@@ -33,11 +33,12 @@ if (empty($do)) { | |||
"; | |||
$dsql->SetQuery($query); | |||
$dsql->Execute(); | |||
$proto = IsSSL()? "https://" : "http://"; | |||
while ($row = $dsql->GetArray()) { | |||
$title = dede_htmlspecialchars($row['title']); | |||
$row1 = GetOneArchive($row['id']); | |||
if (strpos($row1['arcurl'], 'http://') === false) { | |||
$link = ($cfg_basehost == '' ? 'http://'.$_SERVER["HTTP_HOST"].$cfg_cmspath : $cfg_basehost).$row1['arcurl']; | |||
if ((strpos($row1['arcurl'], 'http://') === false) || (strpos($row1['arcurl'], 'https://') === false)) { | |||
$link = ($cfg_basehost == '' ? $proto.$_SERVER["HTTP_HOST"].$cfg_cmspath : $cfg_basehost).$row1['arcurl']; | |||
} else { | |||
$link = $row1['arcurl']; | |||
} | |||
@@ -45,8 +46,8 @@ if (empty($do)) { | |||
$description = dede_htmlspecialchars(strip_tags($row['description'])); | |||
$text = dede_htmlspecialchars(strip_tags($row['body'])); | |||
$image = $row['litpic'] == '' ? '' : $row['litpic']; | |||
if ($image != '' && strpos($image, 'http://') === false) { | |||
$image = ($cfg_basehost == '' ? 'http://'.$_SERVER["HTTP_HOST"].$cfg_cmspath : $cfg_basehost).$image; | |||
if ($image != '' && (strpos($image, 'http://') === false) || (strpos($image, 'https://') === false)) { | |||
$image = ($cfg_basehost == '' ? $proto.$_SERVER["HTTP_HOST"].$cfg_cmspath : $cfg_basehost).$image; | |||
} | |||
//$headlineimg = ''; | |||
$keywords = dede_htmlspecialchars($row['keywords']); | |||
@@ -34,7 +34,7 @@ function GetCurContentAlbum($body, $rfurl, &$firstdd) | |||
$rsimg = ''; | |||
$cfg_uploaddir = $GLOBALS['cfg_image_dir']; | |||
$cfg_basedir = $GLOBALS['cfg_basedir']; | |||
$basehost = 'http://'.$_SERVER['HTTP_HOST']; | |||
$basehost = IsSSL()? "https://".$_SERVER["HTTP_HOST"] : "http://".$_SERVER["HTTP_HOST"]; | |||
$img_array = array(); | |||
preg_match_all("/(src)=[\"|'| ]{0,}(http:\/\/([^>]*)\.(gif|jpg|png))/isU", $body, $img_array); | |||
$img_array = array_unique($img_array[2]); | |||
@@ -99,7 +99,7 @@ function GetCurContent($body) | |||
global $cfg_multi_site, $cfg_basehost, $cfg_basedir, $cfg_image_dir, $arcID, $cuserLogin, $dsql; | |||
$cfg_uploaddir = $cfg_image_dir; | |||
$htd = new DedeHttpDown(); | |||
$basehost = "http://".$_SERVER["HTTP_HOST"]; | |||
$basehost = IsSSL()? "https://".$_SERVER["HTTP_HOST"] : "http://".$_SERVER["HTTP_HOST"]; | |||
$img_array = array(); | |||
preg_match_all("/src=[\"|'|\s]([^\"|^\'|^\s]*?)/isU", $body, $img_array); | |||
$img_array = array_unique($img_array[1]); | |||
@@ -58,8 +58,8 @@ foreach ($dtp->CTags as $ctag) { | |||
} | |||
unset($dtp); | |||
if ($cfg_multi_site == 'Y') { | |||
if (!preg_match("/^http:/i", $preSrc) && !empty($preSrc)) $preSrc = $cfg_basehost.$preSrc; | |||
if (!preg_match("/^http:/i", $nextSrc) && !empty($nextSrc)) $nextSrc = $cfg_basehost.$nextSrc; | |||
if (!preg_match("/^(http|https):/i", $preSrc) && !empty($preSrc)) $preSrc = $cfg_basehost.$preSrc; | |||
if (!preg_match("/^(http|https):/i", $nextSrc) && !empty($nextSrc)) $nextSrc = $cfg_basehost.$nextSrc; | |||
} | |||
if ($preSrc != '') { | |||
$pageGuide .= "<a href='showphoto.php?aid={$aid}&src=".urlencode($preSrc)."&npos=".($npos - 1)."'><<上一幅图片</a> "; | |||
@@ -35,6 +35,7 @@ if(empty($step)) | |||
{ | |||
$step = 1; | |||
} | |||
$proto = IsSSL()? "https://" : "http://"; | |||
/*------------------------ | |||
使用协议书 | |||
function _1_Agreement() | |||
@@ -62,10 +63,11 @@ if($step==1) | |||
else | |||
$scriptName = $_SERVER['PHP_SELF']; | |||
$basepath = preg_replace("#\/install(.*)$#i", '', $scriptName); | |||
if(!empty($_SERVER['HTTP_HOST'])) | |||
$baseurl = 'http://'.$_SERVER['HTTP_HOST']; | |||
$baseurl = $proto.$_SERVER['HTTP_HOST']; | |||
else | |||
$baseurl = "http://".$_SERVER['SERVER_NAME']; | |||
$baseurl = $proto.$_SERVER['SERVER_NAME']; | |||
$chars='abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789'; | |||
$rnd_cookieEncode=''; | |||
$length = rand(28,32); | |||
@@ -89,9 +91,9 @@ else if($step==2) | |||
die("当前数据库类型不支持"); | |||
} | |||
if(!empty($_SERVER['HTTP_HOST'])) | |||
$dfbaseurl = 'http://'.$_SERVER['HTTP_HOST']; | |||
$dfbaseurl = $proto.$_SERVER['HTTP_HOST']; | |||
else | |||
$dfbaseurl = "http://".$_SERVER['SERVER_NAME']; | |||
$dfbaseurl = $proto.$_SERVER['SERVER_NAME']; | |||
$dfbasepath = preg_replace("#\/install(.*)$#i", '', $scriptName); | |||
$dbhost = empty($dbhost)? "localhost" : $dbhost; | |||
$dbuser = empty($dbuser)? "root" : $dbuser; | |||
@@ -286,6 +286,20 @@ function IndexActive($idx) | |||
return ''; | |||
} | |||
} | |||
//是否是HTTPS | |||
function IsSSL() | |||
{ | |||
if ($_SERVER['HTTPS'] && ('1' == $_SERVER['HTTPS'] || 'on' == strtolower($_SERVER['HTTPS']))) { | |||
return true; | |||
} elseif ('https' == $_SERVER['REQUEST_SCHEME']) { | |||
return true; | |||
} elseif ('443' == $_SERVER['SERVER_PORT']) { | |||
return true; | |||
} elseif ('https' == $_SERVER['HTTP_X_FORWARDED_PROTO']) { | |||
return true; | |||
} | |||
return false; | |||
} | |||
//自定义函数接口 | |||
//这里主要兼容早期的用户扩展,v5.7之后我们建议使用小助手helper进行扩展 | |||
if (file_exists(DEDEINC.'/extend.func.php')) { | |||
@@ -12,7 +12,7 @@ if (!defined('DEDEINC')) exit('dedebiz'); | |||
@set_time_limit(0); | |||
class DedeHttpDown | |||
{ | |||
var $m_ch = ''; | |||
var $m_ch = null; | |||
var $m_url = ''; | |||
var $m_urlpath = ''; | |||
var $m_scheme = 'http'; | |||
@@ -268,6 +268,12 @@ class DedeHttpDown | |||
@fclose($this->m_fp); | |||
return $this->m_html; | |||
} | |||
/** | |||
* 获取请求解析后的JSON数据 | |||
* | |||
* @access public | |||
* @return mixed | |||
*/ | |||
function GetJSON() | |||
{ | |||
if ($this->m_html != '') { | |||
@@ -285,6 +291,25 @@ class DedeHttpDown | |||
@fclose($this->m_fp); | |||
return json_decode($this->m_html); | |||
} | |||
/** | |||
* 判断当前是否是https站点 | |||
* | |||
* @access public | |||
* @return bool | |||
*/ | |||
function IsSSL() | |||
{ | |||
if ($_SERVER['HTTPS'] && ('1' == $_SERVER['HTTPS'] || 'on' == strtolower($_SERVER['HTTPS']))) { | |||
return true; | |||
} elseif ('https' == $_SERVER['REQUEST_SCHEME']) { | |||
return true; | |||
} elseif ('443' == $_SERVER['SERVER_PORT']) { | |||
return true; | |||
} elseif ('https' == $_SERVER['HTTP_X_FORWARDED_PROTO']) { | |||
return true; | |||
} | |||
return false; | |||
} | |||
/** | |||
* 开始HTTP会话 | |||
* | |||
@@ -555,16 +580,17 @@ class DedeHttpDown | |||
return ""; | |||
} | |||
$pos = strpos($surl, "#"); | |||
$proto = $this->IsSSL()? "https://" : "http://"; | |||
if ($pos > 0) { | |||
$surl = substr($surl, 0, $pos); | |||
} | |||
if ($surl[0] == "/") { | |||
$okurl = "http://".$this->HomeUrl.$surl; | |||
$okurl = $proto .$this->HomeUrl.$surl; | |||
} else if ($surl[0] == ".") { | |||
if (strlen($surl) <= 1) { | |||
return ""; | |||
} else if ($surl[1] == "/") { | |||
$okurl = "http://".$this->BaseUrlPath."/".substr($surl, 2, strlen($surl) - 2); | |||
$okurl = $proto.$this->BaseUrlPath."/".substr($surl, 2, strlen($surl) - 2); | |||
} else { | |||
$urls = explode("/", $surl); | |||
foreach ($urls as $u) { | |||
@@ -581,7 +607,7 @@ class DedeHttpDown | |||
if (count($urls) <= $pathStep) { | |||
return ""; | |||
} else { | |||
$pstr = "http://"; | |||
$pstr = $proto; | |||
for ($i = 0; $i < count($urls) - $pathStep; $i++) { | |||
$pstr .= $urls[$i]."/"; | |||
} | |||
@@ -590,15 +616,17 @@ class DedeHttpDown | |||
} | |||
} else { | |||
if (strlen($surl) < 7) { | |||
$okurl = "http://".$this->BaseUrlPath."/".$surl; | |||
$okurl = $proto .$this->BaseUrlPath."/".$surl; | |||
} else if (strtolower(substr($surl, 0, 7)) == "http://") { | |||
$okurl = $surl; | |||
} else if (strtolower(substr($surl, 0, 8)) == "https://") { | |||
$okurl = $surl; | |||
} else { | |||
$okurl = "http://".$this->BaseUrlPath."/".$surl; | |||
$okurl = $proto.$this->BaseUrlPath."/".$surl; | |||
} | |||
} | |||
$okurl = preg_replace("/^(http:\/\/)/i", "", $okurl); | |||
$okurl = preg_replace("/^((http|https):\/\/)/i", "", $okurl); | |||
$okurl = preg_replace("/\/{1,}/", "/", $okurl); | |||
return "http://".$okurl; | |||
return $proto.$okurl; | |||
} | |||
}//End Class |
@@ -359,7 +359,7 @@ function lib_arclistDone (&$refObj, &$ctag, $typeid=0, $row=10, $col=1, $titlele | |||
if ($row['litpic'] == '-' || $row['litpic'] == '') { | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/web/img/defaultpic.jpg'; | |||
} | |||
if (!preg_match("#^http:\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') { | |||
if (!preg_match("#^(http|https):\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') { | |||
$row['litpic'] = $GLOBALS['cfg_mainsite'].$row['litpic']; | |||
} | |||
$row['picname'] = $row['litpic']; | |||
@@ -185,7 +185,7 @@ function lib_arclistsg(&$ctag, &$refObj) | |||
if ($row['litpic'] == '-' || $row['litpic'] == '') { | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/web/img/defaultpic.jpg'; | |||
} | |||
if (!preg_match("#^http:\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') { | |||
if (!preg_match("#^(http|https):\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') { | |||
$row['litpic'] = $GLOBALS['cfg_mainsite'].$row['litpic']; | |||
} | |||
$row['picname'] = $row['litpic']; | |||
@@ -131,7 +131,7 @@ function lib_likearticle(&$ctag, &$refObj) | |||
if ($row['litpic'] == '-' || $row['litpic'] == '') { | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/web/img/defaultpic.jpg'; | |||
} | |||
if (!preg_match("#^http:\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') { | |||
if (!preg_match("#^(http|https):\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') { | |||
$row['litpic'] = $GLOBALS['cfg_mainsite'].$row['litpic']; | |||
} | |||
$row['picname'] = $row['litpic']; | |||
@@ -118,7 +118,7 @@ function lib_relation(&$ctag, &$refObj) | |||
if ($row['litpic'] == '-' || $row['litpic'] == '') { | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
} | |||
if (!preg_match("#^http:\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') { | |||
if (!preg_match("#^(http|https):\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') { | |||
$row['litpic'] = $GLOBALS['cfg_mainsite'].$row['litpic']; | |||
} | |||
$row['picname'] = $row['litpic']; | |||
@@ -27,7 +27,7 @@ function GetCurContentAlbum($body, $rfurl, &$firstdd) | |||
include_once(DEDEINC."/dedecollection.func.php"); | |||
if (empty($ddmaxwidth)) $ddmaxwidth = 240; | |||
$rsimg = ''; | |||
$basehost = "http://".$_SERVER["HTTP_HOST"]; | |||
$basehost = IsSSL()? "https://".$_SERVER["HTTP_HOST"] : "http://".$_SERVER["HTTP_HOST"]; | |||
$img_array = array(); | |||
preg_match_all("/(src)=[\"|'| ]{0,}(http:\/\/([^>]*)\.(gif|jpg|png))/isU", $body, $img_array); | |||
$img_array = array_unique($img_array[2]); | |||
@@ -300,7 +300,7 @@ function GetCurContent(&$body) | |||
global $cfg_multi_site, $cfg_basehost, $cfg_basedir, $cfg_user_dir, $title, $cfg_ml; | |||
include_once(DEDEINC."/dedecollection.func.php"); | |||
$htd = new DedeHttpDown(); | |||
$basehost = "http://".$_SERVER["HTTP_HOST"]; | |||
$basehost = IsSSL()? "https://".$_SERVER["HTTP_HOST"] : "http://".$_SERVER["HTTP_HOST"]; | |||
$img_array = array(); | |||
preg_match_all("/(src|SRC)=[\"|'| ]{0,}(http[s]?:\/\/([^>]*)\.(gif|jpg|png))/isU", $body, $img_array); | |||
$img_array = array_unique($img_array[2]); | |||
@@ -318,7 +318,7 @@ function GetCurContent(&$body) | |||
if ($cfg_basehost != $basehost && preg_match("#".$cfg_basehost."#i", $value)) { | |||
continue; | |||
} | |||
if (!preg_match("#^http:\/\/#i", $value)) { | |||
if (!preg_match("#^(http|https):\/\/#i", $value)) { | |||
continue; | |||
} | |||
$htd->OpenUrl($value); | |||
@@ -24,14 +24,15 @@ if ($fmdo == 'sendMail') { | |||
$userhash = md5($cfg_cookie_encode.'--'.$cfg_ml->fields['mid'].'--'.$cfg_ml->fields['email']); | |||
$url = $cfg_basehost.(empty($cfg_cmspath) ? '/' : $cfg_cmspath)."/user/index_do.php?fmdo=checkMail&mid={$cfg_ml->fields['mid']}&userhash={$userhash}&do=1"; | |||
$url = preg_replace("#http:\/\/#i", '', $url); | |||
$url = 'http://'.preg_replace("#\/\/#i", '/', $url); | |||
$proto = IsSSL()? "https://" : "http://"; | |||
$url = $proto.preg_replace("#\/\/#i", '/', $url); | |||
$mailtitle = "{$cfg_webname}--会员邮件验证通知"; | |||
$mailbody = ''; | |||
$mailbody .= "尊敬的用户[{$cfg_ml->fields['uname']}],您好:\r\n"; | |||
$mailbody .= "欢迎注册成为[{$cfg_webname}]的会员\r\n"; | |||
$mailbody .= "要通过注册,还必须进行最后一步操作,请点击或复制下面链接到地址栏访问这地址:\r\n\r\n"; | |||
$mailbody .= "{$url}\r\n\r\n"; | |||
$mailbody .= "Power by DedeBIZ内容管理系统\r\n"; | |||
$mailbody .= "Powered by DedeBIZ内容管理系统\r\n"; | |||
$headers = "From: ".$cfg_adminemail."\r\nReply-To: ".$cfg_adminemail; | |||
if (!empty($cfg_bizcore_appid) && !empty($cfg_bizcore_key)) { | |||
$client = new DedeBizClient($cfg_bizcore_hostname, $cfg_bizcore_port); | |||