website/application/admin/controller/Weapp.php

<?php
/**
 * 易优CMS
 * ============================================================================
 * 版权所有 2016-2028 海南赞赞网络科技有限公司，并保留所有权利。
 * 网站地址: http://www.eyoucms.com
 * ----------------------------------------------------------------------------
 * 如果商业用途务必到官方购买正版授权, 以免引起不必要的法律纠纷.
 * ============================================================================
 * Author: 小虎哥 <1105415366@qq.com>
 * Date: 2018-4-3
 */

namespace app\admin\controller;

use think\Page;
use think\Db;
use app\admin\logic\WeappLogic;
use app\user\model\Pay as PayModel;

/**
 * 插件控制器
 */
class Weapp extends Base
{
    public $weappM;
    public $weappLogic;
    public $plugins = array();
    public $admin_info = array();
    public $service_ey = '';

    /*
     * 前置操作
     */
    protected $beforeActionList = array(
        'init'
    );


    /*
     * 初始化操作
     */
    public function _initialize()
    {
        parent::_initialize();

        $web_weapp_switch = tpCache('web.web_weapp_switch');
        if (1 != $web_weapp_switch) {
            $this->error('插件功能没有开启！');
        }

        $this->weappM     = model('Weapp');
        $this->weappLogic = new WeappLogic();
        //  更新插件
        $this->weappLogic->insertWeapp();

        // 管理员信息
        $this->admin_info = session('admin_info');

        $this->service_ey = base64_decode(config('service_ey'));
    }

    public function init()
    {
        /*权限控制 by 小虎哥*/
        if (0 < intval(session('admin_info.role_id'))) {
            $auth_role_info = session('admin_info.auth_role_info');
            if (!empty($auth_role_info)) {
                if (!empty($auth_role_info['permission']['plugins'])) {
                    foreach ($auth_role_info['permission']['plugins'] as $plugins) {
                        if (isset($plugins['code'])) {
                            $this->plugins[] = $plugins['code'];
                        }
                    }
                }
            }
        }
        /*--end*/
    }

    /*
     * 插件列表
     */
    public function index()
    {
        /*云部分*/
        // Db::name('weapp')->where('is_buy',1)->delete();
        // $post_data = ['domain'=>$this->request->host(true)];
        // $url       = 'https://www.eyoucms.com/user/ajax_memberplugin.php?action=myplugin';
        // $response  = httpRequest2($url, 'POST', $post_data);
        // $params    = json_decode($response, true);
        // if (!empty($params['code']) && 1 == $params['code']) {
        //     //云购买插件写入数据库
        //     $local_weapp = Db::name('weapp')->getAllWithIndex('code');
        //     foreach ($params['plugin'] as $key => $val) {
        //         if (empty($local_weapp[$val['weapp_code']])) {
        //             if (preg_match('/^\d+\.\d+\.\d+([0-9\.]*)$/', $val['version'])) {
        //                 $val['version'] = 'v'.$val['version'];
        //             }
        //             $config = [
        //                 'code' => $val['weapp_code'], // 插件标识
        //                 'name' => $val['pname'], // 插件名称
        //                 'version' => $val['version'],
        //                 'min_version' => $val['min_version'], // CMS最低版本支持
        //                 'author' => '匿名', // 开发者
        //                 'litpic'    => $val['litpic'],
        //                 'description' => $val['description'],
        //                 'scene' => '0',  // 使用场景 0 PC+手机 1 手机 2 PC
        //                 'permission' => array(),
        //             ];
        //             $saveData[] = [
        //                 'code'      => $val['weapp_code'],
        //                 'name'      => $val['pname'],
        //                 'config'    => json_encode($config),
        //                 'is_buy'    => 1,
        //                 'add_time'  => getTime(),
        //                 'update_time'  => getTime(),
        //             ];
        //         }
        //     }
        //     model('Weapp')->saveAll($saveData);
        // }
        /*云部分*/
        $assign_data = array();
        $condition   = array();
        // 获取到所有GET参数
        $get = input('get.');

        // 应用搜索条件
        foreach (['keywords'] as $key) {
            if (isset($get[$key]) && $get[$key] !== '') {
                if ($key == 'keywords') {
                    $condition['a.name|code'] = array('LIKE', "%{$get[$key]}%");
                } else {
                    $condition['a.' . $key] = array('eq', $get[$key]);
                }
            }
        }

        /*权限控制 by 小虎哥*/
        if (!empty($this->plugins)) {
            $condition['a.code'] = array('in', $this->plugins);
        }
        /*--end*/
        $condition['a.is_buy'] =['=',0];
        $weappArr = array(); // 插件标识数组

        /**
         * 数据查询，搜索出主键ID的值
         */
        $count = DB::name('weapp')->alias('a')->where($condition)->count();// 查询满足要求的总记录数
        $Page  = new Page($count, config('paginate.list_rows'));// 实例化分页类 传入总记录数和每页显示的记录数
        $list  = DB::name('weapp')
            ->field('a.*')
            ->alias('a')
            ->where($condition)
            ->order('a.sort_order asc, a.id desc')
            ->limit($Page->firstRow . ',' . $Page->listRows)
            ->getAllWithIndex('id');
        foreach ($list as $key => $val) {
            if ($val['is_buy'] == 0) {
                $config                = include WEAPP_PATH . $val['code'] . DS . 'config.php';
                $config['description'] = filter_line_return($config['description'], '<br/>');
                $val['version']        = getWeappVersion($val['code']);
            }else if ($val['is_buy'] == 1){
                $config = json_decode($val['config'],true);
            }
            $config['litpic']      = !empty($config['litpic']) ? get_default_pic($config['litpic']) : get_default_pic();
            $val['config']         = $config;

            switch ($val['status']) {
                case '-1':
                    $status_text = '禁用';
                    break;

                case '1':
                    $status_text = '启用';
                    break;

                default:
                    $status_text = '未安装';
                    break;
            }
            $val['status_text'] = $status_text;

            $list[$key] = $val;

            /*插件标识数组*/
            $weappArr[$val['code']] = array(
                'code'    => $val['code'],
                'version' => $val['version'],
            );
            /*--end*/
        }
        $show                 = $Page->show(); // 分页显示输出
        $assign_data['page']  = $show; // 赋值分页输出
        $assign_data['list']  = $list; // 赋值数据集
        $assign_data['pager'] = $Page; // 赋值分页对象

        /*检测更新*/
        $weapp_upgrade = array();
        if (!empty($weappArr)) {
            // 标识
            $codeArr = get_arr_column($weappArr, 'code');
            $codeStr = implode(',', $codeArr);
            // 版本号
            $versionArr = get_arr_column($weappArr, 'version');
            $versionStr = implode(',', $versionArr);
            // URL参数
            $vaules        = array(
                'domain' => request()->host(true),
                'code'   => $codeStr,
                'v'      => $versionStr,
            );
            $tmp_str       = 'L2luZGV4LnBocD9tPWFwaSZjPVdlYXBwJmE9Y2hlY2tCYXRjaFZlcnNpb24m';
            $service_url   = base64_decode(config('service_ey')) . base64_decode($tmp_str);
            $url           = $service_url . http_build_query($vaules);
            $context       = stream_context_set_default(array('http' => array('timeout' => 3, 'method' => 'GET')));
            $response      = @file_get_contents($url, false, $context);
            $batch_upgrade = json_decode($response, true);

            if (is_array($batch_upgrade) && !empty($batch_upgrade)) {
                $weapp_upgrade = $this->weappLogic->checkBatchVersion($batch_upgrade); //升级包消息 
            }
        }
        $assign_data['weapp_upgrade'] = $weapp_upgrade;
        /*--end*/

        $assign_data['weapp_plugin_open'] = tpCache('php.php_weapp_plugin_open');

        $this->assign($assign_data);
        return $this->fetch();
    }

    /*
     * 已购买插件列表
     */
    public function mybuy()
    {
        /*云部分*/
        Db::name('weapp')->where('is_buy',1)->delete();
        $post_data = ['domain'=>$this->request->host(true)];
        $url       = 'https://www.eyoucms.com/user/ajax_memberplugin.php?action=myplugin';
        $response  = httpRequest2($url, 'POST', $post_data);
        $params    = json_decode($response, true);
        if (empty($params['code'])) {
            $msg = !empty($params['msg']) ? $params['msg'] : '连接远程插件接口失败！';
            $this->error($msg);
        }

        if (!empty($params['code']) && 1 == $params['code']) {
            //云购买插件写入数据库
            $local_weapp = Db::name('weapp')->getAllWithIndex('code');
            foreach ($params['plugin'] as $key => $val) {
                if (empty($local_weapp[$val['weapp_code']])) {
                    if (preg_match('/^\d+\.\d+\.\d+([0-9\.]*)$/', $val['version'])) {
                        $val['version'] = 'v'.$val['version'];
                    }
                    $config = [
                        'code' => $val['weapp_code'], // 插件标识
                        'name' => $val['pname'], // 插件名称
                        'version' => $val['version'],
                        'min_version' => $val['min_version'], // CMS最低版本支持
                        'author' => '匿名', // 开发者
                        'litpic'    => $val['litpic'],
                        'description' => $val['description'],
                        'scene' => '0',  // 使用场景 0 PC+手机 1 手机 2 PC
                        'permission' => array(),
                    ];
                    $saveData[] = [
                        'code'      => $val['weapp_code'],
                        'name'      => $val['pname'],
                        'config'    => json_encode($config),
                        'is_buy'    => 1,
                        'add_time'  => getTime(),
                        'update_time'  => getTime(),
                    ];
                }
            }
            model('Weapp')->saveAll($saveData);
        }
        /*云部分*/

        $assign_data = array();
        $condition   = array();
        // 获取到所有GET参数
        $get = input('get.');

        // 应用搜索条件
        foreach (['keywords'] as $key) {
            if (isset($get[$key]) && $get[$key] !== '') {
                if ($key == 'keywords') {
                    $condition['a.name|code'] = array('LIKE', "%{$get[$key]}%");
                } else {
                    $condition['a.' . $key] = array('eq', $get[$key]);
                }
            }
        }

        $codeList = [];
        if (!empty($params['plugin']) && is_array($params['plugin'])) {
            $codeList = get_arr_column($params['plugin'], 'weapp_code');
        }
        /*权限控制 by 小虎哥*/
        if (!empty($this->plugins)) {
            $codeList = array_merge($codeList, $this->plugins);
        }
        /*--end*/
        $condition['a.code'] = array('in', $codeList);
        $condition['a.is_buy'] = array('<', 2);

        $weappArr = array(); // 插件标识数组

        /**
         * 数据查询，搜索出主键ID的值
         */
        $count = DB::name('weapp')->alias('a')->where($condition)->count();// 查询满足要求的总记录数
        $Page  = new Page($count, config('paginate.list_rows'));// 实例化分页类 传入总记录数和每页显示的记录数
        $list  = DB::name('weapp')
            ->field('a.*')
            ->alias('a')
            ->where($condition)
            ->order('a.sort_order asc, a.id desc')
            ->limit($Page->firstRow . ',' . $Page->listRows)
            ->getAllWithIndex('id');
        foreach ($list as $key => $val) {
            if ($val['is_buy'] == 0) {
                $config                = include WEAPP_PATH . $val['code'] . DS . 'config.php';
                $config['description'] = filter_line_return($config['description'], '<br/>');
                $val['version']        = getWeappVersion($val['code']);
            }else if ($val['is_buy'] == 1){
                $config = json_decode($val['config'],true);
            }
            $config['litpic']      = !empty($config['litpic']) ? get_default_pic($config['litpic']) : get_default_pic();
            $val['config']         = $config;

            switch ($val['status']) {
                case '-1':
                    $status_text = '禁用';
                    break;

                case '1':
                    $status_text = '启用';
                    break;

                default:
                    $status_text = '未安装';
                    break;
            }
            $val['status_text'] = $status_text;

            $list[$key] = $val;

            /*插件标识数组*/
            $weappArr[$val['code']] = array(
                'code'    => $val['code'],
                'version' => $val['version'],
            );
            /*--end*/
        }
        $show                 = $Page->show(); // 分页显示输出
        $assign_data['page']  = $show; // 赋值分页输出
        $assign_data['list']  = $list; // 赋值数据集
        $assign_data['pager'] = $Page; // 赋值分页对象

        $assign_data['weapp_plugin_open'] = tpCache('php.php_weapp_plugin_open');

        $this->assign($assign_data);
        return $this->fetch();
    }

    /**
     *  执行插件控制器
     *  控制模块  参数m
     *  控制器名  参数c来确定
     *  控制器里-操作名  参数a
     *  http://网站域名/login.php/weapp/execute?m=login&c=Qq&a=callback
     */
    public function execute($sm = '', $sc = '', $sa = '')
    {
        if (!IS_AJAX) {
            $msg = $this->weappLogic->checkInstall();
            if ($msg !== true) {
                $this->error($msg, url('Weapp/index'));
            }
        }
        $sm = request()->param('sm');
        $sc = request()->param('sc');
        $sa = request()->param('sa');

        /*插件转为内置*/
        if ('Smtpmail' == $sm) {
            $this->success('该插件已迁移，前往中…', url('System/smtp'));
        }
        /*--end*/

        $controllerName = !empty($sc) ? $sc : $sm;
        $actionName     = !empty($sa) ? $sa : "index";
        $class_path     = "\\" . WEAPP_DIR_NAME . "\\" . $sm . "\\controller\\" . $controllerName;
        $controller     = new $class_path();
        $result         = $controller->$actionName();
        return $result;
    }

    /**
     * 安装插件
     */
    public function install($id)
    {
        $row           = M('Weapp')->field('name,code,thorough,config')->find($id);
        $row['config'] = json_decode($row['config'], true);
        $class         = get_weapp_class($row['code']);
        if (!class_exists($class)) {
            $this->error('插件不存在！');
        }
        $weapp = new $class;
        if (!$weapp->checkConfig()) {//检测信息的正确性
            $this->error('插件config配置参数不全！');
        }
        $cms_version = getCmsVersion();
        $min_version = $row['config']['min_version'];
        if ($cms_version < $min_version) {
            $this->error('当前CMS版本太低，该插件要求CMS版本 >= ' . $min_version . '，请升级系统！');
        }
        /*插件安装的前置操作（可无）*/
        $this->beforeInstall($weapp);
        /*--end*/

        if (true) {
            /*插件sql文件*/
            $sqlfile = WEAPP_DIR_NAME . DS . $row['code'] . DS . 'data' . DS . 'install.sql';
            if (empty($row['thorough']) && file_exists($sqlfile)) {
                $execute_sql = file_get_contents($sqlfile);
                $sqlFormat   = $this->sql_split($execute_sql, PREFIX, $row['code']);
                /**
                 * 执行SQL语句
                 */
                $counts = count($sqlFormat);

                for ($i = 0; $i < $counts; $i++) {
                    $sql = trim($sqlFormat[$i]);

                    if (strstr($sql, 'CREATE TABLE')) {
                        Db::execute($sql);
                    } else {
                        if (trim($sql) == '')
                            continue;
                        Db::execute($sql);
                    }
                }
            }
            /*--end*/
            $r = M('weapp')->where('id', $id)->update(array('thorough' => 1, 'status' => 1, 'add_time' => getTime()));
            if ($r) {
                cache('hooks', null);
                cache("hookexec_" . $row['code'], null);
                \think\Cache::clear('hooks');
                /*插件安装的后置操作（可无）*/
                $this->afterInstall($weapp);
                /*--end*/
                adminLog('安装插件：' . $row['name']);
                $this->success('安装成功', url('Weapp/index'));
                exit;
            }
        }

        $this->error('安装失败');
    }

    /**
     * 卸载插件
     */
    public function uninstall()
    {
        $id       = input('param.id/d', 0);
        $thorough = input('param.thorough/d', 0);
        $row      = M('Weapp')->field('name,code')->find($id);
        $class    = get_weapp_class($row['code']);
        if (!class_exists($class)) {
            $this->error('插件不存在！');
        }
        $weapp = new $class;

        // 插件卸载的前置操作（可无）
        $this->beforeUninstall($weapp);
        /*--end*/

        if (true) {
            $is_uninstall = false;
            if (1 == $thorough) {
                $r = M('weapp')->where('id', $id)->update(array('thorough' => $thorough, 'status' => 0, 'add_time' => getTime()));
            } else if (0 == $thorough) {
                $r = M('weapp')->where('id', $id)->update(array('thorough' => $thorough, 'status' => 0, 'update_time' => getTime()));
                $r && $is_uninstall = true;
            }
            if (false !== $r) {
                /*插件sql文件，不执行删除插件数据表*/
                $sqlfile = WEAPP_DIR_NAME . DS . $row['code'] . DS . 'data' . DS . 'uninstall.sql';
                if (empty($thorough) && file_exists($sqlfile)) {
                    $execute_sql = file_get_contents($sqlfile);
                    $sqlFormat   = $this->sql_split($execute_sql, PREFIX, $row['code']);
                    /**
                     * 执行SQL语句
                     */
                    $counts = count($sqlFormat);

                    for ($i = 0; $i < $counts; $i++) {
                        $sql = trim($sqlFormat[$i]);

                        if (strstr($sql, 'CREATE TABLE')) {
                            Db::execute($sql);
                        } else {
                            if (trim($sql) == '')
                                continue;
                            Db::execute($sql);
                        }
                    }
                }
                /*--end*/

                cache('hooks', null);
                cache("hookexec_" . $row['code'], null);
                \think\Cache::clear('hooks');
                /*插件卸载的后置操作（可无）*/
                $this->afterUninstall($weapp);
                /*--end*/

                // 删除插件相关文件
                if ($is_uninstall) {
                    $rdel = M('weapp')->where('id', $id)->delete();
                    $this->unlinkcode($row['code']);
                }

                adminLog('卸载插件：' . $row['name']);
                $this->success('卸载成功', url('Weapp/index'));
                exit;
            }
        }

        $this->error('卸载失败');
    }

    /**
     * 启用插件
     */
    public function enable($id = 0)
    {
        if (0 < $id) {
            $row   = M('weapp')->field('code')->find($id);
            $class = get_weapp_class($row['code']);
            if (!class_exists($class)) {
                $this->error('插件不存在！');
            }
            $weapp = new $class;
            /*插件启用的前置操作（可无）*/
            $this->beforeEnable($weapp);
            /*--end*/
            $r = M('weapp')->where('id', $id)->update(array('status' => 1, 'update_time' => getTime()));
            if ($r) {
                /*插件启用的后置操作（可无）*/
                $this->afterEnable($weapp);
                /*--end*/
                cache("hookexec_" . $row['code'], null);
                cache('hooks', null);
                \think\Cache::clear('hooks');
                $this->success('操作成功！', url('Weapp/index'));
                exit;
            }
        }
        $this->error('操作失败！');
        exit;
    }

    /**
     * 禁用插件
     */
    public function disable($id = 0)
    {
        if (0 < $id) {
            $row   = M('weapp')->field('code')->find($id);
            $class = get_weapp_class($row['code']);
            if (!class_exists($class)) {
                $this->error('插件不存在！');
            }
            $weapp = new $class;
            /*插件禁用的前置操作（可无）*/
            $this->beforeDisable($weapp);
            /*--end*/
            $r = M('weapp')->where('id', $id)->update(array('status' => -1, 'update_time' => getTime()));
            if ($r) {
                /*插件禁用的后置操作（可无）*/
                $this->afterDisable($weapp);
                /*--end*/
                cache("hookexec_" . $row['code'], null);
                cache('hooks', null);
                \think\Cache::clear('hooks');
                $this->success('操作成功！', url('Weapp/index'));
                exit;
            }
        }
        $this->error('操作失败！');
        exit;
    }

    /**
     * 删除插件以及文件
     */
    public function del()
    {
        if (IS_POST) {
            $id_arr = input('del_id/a');
            $id_arr = eyIntval($id_arr);
            if (!empty($id_arr)) {
                $result    = M('weapp')->field('id,name,code')
                    ->where([
                        'id' => ['IN', $id_arr],
                    ])->select();
                $name_list = get_arr_column($result, 'name');

                $r = M('weapp')->where([
                    'id' => ['IN', $id_arr],
                ])
                    ->delete();
                if ($r) {
                    /*清理插件相关文件*/
                    foreach ($result as $key => $val) {
                        $unbool = $this->unlinkcode($val['code']);
                        if (true == $unbool) {
                            continue;
                        }
                    }
                    /*--end*/

                    adminLog('删除插件：' . implode(',', $name_list));
                    $this->success('删除成功');
                } else {
                    $this->error('删除失败');
                }
            } else {
                $this->error('参数有误');
            }
        }
        $this->error('非法访问');
    }

    /**
     * 清理插件相关文件
     */
    private function unlinkcode($code)
    {
        try {
            $code_strtolower = strtolower($code);
            $filelist_path = WEAPP_DIR_NAME . DS . $code . DS . 'filelist.txt';
            if (file_exists($filelist_path)) {
                $file = fopen($filelist_path, "r"); // 以只读的方式打开文件
                if (empty($file)) {
                    return true;
                }
                delFile(WEAPP_DIR_NAME . DS . $code, true);
                while (!feof($file)) {
                    $itemStr = fgets($file); //fgets()函数从文件指针中读取一行
                    $itemStr = trim($itemStr);
                    if (!empty($itemStr) && file_exists($itemStr)) {
                        if (is_file($itemStr)) {
                            if (preg_match('/^(application\/plugins|data\/schema)\//i', $itemStr) || stristr($itemStr, $code_strtolower)) {
                                @unlink('./' . $itemStr);
                            }
                        } else if (is_dir($itemStr)) {
                            if (preg_match('/^template\/plugins\/' . $code . '$/i', $itemStr) || stristr($itemStr, $code_strtolower)) {
                                delFile('./' . $itemStr, true);
                            }
                        }
                    }
                }
                fclose($file);
                delFile(WEAPP_DIR_NAME . DS . $code, true);
            }
            return true;

        } catch (\Exception $e) {
            return true;
        }
    }

    /**
     * 分解SQL文件的语句
     */
    public function sql_split($sql, $tablepre, $code)
    {
        $installSqlAccess = ['Diyminipro']; // 允许系统表增删的权限

        $sql = str_replace("`#@__", '`' . $tablepre, $sql);

        $sql = preg_replace("/TYPE=(InnoDB|MyISAM|MEMORY)( DEFAULT CHARSET=[^; ]+)?/", "ENGINE=\\1 DEFAULT CHARSET=utf8", $sql);

        $sql          = str_replace("\r", "\n", $sql);
        $ret          = array();
        $num          = 0;
        $queriesarray = explode(";\n", trim($sql));
        unset($sql);
        foreach ($queriesarray as $query) {
            $ret[$num] = '';
            $queries   = explode("\n", trim($query));
            $queries   = array_filter($queries);
            foreach ($queries as $query) {
                $str1 = substr($query, 0, 1);
                if ($str1 != '#' && $str1 != '-')
                    $ret[$num] .= $query;
            }
            if ((!stristr($ret[$num], 'SET FOREIGN_KEY_CHECKS') && !stristr($ret[$num], 'SET NAMES'))) {
                if (false === stripos($ret[$num], $tablepre . 'weapp_') && !in_array($code, $installSqlAccess)) {
                    $this->error('请删除不相干的SQL语句，或者数据表前缀是否符合插件规范（#@__weapp_）');
                }
            }
            $num++;
        }
        return $ret;
    }

    /**
     * 插件安装的前置操作（可无）
     */
    public function beforeInstall($weappClass)
    {
        if (method_exists($weappClass, 'beforeInstall')) {
            $weappClass->beforeInstall();
        }
    }

    /**
     * 插件安装的后置操作（可无）
     */
    public function afterInstall($weappClass)
    {
        if (method_exists($weappClass, 'afterInstall')) {
            $weappClass->afterInstall();
        }
        /*存储插件列表所有信息*/
        model('Weapp')->clearWeappCache();
        /*end*/
    }

    /**
     * 插件卸载的前置操作（可无）
     */
    public function beforeUninstall($weappClass)
    {
        if (method_exists($weappClass, 'beforeUninstall')) {
            $weappClass->beforeUninstall();
        }
    }

    /**
     * 插件卸载的后置操作（可无）
     */
    public function afterUninstall($weappClass)
    {
        if (method_exists($weappClass, 'afterUninstall')) {
            $weappClass->afterUninstall();
        }
        /*存储插件列表所有信息*/
        model('Weapp')->clearWeappCache();
        /*end*/
    }

    /**
     * 插件启用的前置操作（可无）
     */
    public function beforeEnable($weappClass)
    {
        if (method_exists($weappClass, 'beforeEnable')) {
            $weappClass->beforeEnable();
        }
    }

    /**
     * 插件启用的后置操作（可无）
     */
    public function afterEnable($weappClass)
    {
        if (method_exists($weappClass, 'afterEnable')) {
            $weappClass->afterEnable();
        }
        /*存储插件列表所有信息*/
        model('Weapp')->clearWeappCache();
        /*end*/
    }

    /**
     * 插件禁用的前置操作（可无）
     */
    public function beforeDisable($weappClass)
    {
        if (method_exists($weappClass, 'beforeDisable')) {
            $weappClass->beforeDisable();
        }
    }

    /**
     * 插件禁用的后置操作（可无）
     */
    public function afterDisable($weappClass)
    {
        if (method_exists($weappClass, 'afterDisable')) {
            $weappClass->afterDisable();
        }
        /*存储插件列表所有信息*/
        model('Weapp')->clearWeappCache();
        /*end*/
    }

    /**
     * 上传插件并解压
     */
    public function upload()
    {
        $this->error('有漏洞，禁止此功能！');

        //防止php超时
        function_exists('set_time_limit') && set_time_limit(0);

        if (IS_AJAX_POST) {
            $fileExt                 = 'zip';
            $savePath = UPLOAD_PATH.'tmp'.DS.'weapp'.DS;
            $image_upload_limit_size = intval(tpCache('basic.file_size') * 1024 * 1024);
            $file                    = request()->file('weappfile');
            if (empty($file)) {
                $this->error('请先上传zip文件');
            }
            $error = $file->getError();
            if (!empty($error)) {
                $this->error($error);
            }
            $result = $this->validate(
                ['file' => $file],
                ['file' => 'fileSize:' . $image_upload_limit_size . '|fileExt:' . $fileExt],
                ['file.fileSize' => '上传文件过大', 'file.fileExt' => '上传文件后缀名必须为' . $fileExt]
            );
            if (true !== $result || empty($file)) {
                $this->error($result);
            }
            // 移动到框架应用根目录/public/upload/tmp/ 目录下
            $folderName = session('admin_id') . '-' . dd2char(date("ymdHis") . mt_rand(100, 999));  // 文件名，不带扩展名
            $fileName   = $folderName . '.' . $fileExt; // 上传之后的文件全名
            /*使用自定义的文件保存规则*/
            $info = $file->rule(function ($file) {
                return $folderName;
            })->move($savePath, $folderName);
            /*--end*/
            if ($info) {
                $filepath = $savePath . $fileName;
                if (file_exists($filepath)) {
                    /*解压之前，删除存在的文件夹*/
                    delFile($savePath . $folderName);
                    /*--end*/

                    /*解压文件*/
                    $zip = new \ZipArchive();//新建一个ZipArchive的对象
                    if ($zip->open($savePath . $fileName) != true) {
                        $this->error("插件压缩包读取失败!", url('Weapp/index'));
                    }
                    $zip->extractTo($savePath . $folderName . DS);//假设解压缩到在当前路径下插件名称文件夹内
                    $zip->close();//关闭处理的zip文件
                    /*--end*/

                    /*获取插件目录名称*/
                    $dirList   = glob($savePath . $folderName . DS . WEAPP_DIR_NAME . DS . '*');
                    $weappPath = !empty($dirList) ? $dirList[0] : '';
                    if (empty($weappPath)) {
                        @unlink(realpath($savePath . $fileName));
                        delFile($savePath, true);
                        $this->error('插件压缩包缺少目录文件', url('Weapp/index'));
                    }

                    $weappPath    = str_replace("\\", DS, $weappPath);
                    $weappPathArr = explode(DS, $weappPath);
                    $weappName    = $weappPathArr[count($weappPathArr) - 1];
                    // if (is_dir(ROOT_PATH.WEAPP_DIR_NAME.DS.$weappName)) {
                    //     $this->error("已存在同名插件{$weappName}，请手工移除".WEAPP_DIR_NAME.DS.$weappName."目录");
                    // }
                    /*--end*/

                    /*修复非法插件上传，导致任意文件上传的漏洞*/
                    $configfile = $savePath . $folderName . DS . WEAPP_DIR_NAME . DS . $weappName . '/config.php';
                    if (!file_exists($configfile)) {
                        @unlink(realpath($savePath . $fileName));
                        delFile($savePath, true);
                        $this->error('插件不符合标准！', url('Weapp/index'));
                    } else {
                        $configdata = include($configfile);
                        if (empty($configdata) || !is_array($configdata)) {
                            @unlink(realpath($savePath . $fileName));
                            delFile($savePath, true);
                            $this->error('插件不符合标准！', url('Weapp/index'));
                        } else {
                            $sampleConfig = include(DATA_NAME . DS . 'weapp' . DS . 'Sample' . DS . 'weapp' . DS . 'Sample' . DS . 'config.php');
                            foreach ($configdata as $key => $val) {
                                if ('permission' != $key && !isset($sampleConfig[$key])) {
                                    @unlink(realpath($savePath . $fileName));
                                    delFile($savePath, true);
                                    $this->error('插件不符合标准！', url('Weapp/index'));
                                }
                            }
                        }
                    }
                    /*--end*/

                    // 递归复制文件夹            
                    $copy_bool = recurse_copy($savePath . $folderName, rtrim(ROOT_PATH, DS));
                    if (true !== $copy_bool) {
                        $this->error($copy_bool);
                    }

                    /*删除上传的插件包*/
                    @unlink(realpath($savePath . $fileName));
                    @delFile($savePath, true);
                    /*--end*/

                    /*安装插件*/
                    $configfile = WEAPP_DIR_NAME . DS . $weappName . '/config.php';
                    if (file_exists($configfile)) {
                        $configdata = include($configfile);
                        $code       = isset($configdata['code']) ? $configdata['code'] : 'error_' . date('Ymd');
                        Db::name('weapp')->where(['code' => $code])->delete();

                        $addData  = [
                            'code'     => $code,
                            'name'     => isset($configdata['name']) ? $configdata['name'] : '配置信息不完善',
                            'config'   => empty($configdata) ? '' : json_encode($configdata),
                            'data'     => '',
                            'add_time' => getTime(),
                        ];
                        $weapp_id = Db::name('weapp')->insertGetId($addData);
                        if (!empty($weapp_id)) {
                            \think\Cache::clear('weapp');
                            $this->install($weapp_id);
                        }
                    }
                    /*--end*/
                }
            } else {
                //上传错误提示错误信息
                $this->error($info->getError());
            }
        }
    }

    /**
     * 一键更新插件
     */
    public function OneKeyUpgrade()
    {
        header('Content-Type:application/json; charset=utf-8');
        $code       = input('param.code/s', '');
        $upgradeMsg = $this->weappLogic->OneKeyUpgrade($code); //一键更新插件
        respose($upgradeMsg);
    }

    /**
     * 检查插件是否有更新包
     * @return type 提示语
     */
    public function checkVersion()
    {
        // error_reporting(0);//关闭所有错误报告
        $upgradeMsg = $this->weappLogic->checkVersion(); //升级包消息   
        respose($upgradeMsg);
    }

    /**
     * 创建初始插件结构
     */
    public function create()
    {
        $sample  = 'Sample';
        $srcPath = DATA_NAME . DS . WEAPP_DIR_NAME . DS . $sample;

        if (IS_POST) {
            $post = input('post.');
            foreach ($post as $key => $val) {
                $post[$key] = str_replace("'", "\'", $val);
            }

            $code = trim($post['code']);
            if (!preg_match('/^[A-Z]([a-zA-Z0-9]*)$/', $code)) {
                $this->error('插件标识格式不正确！');
            }
            if ('Sample' == $code) {
                $this->error('插件标识已被占用！');
            }
            if (!preg_match('/^v\d+\.\d+\.\d+([0-9\.]*)$/', $post['version'])) {
                $this->error('插件版本号格式不正确！');
            }
            if (empty($post['min_version'])) {
                $post['min_version'] = getCmsVersion();
            }
            if (empty($post['version'])) {
                $post['version'] = 'v1.0.0';
            }

            /*复制样本结构到插件目录下*/
            $srcFiles = getDirFile($srcPath);
            $filetxt  = '';
            foreach ($srcFiles as $key => $srcfile) {
                $dstfile = str_replace($sample, $code, $srcfile);
                $dstfile = str_replace(strtolower($sample), strtolower($code), $dstfile);
                if (!preg_match('/^' . WEAPP_DIR_NAME . '\/' . $code . '/i', $dstfile)) {
                    $filetxt .= $dstfile . "\n\r";
                }
                if (tp_mkdir(dirname($dstfile))) {
                    $fileContent = file_get_contents($srcPath . DS . $srcfile);
                    if (preg_match('/\.sql$/i', $dstfile)) {
                        $fileContent = str_replace(strtolower($sample), uncamelize($code), $fileContent);
                    } else {
                        $fileContent = str_replace($sample, $code, $fileContent);
                        $fileContent = str_replace(strtolower($sample), strtolower($code), $fileContent);
                    }
                    $puts = @file_put_contents($dstfile, $fileContent); //初始化插件文件列表   
                    if (!$puts) {
                        $this->error('写入文件内容 ' . $dstfile . ' 失败');
                        exit;
                    }
                }
            }
            $filetxt .= WEAPP_DIR_NAME . '/' . $code;
            @file_put_contents(WEAPP_DIR_NAME . DS . $code . DS . 'filelist.txt', $filetxt); //初始化插件文件列表
            /*--end*/

            /*读取配置文件，并替换插件信息*/
            $configPath = WEAPP_DIR_NAME . DS . $code . DS . 'config.php';
            if (!eyPreventShell($configPath) || !file_exists($configPath)) {
                $this->error('创建插件结构不完整，请重新创建！');
            }
            $strConfig = file_get_contents(WEAPP_DIR_NAME . DS . $code . DS . 'config.php');
            $strConfig = str_replace('#CODE#', $code, $strConfig);
            $strConfig = str_replace('#NAME#', $post['name'], $strConfig);
            $strConfig = str_replace('#VERSION#', $post['version'], $strConfig);
            $strConfig = str_replace('#MIN_VERSION#', $post['min_version'], $strConfig);
            $strConfig = str_replace('#AUTHOR#', $post['author'], $strConfig);
            $strConfig = str_replace('#DESCRIPTION#', $post['description'], $strConfig);
            $strConfig = str_replace('#SCENE#', $post['scene'], $strConfig);
            @chmod(WEAPP_DIR_NAME . DS . $code . DS . 'config.php'); //配置文件的地址
            $puts = @file_put_contents(WEAPP_DIR_NAME . DS . $code . DS . 'config.php', $strConfig); //配置文件的地址
            if (!$puts) {
                $this->error('替换插件信息失败，请设置目录权限为 755！');
            }
            /*--end*/

            $this->success('初始化插件成功，请在该插件基础上进行二次开发！', url('Weapp/index'), [], 3);
        }

        /*删除多余目录以及文件，兼容v1.1.7之后的版本*/
        if (file_exists($srcPath . DS . 'application' . DS . 'weapp')) {
            delFile($srcPath . DS . 'application' . DS . 'weapp', true);
        }
        if (file_exists($srcPath . DS . 'template' . DS . 'weapp')) {
            delFile($srcPath . DS . 'template' . DS . 'weapp', true);
        }
        if (file_exists($srcPath . DS . 'weapp' . DS . $sample . DS . 'behavior' . DS . 'weapp')) {
            delFile($srcPath . DS . 'weapp' . DS . $sample . DS . 'behavior' . DS . 'weapp', true);
        }
        if (file_exists($srcPath . DS . 'weapp' . DS . $sample . DS . 'template' . DS . 'skin' . DS . 'font')) {
            delFile($srcPath . DS . 'weapp' . DS . $sample . DS . 'template' . DS . 'skin' . DS . 'font', true);
        }
        if (file_exists($srcPath . DS . 'weapp' . DS . $sample . DS . 'common.php')) {
            @unlink($srcPath . DS . 'weapp' . DS . $sample . DS . 'common.php');
        }
        /*--end*/

        $assign_data                = array();
        $assign_data['min_version'] = getCmsVersion();

        $this->assign($assign_data);
        return $this->fetch();
    }

    /**
     * 打包插件
     */
    public function pack()
    {
        if (IS_POST) {
            $packfiles = array(); // 打包的全部文件列表

            $post            = input('post.');
            $code            = $post['code'];
            $additional_file = $post['additional_file'];

            if (!preg_match('/^[A-Z]([a-zA-Z0-9]*)$/', $code)) {
                $this->error('插件标识格式不正确！');
            } else if (!file_exists(WEAPP_DIR_NAME . DS . $code)) {
                $this->error('该插件不存在！');
            }
            if (empty($additional_file)) {
                $this->error('打包文件不能为空！');
            }

            /*额外打包文件*/
            if (!empty($additional_file)) {
                $file_arr = explode(PHP_EOL, $additional_file);
                foreach ($file_arr as $key => $val) {
                    if (empty($val)) {
                        continue;
                    }
                    if (eyPreventShell($val) && is_file($val) && file_exists($val)) {
                        $packfiles[$val] = $val;
                    } else if (eyPreventShell($val) && is_dir($val) && file_exists($val)) {
                        $dirfiles = getDirFile($val, $val);
                        foreach ($dirfiles as $k2 => $v2) {
                            $packfiles[$v2] = $v2;
                        }
                    }
                }
            }
            /*--end*/

            /*压缩插件目录*/
            $zip      = new \ZipArchive();//新建一个ZipArchive的对象
            $filepath = DATA_PATH . WEAPP_DIR_NAME;
            tp_mkdir($filepath);
            $zipName = $filepath . DS . $code . '.zip';//定义打包后的包名
            if ($zip->open($zipName, \ZIPARCHIVE::OVERWRITE | \ZIPARCHIVE::CREATE) !== TRUE)
                $this->error('插件压缩包打开失败！');

            /*打包插件标准结构涉及的文件与目录，并且打包zip*/
            $is_template = false;
            $filetxt     = '';
            foreach ($packfiles as $key => $srcfile) {
                if (!stristr($srcfile, "weapp/{$code}/") && !stristr($srcfile, "template/plugins/" . strtolower($code) . "/")) {
                    $filetxt .= $srcfile . "\n";
                } else if (stristr($srcfile, "template/plugins/" . strtolower($code) . "/")) {
                    $is_template = true;
                }
                // $dstfile = DATA_NAME.DS.WEAPP_DIR_NAME.DS.$code.DS.$srcfile;
                // if(true == tp_mkdir(dirname($dstfile))) {
                if (file_exists($srcfile)) {
                    // $copyrt = copy($srcfile, $dstfile); //复制文件
                    // if (!$copyrt) {
                    //     $this->error('copy ' . $dstfile . ' 失败');
                    //     exit;
                    // }
                    //addFile函数首个参数如果带有路径，则压缩的文件里包含的是带有路径的文件压缩
                    //若不希望带有路径，则需要该函数的第二个参数
                    $zip->addFile($srcfile);//第二个参数是放在压缩包中的文件名称，如果文件可能会有重复，就需要注意一下
                }
                // }
            }
            // $dst_filelist = DATA_NAME.DS.WEAPP_DIR_NAME.DS.$code.DS.WEAPP_DIR_NAME.DS.$code.DS.'filelist.txt';
            if ($is_template) {
                $filetxt .= "template/plugins/" . strtolower($code) . "\n";
            }
            $filetxt      .= "weapp/{$code}" . "\n";
            $src_filelist = WEAPP_DIR_NAME . DS . $code . DS . 'filelist.txt';
            @file_put_contents($src_filelist, $filetxt); //初始化插件文件列表  
            // copy($src_filelist, $dst_filelist);
            /*--end*/
            $zip->addFile($src_filelist);
            $zip->close();

            /*压缩插件目录*/
            if (!file_exists($zipName)) {
                $this->error('打包zip文件包失败！');
            }

            $msg = "打包成功，【{$code}.zip】插件包在 data/weapp/ 目录下。";
            $this->success($msg, url('Weapp/pack'), [], 20);

        }

        return $this->fetch();
    }

    /**
     * 压缩文件
     */
    private function zip($files = array(), $zipName)
    {
        $zip = new \ZipArchive; //使用本类，linux需开启zlib，windows需取消php_zip.dll前的注释
        /*
         * 通过ZipArchive的对象处理zip文件
         * $zip->open这个方法如果对zip文件对象操作成功，$zip->open这个方法会返回TRUE
         * $zip->open这个方法第一个参数表示处理的zip文件名。
         * 这里重点说下第二个参数，它表示处理模式
         * ZipArchive::OVERWRITE 总是以一个新的压缩包开始，此模式下如果已经存在则会被覆盖。
         * ZIPARCHIVE::CREATE 如果不存在则创建一个zip压缩包，若存在系统就会往原来的zip文件里添加内容。
         *
         * 这里不得不说一个大坑。
         * 我的应用场景是需要每次都是创建一个新的压缩包，如果之前存在，则直接覆盖，不要追加
         * so，根据官方文档和参考其他代码，$zip->open的第二个参数我应该用 ZipArchive::OVERWRITE
         * 问题来了，当这个压缩包不存在的时候，会报错：ZipArchive::addFile(): Invalid or uninitialized Zip object
         * 也就是说，通过我的测试发现，ZipArchive::OVERWRITE 不会新建，只有当前存在这个压缩包的时候，它才有效
         * 所以我的解决方案是 $zip->open($zipName, \ZIPARCHIVE::OVERWRITE | \ZIPARCHIVE::CREATE)
         *
         * 以上总结基于我当前的运行环境来说
         * */
        if ($zip->open($zipName, \ZIPARCHIVE::OVERWRITE | \ZIPARCHIVE::CREATE) !== TRUE) {
            return '无法打开文件，或者文件创建失败';
        }
        foreach ($files as $val) {
            //$attachfile = $attachmentDir . $val['filepath']; //获取原始文件路径
            if (file_exists($val)) {
                //addFile函数首个参数如果带有路径，则压缩的文件里包含的是带有路径的文件压缩
                //若不希望带有路径，则需要该函数的第二个参数
                $zip->addFile($val, basename($val));//第二个参数是放在压缩包中的文件名称，如果文件可能会有重复，就需要注意一下
            }
        }
        $zip->close();//关闭

        if (!file_exists($zipName)) {
            return "无法找到文件"; //即使创建，仍有可能失败
        }

        //如果不要下载，下面这段删掉即可，如需返回压缩包下载链接，只需 return $zipName;
        header("Cache-Control: public");
        header("Content-Description: File Transfer");
        header('Content-disposition: attachment; filename=' . basename($zipName)); //文件名
        header("Content-Type: application/zip"); //zip格式的
        header("Content-Transfer-Encoding: binary"); //告诉浏览器，这是二进制文件
        header('Content-Length: ' . filesize($zipName)); //告诉浏览器，文件大小
        @readfile($zipName);
    }

    /**
     * 验证插件标识是否同名
     */
    public function ajax_check_code($code)
    {
        $service_ey = base64_decode(config('service_ey'));
        $url        = "{$service_ey}/index.php?m=api&c=Weapp&a=checkIsCode&code={$code}";
        $response   = httpRequest($url, "GET");
        if (1 == intval($response)) {
            $this->success('插件标识可使用！', url('Weapp/create'));
        } else if (-1 == intval($response)) {
            $this->error('插件标识已被占用！');
        }
        $this->error('远程验证插件标识失败！');
    }

    /**
     * 获取云插件列表
     */
    public function plugin()
    {
        $is_pay    = input('param.is_pay/d', 0);
        $keywords  = input('param.keywords/s', 0);
        $url       = 'https://www.eyoucms.com/user/ajax_memberplugin.php?action=plugin';
        $post_data = [
            'page'      => input('param.p/d', 1),
            'per_page' => config('paginate.list_rows'),
            'is_pay'    => $is_pay,
            'keywords'  => $keywords,
            'query_str' => input('param.'),
        ];
        $response  = httpRequest2($url, 'POST', $post_data);
        $params    = json_decode($response, true);
        if (empty($params['code'])) {
            $msg = !empty($params['msg']) ? $params['msg'] : '连接远程插件接口失败！';
            $this->error($msg);
        }
        
        $local = Db::name('weapp')->where(['status'=>1])->getAllWithIndex('code');
        foreach ($params['list'] as $key =>$val){
            if ($val['meal']){
                $val['meal'] = unserialize($val['meal']);
            }
            $val['install'] = 0;
            foreach ($local as $k =>$v){
                if ($val['weapp_code'] == $k){
                    $val['install']=1;
                    break;
                }
            }
            $params['list'][$key] = $val;
        }

        $Page                 = new Page($params['total'], config('paginate.list_rows'));// 实例化分页类 传入总记录数和每页显示的记录数
        $show                 = $Page->show(); // 分页显示输出
        $assign_data['page']  = $show; // 赋值分页输出
        $assign_data['list']  = $params['list']; // 赋值数据集
        $assign_data['pager'] = $Page; // 赋值分页对象

        $assign_data['service_ey'] = $this->service_ey;
        $assign_data['ip'] = serverIP();

        //序列号
        $serial_number = DEFAULT_SERIALNUMBER;
        $constsant_path = APP_PATH.MODULE_NAME.'/conf/constant.php';
        if (file_exists($constsant_path)) {
            require_once($constsant_path);
            defined('SERIALNUMBER') && $serial_number = SERIALNUMBER;
        }
        $assign_data['serial_number'] = $serial_number;

        $assign_data['weapp_plugin_open'] = tpCache('php.php_weapp_plugin_open');

        $this->assign($assign_data);
        return $this->fetch();
    }

    /**     
     * @param type $fileUrl 下载文件地址
     * @return string 错误或成功提示
     */
    private function downloadFile($fileUrl, $saveDir = '', $fileName = '')
    {
        empty($saveDir) && $saveDir = UPLOAD_PATH . 'tmp' . DS; //保存路径
        if (empty($fileName)) {
            $folderName = session('admin_id') . '-' . dd2char(date("ymdHis") . mt_rand(100, 999));
            $fileName   = $folderName . ".zip";
        }

        $saveDir .= $fileName; // 保存目录
        tp_mkdir(dirname($saveDir));
        if(!file_get_contents($fileUrl, 0, null, 0, 1)){
            return ['code' => 0, 'msg' => '该插件包不存在']; // 文件存在直接退出
        }
        $file = httpRequest($fileUrl);
        curl_close ($ch);
        $fp = fopen($saveDir,'w');
        fwrite($fp, $file);
        fclose($fp);
        if(!eyPreventShell($saveDir) || !file_exists($saveDir) || !filesize($saveDir))
        {
            return ['code' => 0, 'msg' => '下载保存插件包失败，请检查所有目录的权限以及用户组不能为root'];
        }
        return ['code' => 1, 'msg' => '下载成功', 'filepath'=>$saveDir];
    }

    /**
     * 远程插件安装
     * @param string $id
     * @param string $url
     * @param string $is_authortoken
     * @param string $money
     * @throws \think\Exception
     * @throws \think\exception\PDOException
     */
    public function remoteInstall($code = '',$min_version='')
    {
        // 防止php超时
        function_exists('set_time_limit') && set_time_limit(0);

        if (IS_POST) {
            //版本判断
            $cms_version = getCmsVersion();
            $min_version = trim($min_version, 'v');
            if ($cms_version < 'v'.$min_version) {
                $this->error('当前CMS版本太低，该插件要求CMS版本 >= v' . $min_version . '，请升级系统！');
            }
            /*是否付费start*/
            $post_data = [
                'code' => base64_encode($code),
                'cms_version' => $cms_version,
            ];
            $url       = 'https://www.eyoucms.com/user/ajax_memberplugin.php?action=verify';
            $response  = httpRequest2($url, 'POST', $post_data);
            $params    = json_decode($response, true);

            /*是否付费end*/
            if (empty($params['code'])) {
                $msg = !empty($params['msg']) ? $params['msg'] : '安装失败';
                $this->error($msg);
            }
            if (!empty($params['url'])) {
                $params['url'] = trim($params['url']);
                $this->downloadInstall($params['url']);
            }
        }
    }

    public function downloadInstall($url)
    {
        /*远程下载文件start*/
        $savePath   = UPLOAD_PATH . 'tmp' . DS;//保存路径
        $folderName = session('admin_id') . '-' . dd2char(date("ymdHis") . mt_rand(100, 999));
        $fileName   = $folderName . ".zip";
        //保存至框架应用根目录/public/upload/tmp/ 目录下  返回文件详细路径+名称
        $result = $this->downloadFile($url, $savePath, $fileName);
        if (!isset($result['code']) || $result['code'] != 1) {
            $this->error($result['msg']);
        }
        $filepath = $result['filepath'];
        /*远程下载文件end*/

        if (file_exists($filepath)) {
            /*解压文件*/
            $zip = new \ZipArchive();//新建一个ZipArchive的对象
            if ($zip->open($filepath) != true) {
                $this->error("插件压缩包读取失败!", url('Weapp/plugin'));
            }
            $zip->extractTo($savePath . $folderName . DS);//假设解压缩到在当前路径下插件名称文件夹内
            $zip->close();//关闭处理的zip文件
            /*--end*/
            /*获取插件目录名称*/
            $dirList   = glob($savePath . $folderName . DS . WEAPP_DIR_NAME . DS . '*');
            $weappPath = !empty($dirList) ? $dirList[0] : '';
            if (empty($weappPath)) {
                @unlink(realpath($savePath . $fileName));
                delFile($savePath . $folderName, true);
                $this->error('插件压缩包缺少目录文件', url('Weapp/plugin'));
            }

            $weappPath    = str_replace("\\", DS, $weappPath);
            $weappPathArr = explode(DS, $weappPath);
            $weappName    = $weappPathArr[count($weappPathArr) - 1];
            /*--end*/

            /*修复非法插件上传，导致任意文件上传的漏洞*/
            $configfile = $savePath . $folderName . DS . WEAPP_DIR_NAME . DS . $weappName . '/config.php';
            if (!file_exists($configfile)) {
                @unlink(realpath($savePath . $fileName));
                delFile($savePath . $folderName, true);
                $this->error('插件不符合标准！', url('Weapp/plugin'));
            } else {
                $configdata = include($configfile);
                if (empty($configdata) || !is_array($configdata)) {
                    @unlink(realpath($savePath . $fileName));
                    delFile($savePath . $folderName, true);
                    $this->error('插件不符合标准！', url('Weapp/plugin'));
                } else {
                    $sampleConfig = include(DATA_NAME . DS . 'weapp' . DS . 'Sample' . DS . 'weapp' . DS . 'Sample' . DS . 'config.php');
                    foreach ($configdata as $key => $val) {
                        if ('permission' != $key && !isset($sampleConfig[$key])) {
                            @unlink(realpath($savePath . $fileName));
                            delFile($savePath . $folderName, true);
                            $this->error('插件不符合标准！', url('Weapp/index'));
                        }
                    }
                }
            }
            /*--end*/

            // 递归复制文件夹
            $copy_bool = recurse_copy($savePath . $folderName, rtrim(ROOT_PATH, DS));
            if (true !== $copy_bool) {
                $this->error($copy_bool);
            }

            /*删除上传的插件包*/
            @unlink(realpath($savePath . $fileName));
            @delFile($savePath . $folderName, true);
            /*--end*/

            /*安装插件*/
            $configfile = WEAPP_DIR_NAME . DS . $weappName . '/config.php';
            if (file_exists($configfile)) {
                $configdata = include($configfile);
                $code       = isset($configdata['code']) ? $configdata['code'] : 'error_' . date('Ymd');
                Db::name('weapp')->where(['code' => $code])->delete();

                $addData  = [
                    'code'     => $code,
                    'name'     => isset($configdata['name']) ? $configdata['name'] : '配置信息不完善',
                    'config'   => empty($configdata) ? '' : json_encode($configdata),
                    'data'     => '',
                    'add_time' => getTime(),
                ];
                $weapp_id = Db::name('weapp')->insertGetId($addData);
                if (!empty($weapp_id)) {
                    \think\Cache::clear('weapp');
                    $this->install($weapp_id);
                }
            }
            /*--end*/
        }
    }

    public function pay_success()
    {
        $url      = $this->service_ey.'/index.php?m=api&c=Pay&a=notify';
        $response = httpRequest($url, 'POST', $_GET);
        $params   = json_decode($response, true);
        return $this->fetch();
    }

    /**
     * 我的插件列表删除云插件
     */
    public function del_remote()
    {
        if (IS_POST) {
            $id = input('del_id/d');
            if (!empty($id)) {
                $result    = Db::name('weapp')->field('id,name,code,is_buy')->where('id',$id)->find();
                if ($result['is_buy'] == 1){
                    $r = Db::name('weapp')->where('id',$id)->update(['is_buy'=>2]);
                    if ($r) {
                        $res = ['code'=>1,'msg'=>'删除成功'];
                        respose($res);
                    } else {
                        $res = ['code'=>0,'msg'=>'删除失败'];
                        respose($res);
                    }
                }
            } else {
                $res = ['code'=>0,'msg'=>'参数有误'];
                respose($res);
            }
        }
        $res = ['code'=>0,'msg'=>'非法访问'];
        respose($res);
    }
}