{{character_string1.DATA}}\n充值金额{{amount3.DATA}}\n账户余额{{amount4.DATA}}\n充值时间{{date5.DATA}}', '_0KAysps9Yj0SM3nacaF_9xw77w1NQYjOpnl4TQAp7k', '1575365017', 1),
-(12, '1927', '付款成功通知', '付款单号{{character_string1.DATA}}\n付款金额{{amount2.DATA}}\n付款时间{{date3.DATA}}', 'jY2vT0Fge2srW9Izc-3wEE6WII-FQBvEi2J_duiAAck', '1575365111', 1),
-(13, '1468', '申请退款通知', '订单编号{{character_string4.DATA}}\n申请时间{{date5.DATA}}\n订单金额{{amount2.DATA}}\n退款状态{{phrase7.DATA}}\n备注{{thing8.DATA}}', 'NOfT3qoOS3hkSzwt2LJg_LnU0NBzwSHXkSwKdx6QDwc', '1575440940', 1),
-(14, '335', '积分到账提醒', '订单编号{{character_string2.DATA}}\n商品名称{{thing3.DATA}}\n支付金额{{amount4.DATA}}\n获得积分{{number5.DATA}}\n累计积分{{number6.DATA}}', 'TtdbifwMN-6D3hNld8jTc97A8Ohlqg4FtgmIgB28JPc', '1575516565', 1),
-(15, '3353', '拼团状态通知', '商品名称{{thing2.DATA}}\n拼团人数{{thing1.DATA}}\n备注{{thing3.DATA}}', 'LkYDDYO-HQKT7NydGjrN7AJ1OUCf3mgZf3otVruhxOo', '1575516605', 1);
-
-ALTER TABLE `eb_cache` ADD `expire_time` INT NOT NULL DEFAULT '0' COMMENT '失效时间0=永久' AFTER `result`;
-ALTER TABLE `eb_cache` ADD INDEX(`key`);
-
-UPDATE `eb_system_config` SET `desc` = '人人分销默认每个人都可以分销，指定人分销后台指定人开启分销' WHERE `menu_name` = 'store_brokerage_statu';
-
-INSERT INTO `eb_system_config`(`menu_name`, `type`, `input_type`, `config_tab_id`, `parameter`, `upload_type`, `required`, `width`, `high`, `value`, `info`, `desc`, `sort`, `status`) VALUES ('new_goods_bananr', 'upload', NULL, 5, NULL, 1, NULL, NULL, NULL, '', '首发新品广告图（414*99）', '首发新品广告图', 0, 1);
-ALTER TABLE `eb_user_token` CHANGE `token` `token` VARCHAR(500) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL COMMENT 'token';
-ALTER TABLE `eb_system_config_tab` ADD `pid` INT(10) NULL DEFAULT '0' COMMENT '父级ID' AFTER `id`;