Преглед изворни кода

模块功能调整完善

tags/6.0.0
tianya пре 4 месеци
родитељ
комит
4f686a4763
4 измењених фајлова са 170 додато и 136 уклоњено
  1. +45
    -20
      src/dede/module_main.php
  2. +91
    -107
      src/dede/module_make.php
  3. +20
    -9
      src/dede/templets/module_main.htm
  4. +14
    -0
      src/include/dedemodule.class.php

+ 45
- 20
src/dede/module_main.php Прегледај датотеку

@@ -100,14 +100,45 @@ if($action=='')
exit();
}
/*--------------
function ViewDevelopoer();
--------------*/
else if($action=='view_developoer')
{
// 检验开发者信息
$dm = new DedeModule($mdir);
$info = $dm->GetModuleInfo($hash);
if ($info==null) {
ShowMsg("获取模块信息错误,模块文件可能被篡改", -1);
exit;
}
$dev_id = $info['dev_id'];
$devURL = DEDECDNURL . "/developers/$dev_id.json";
$dhd = new DedeHttpDown();
$dhd->OpenUrl($devURL);
$devContent = $dhd->GetHtml();
$devInfo = (array)json_decode($devContent);
$offUrl = "";
if ($devInfo['dev_type'] == 1) {
$offUrl = "<p>官方网址:<code>{$devInfo['offurl']}</code> <small>(复制在浏览器中打开)</small></p>";
}
$authAt = date("Y-m-d", $devInfo['auth_at']);
ShowMsg("<div class='text-left'><p>开发者名称:{$devInfo['dev_name']}</p><p>开发者全称:{$devInfo['realname']}</p><p>开发者ID:{$devInfo['dev_id']} <a class='btn btn-secondary btn-sm' target='_blank' href='{$cfg_biz_dedebizUrl}/developer?dev_id={$devInfo['dev_id']}'>查看详情</a></p>$offUrl<p>认证于:{$authAt}</p></a>","javascript:;");
exit;
}
/*--------------
function Setup();
--------------*/
else if($action=='setup')
{
$dm = new DedeModule($mdir);
$infos = $dm->GetModuleInfo($hash);
if ($infos==null) {
ShowMsg("获取模块信息错误,模块文件可能被篡改", -1);
exit;
}
if($infos['url']=='') $infos['url'] = '&nbsp;';
$alertMsg = ($infos['lang'] == $cfg_soft_lang ? '' : '<br /><font color="red">(这个模块的语言编码与你系统的编码不一致,请向开发者确认它的兼容性)</font>');
$filelists = $dm->GetFileLists($hash);
@@ -165,9 +196,9 @@ else if($action=='setup')
$win->AddTitle("&nbsp;<a href='module_main.php'>模块管理</a> &gt;&gt; 安装模块: {$infos['name']}");
$win->AddHidden("hash",$hash);
$win->AddHidden("action",'setupstart');
if(trim($infos['url'])=='') $infos['url'] = '无';
$msg = "<style>.dtb{border-bottom:1px dotted #cccccc}</style>
<table width='98%' border='0' cellspacing='0' cellpadding='0'>
<table width='98%' border='0' cellspacing='0' cellpadding='0' class='table'>
<tr>
<td width='20%' height='28' class='dtb'>模块名称:</td>
<td width='80%' class='dtb'>{$infos['name']}</td>
@@ -181,29 +212,23 @@ else if($action=='setup')
<td class='dtb'>{$infos['filesize']}</td>
</tr>
<tr>
<td height='28' class='dtb'>团队名称:</td>
<td class='dtb'>{$infos['team']}</td>
<td height='28' class='dtb'>开发者ID:</td>
<td class='dtb'>{$infos['dev_id']} <a class='btn btn-secondary btn-sm' target='_blank' href='{$cfg_biz_dedebizUrl}/developer?dev_id={$infos['dev_id']}'>查看详情</a></td>
</tr>
<tr>
<td height='28' class='dtb'>发布时间:</td>
<td class='dtb'>{$infos['time']}</td>
</tr>
<tr>
<td height='28' class='dtb'>电子邮箱:</td>
<td class='dtb'>{$infos['email']}</td>
</tr>
<tr>
<td height='28' class='dtb'>官方网址:</td>
<td class='dtb'>{$infos['url']}</td>
</tr>
<tr>
<td height='28' class='dtb'>使用协议:</td>
<td class='dtb'><a href='module_main.php?action=showreadme&hash={$hash}' target='_blank'>点击浏览...</a></td>
</tr>
<tr>
<td height='30' class='dtb' bgcolor='#F9FCEF' colspan='2'>
<td height='30' class='dtb' colspan='2'>
<div class='alert alert-danger'>
<b>注意事项:</b>
安装时请确保文件列表中涉及的目录前可写入权限,此外“后台管理目录”、“后台管理目录/templets”目录也必须暂时设置可写入权限。
</div>
</td>
</tr>
<tr>
@@ -224,12 +249,12 @@ else if($action=='setup')
<tr>
<td height='28'>对于已存在文件处理方法:</td>
<td>
<input name='isreplace' type='radio' value='1' checked='checked' />
覆盖
<input name='isreplace' type='radio' value='3' />
覆盖,保留副本
<input type='radio' name='isreplace' value='0' />
保留旧文件
<label><input name='isreplace' type='radio' value='1' checked='checked' />
覆盖</label>
<label><input name='isreplace' type='radio' value='3' />
覆盖,保留副本</label>
<label><input type='radio' name='isreplace' value='0' />
保留旧文件</label>
</td>
</tr>
</table>


+ 91
- 107
src/dede/module_make.php Прегледај датотеку

@@ -1,4 +1,5 @@
<?php
/**
* 生成模块
*
@@ -9,53 +10,49 @@
* @link https://www.dedebiz.com
*/
@set_time_limit(0);
require_once(dirname(__FILE__)."/config.php");
require_once(dirname(__FILE__)."/../include/dedemodule.class.php");
require_once(dirname(__FILE__) . "/config.php");
require_once(dirname(__FILE__) . "/../include/dedemodule.class.php");
CheckPurview('sys_module');
if(empty($action)) $action = '';
if (empty($action)) $action = '';
if($action=='')
{
if ($action == '') {
$modules = array();
require_once(dirname(__FILE__)."/templets/module_make.htm");
require_once(dirname(__FILE__) . "/templets/module_make.htm");
exit();
}
/*-------------
//生成项目
function Makemodule()
--------------*/
else if($action=='make')
{
require_once(DEDEINC.'/dedehttpdown.class.php');
--------------*/ else if ($action == 'make') {
require_once(DEDEINC . '/dedehttpdown.class.php');
// 校验私钥,确定开发者身份
$devURL = DEDECDNURL."/developers/$dev_id.json";
$devURL = DEDECDNURL . "/developers/$dev_id.json";
$dhd = new DedeHttpDown();
$dhd->OpenUrl($devURL);
$devContent = $dhd->GetHtml();
$devInfo = (array)json_decode($devContent);
if (($devInfo['auth_at']+60*60*24*365) < time()) {
ShowMsg("您的开发者账号已经过期,请登录www.dedebiz.com重新申请!","-1");
if (($devInfo['auth_at'] + 60 * 60 * 24 * 365) < time()) {
ShowMsg("您的开发者账号已经过期,请登录www.dedebiz.com重新申请!", "-1");
exit();
}
$filelist = str_replace("\r", "\n", trim($filelist));
$filelist = trim(preg_replace("#[\n]{1,}#", "\n", $filelist));
if($filelist=='')
{
ShowMsg("对不起,你没有指定模块的文件列表,因此不能创建项目!","-1");
if ($filelist == '') {
ShowMsg("对不起,你没有指定模块的文件列表,因此不能创建项目!", "-1");
exit();
}
if (empty($dev_id)) {
ShowMsg("开发者ID不能为空!","-1");
ShowMsg("开发者ID不能为空!", "-1");
exit();
}
if (empty($priv)) {
ShowMsg("请填写开发者私钥信息","-1");
ShowMsg("请填写开发者私钥信息", "-1");
exit();
}
if (strlen($modulname) > 150) {
ShowMsg("模块名称过长","-1");
ShowMsg("模块名称过长", "-1");
exit();
}
@@ -65,78 +62,74 @@ else if($action=='make')
"dev_id" => $devInfo['dev_id'],
));
// 私钥加密模块信息
openssl_private_encrypt($enstr,$encotent,$priv);
openssl_private_encrypt($enstr, $encotent, $priv);
$moduleInfo = base64url_encode($encotent);
openssl_public_decrypt($encotent,$decontent,$devInfo['pub_key']);
openssl_public_decrypt($encotent, $decontent, $devInfo['pub_key']);
$minfo = (array)json_decode($decontent);
if ($minfo['module_name'] != $modulname || $minfo['dev_id'] != $devInfo['dev_id']) {
ShowMsg("开发者私钥校验失败,请确保填写正确的开发者私钥","-1");
ShowMsg("开发者私钥校验失败,请确保填写正确的开发者私钥", "-1");
exit();
}
//去除转义
foreach($_POST as $k=>$v) $$k = stripslashes($v);
foreach ($_POST as $k => $v) $$k = stripslashes($v);
if(!isset($autosetup)) $autosetup = 0;
if(!isset($autodel)) $autodel = 0;
$mdir = DEDEDATA.'/module';
$hashcode = md5($modulname.$devInfo['dev_id']);
$moduleFilename = $mdir.'/'.$hashcode.'.xml';
if (!isset($autosetup)) $autosetup = 0;
if (!isset($autodel)) $autodel = 0;
$mdir = DEDEDATA . '/module';
$hashcode = md5($modulname . $devInfo['dev_id']);
$moduleFilename = $mdir . '/' . $hashcode . '.xml';
$menustring = base64_encode($menustring);
$indexurl = str_replace('=', '**', $indexurl);
$dm = new DedeModule($mdir);
if($dm->HasModule($hashcode))
{
if ($dm->HasModule($hashcode)) {
$dm->Clear();
ShowMsg("对不起,你指定同名模块已经存在,因此不能创建项目!<br>如果你要更新这个模块,请先删除:module/{$hashcode}.xml","-1");
ShowMsg("对不起,你指定同名模块已经存在,因此不能创建项目!<br>如果你要更新这个模块,请先删除:module/{$hashcode}.xml", "-1");
exit();
}
$readmef = $setupf = $uninstallf = '';
if(empty($readmetxt))
{
move_uploaded_file($readme, $mdir."/{$hashcode}-r.html") or die("你没填写说明或上传说明文件!");
$readmef = $dm->GetEncodeFile($mdir."/{$hashcode}-r.html", TRUE);
}
else
{
$readmetxt = "<p style='line-height:150%'>".$readmetxt;
if (empty($readmetxt)) {
move_uploaded_file($readme, $mdir . "/{$hashcode}-r.html") or die("你没填写说明或上传说明文件!");
$readmef = $dm->GetEncodeFile($mdir . "/{$hashcode}-r.html", TRUE);
} else {
$readmetxt = "<p style='line-height:150%'>" . $readmetxt;
$readmetxt = preg_replace("#[\r\n]{1,}#", "<br />\r\n", $readmetxt);
$readmetxt .= "</p>";
$readmef = base64_encode(trim($readmetxt));
}
if($autosetup==0)
{
move_uploaded_file($setup,$mdir."/{$hashcode}-s.php") or die("你没上传,或系统无法把setup文件移动到 module 目录!");
$setupf = $dm->GetEncodeFile($mdir."/{$hashcode}-s.php",TRUE);
if ($autosetup == 0) {
move_uploaded_file($setup, $mdir . "/{$hashcode}-s.php") or die("你没上传,或系统无法把setup文件移动到 module 目录!");
$setupf = $dm->GetEncodeFile($mdir . "/{$hashcode}-s.php", TRUE);
}
if($autodel==0)
{
move_uploaded_file($uninstall, $mdir."/{$hashcode}-u.php") or die("你没上传,或系统无法把uninstall文件移动到 module 目录!");
$uninstallf = $dm->GetEncodeFile($mdir."/{$hashcode}-u.php", TRUE);
if ($autodel == 0) {
move_uploaded_file($uninstall, $mdir . "/{$hashcode}-u.php") or die("你没上传,或系统无法把uninstall文件移动到 module 目录!");
$uninstallf = $dm->GetEncodeFile($mdir . "/{$hashcode}-u.php", TRUE);
}
if(trim($setupsql40)=='') $setupsql40 = '';
if (trim($setupsql40) == '') $setupsql40 = '';
else $setupsql40 = base64_encode(trim($setupsql40));
//if(trim($setupsql41)=='') $setupsql41 = '';
//else $setupsql41 = base64_encode(trim($setupsql41));
if(trim($delsql)=='') $delsql = '';
if (trim($delsql) == '') $delsql = '';
else $delsql = base64_encode(trim($delsql));
$pub_key = base64url_encode($devInfo['pub_key']);
$modulinfo = "<module>
<baseinfo>
name={$modulname}
dev_id={$devInfo['dev_id']}
pubkey={$pub_key}
info={$moduleInfo}
time={$mtime}
hash={$hashcode}
@@ -174,19 +167,17 @@ $filelist
";
$filelists = explode("\n", $filelist);
foreach($filelists as $v)
{
$v = trim($v);
if(!empty($v)) $dm->MakeEncodeFileTest(dirname(__FILE__), $v);
foreach ($filelists as $v) {
$v = trim($v);
if (!empty($v)) $dm->MakeEncodeFileTest(dirname(__FILE__), $v);
}
//测试无误后编译安装包
$fp = fopen($moduleFilename, 'w');
fwrite($fp, $modulinfo);
fwrite($fp, "<modulefiles>\r\n");
foreach($filelists as $v)
{
$v = trim($v);
if(!empty($v)) $dm->MakeEncodeFile(dirname(__FILE__), $v, $fp);
foreach ($filelists as $v) {
$v = trim($v);
if (!empty($v)) $dm->MakeEncodeFile(dirname(__FILE__), $v, $fp);
}
fwrite($fp, "</modulefiles>\r\n");
fwrite($fp, "</module>\r\n");
@@ -197,37 +188,34 @@ $filelist
/*-------------
//修改项目
function editModule()
--------------*/
else if($action=='edit')
{
--------------*/ else if ($action == 'edit') {
$filelist = str_replace("\r", "\n", trim($filelist));
$filelist = trim(preg_replace("#[\n]{1,}#", "\n", $filelist));
if($filelist=="")
{
ShowMsg("对不起,你没有指定模块的文件列表,因此不能创建项目!","-1");
if ($filelist == "") {
ShowMsg("对不起,你没有指定模块的文件列表,因此不能创建项目!", "-1");
exit();
}
if (empty($dev_id)) {
ShowMsg("开发者ID不能为空!","-1");
ShowMsg("开发者ID不能为空!", "-1");
exit();
}
if (empty($priv)) {
ShowMsg("请填写开发者私钥信息","-1");
ShowMsg("请填写开发者私钥信息", "-1");
exit();
}
// 校验私钥,确定开发者身份
$devURL = DEDECDNURL."/developers/$dev_id.json";
$devURL = DEDECDNURL . "/developers/$dev_id.json";
$dhd = new DedeHttpDown();
$dhd->OpenUrl($devURL);
$devContent = $dhd->GetHtml();
$devInfo = (array)json_decode($devContent);
if (($devInfo['auth_at']+60*60*24*365) < time()) {
ShowMsg("您的开发者账号已经过期,请登录www.dedebiz.com重新申请!","-1");
if (($devInfo['auth_at'] + 60 * 60 * 24 * 365) < time()) {
ShowMsg("您的开发者账号已经过期,请登录www.dedebiz.com重新申请!", "-1");
exit();
}
if (strlen($modulname) > 150) {
ShowMsg("模块名称过长","-1");
ShowMsg("模块名称过长", "-1");
exit();
}
@@ -237,63 +225,62 @@ else if($action=='edit')
"dev_id" => $devInfo['dev_id'],
));
// 私钥加密模块信息
openssl_private_encrypt($enstr,$encotent,$priv);
openssl_private_encrypt($enstr, $encotent, $priv);
$moduleInfo = base64url_encode($encotent);
openssl_public_decrypt($encotent,$decontent,$devInfo['pub_key']);
openssl_public_decrypt($encotent, $decontent, $devInfo['pub_key']);
$minfo = (array)json_decode($decontent);
if ($minfo['module_name'] != $modulname || $minfo['dev_id'] != $devInfo['dev_id']) {
ShowMsg("开发者私钥校验失败,请确保填写正确的开发者私钥","-1");
ShowMsg("开发者私钥校验失败,请确保填写正确的开发者私钥", "-1");
exit();
}
//已经去除转义
foreach($_POST as $k=>$v) $$k = stripslashes($v);
if(!isset($autosetup)) $autosetup = 0;
if(!isset($autodel)) $autodel = 0;
$mdir = DEDEDATA.'/module';
foreach ($_POST as $k => $v) $$k = stripslashes($v);
if (!isset($autosetup)) $autosetup = 0;
if (!isset($autodel)) $autodel = 0;
$mdir = DEDEDATA . '/module';
$hashcode = $hash;
$moduleFilename = $mdir.'/'.$hashcode.'.xml';
$moduleFilename = $mdir . '/' . $hashcode . '.xml';
$modulname = str_replace('=', '', $modulname);
$indexurl = str_replace('=', '**', $indexurl);
$menustring = base64_encode($menustring);
$dm = new DedeModule($mdir);
$readmef = base64_encode($readmetxt);
$setupf = $uninstallf = '';
//编译setup文件
if(is_uploaded_file($setup))
{
move_uploaded_file($setup, $mdir."/{$hashcode}-s.php") or die("你没上传,或系统无法把setup文件移动到 module 目录!");
$setupf = $dm->GetEncodeFile($mdir."/{$hashcode}-s.php", TRUE);
if (is_uploaded_file($setup)) {
move_uploaded_file($setup, $mdir . "/{$hashcode}-s.php") or die("你没上传,或系统无法把setup文件移动到 module 目录!");
$setupf = $dm->GetEncodeFile($mdir . "/{$hashcode}-s.php", TRUE);
} else {
if($autosetup==0) $setupf = base64_encode($dm->GetSystemFile($hashcode, 'setup'));
if ($autosetup == 0) $setupf = base64_encode($dm->GetSystemFile($hashcode, 'setup'));
}
//编译uninstall文件
if(is_uploaded_file($uninstall))
{
move_uploaded_file($uninstall,$mdir."/{$hashcode}-u.php") or die("你没上传,或系统无法把uninstall文件移动到 module 目录!");
$uninstallf = $dm->GetEncodeFile($mdir."/{$hashcode}-u.php",true);
//编译uninstall文件
if (is_uploaded_file($uninstall)) {
move_uploaded_file($uninstall, $mdir . "/{$hashcode}-u.php") or die("你没上传,或系统无法把uninstall文件移动到 module 目录!");
$uninstallf = $dm->GetEncodeFile($mdir . "/{$hashcode}-u.php", true);
} else {
if($autodel==0) $uninstallf = base64_encode($dm->GetSystemFile($hashcode,'uninstall'));
if ($autodel == 0) $uninstallf = base64_encode($dm->GetSystemFile($hashcode, 'uninstall'));
}
if(trim($setupsql40)=='') $setupsql40 = '';
if (trim($setupsql40) == '') $setupsql40 = '';
else $setupsql40 = base64_encode(htmlspecialchars_decode(trim($setupsql40)));
//if(trim($setupsql41)=='') $setupsql41 = '';
//else $setupsql41 = base64_encode(trim($setupsql41));
if(trim($delsql)=='') $delsql = '';
if (trim($delsql) == '') $delsql = '';
else $delsql = base64_encode(strip_tags(trim($delsql)));
$modulinfo = "<module>
<baseinfo>
name={$modulname}
dev_id={$devInfo['dev_id']}
pubkey={$devInfo['pub_key']}
info={$moduleInfo}
time={$mtime}
hash={$hashcode}
@@ -330,30 +317,27 @@ $filelist
</systemfile>
";
if($rebuild=='yes')
{
if ($rebuild == 'yes') {
$filelists = explode("\n", $filelist);
foreach($filelists as $v)
{
$v = trim($v);
if(!empty($v)) $dm->MakeEncodeFileTest(dirname(__FILE__),$v);
foreach ($filelists as $v) {
$v = trim($v);
if (!empty($v)) $dm->MakeEncodeFileTest(dirname(__FILE__), $v);
}
//测试无误后编译安装包
$fp = fopen($moduleFilename, 'w');
fwrite($fp, $modulinfo."\r\n");
fwrite($fp, $modulinfo . "\r\n");
fwrite($fp, "<modulefiles>\r\n");
foreach($filelists as $v)
{
foreach ($filelists as $v) {
$v = trim($v);
if(!empty($v)) $dm->MakeEncodeFile(dirname(__FILE__),$v,$fp);
if (!empty($v)) $dm->MakeEncodeFile(dirname(__FILE__), $v, $fp);
}
fwrite($fp,"</modulefiles>\r\n");
fwrite($fp,"</module>\r\n");
fwrite($fp, "</modulefiles>\r\n");
fwrite($fp, "</module>\r\n");
fclose($fp);
} else {
$fxml = $dm->GetFileXml($hashcode);
$fp = fopen($moduleFilename, 'w');
fwrite($fp, $modulinfo."\r\n");
fwrite($fp, $modulinfo . "\r\n");
fwrite($fp, $fxml);
fclose($fp);
}


+ 20
- 9
src/dede/templets/module_main.htm Прегледај датотеку

@@ -6,6 +6,9 @@
<link rel="stylesheet" href="../static/css/bootstrap.min.css">
<link href="../static/font-awesome/css/font-awesome.min.css" rel="stylesheet">
<link href="css/base.css" rel="stylesheet" type="text/css" />
<script src="../static/js/jquery.min.js"></script>
<script src="../static/js/popper.min.js"></script>
<script src="../static/js/bootstrap.bundle.js"></script>
<script src="../static/js/dedeajax2.js" language="javascript" type="text/javascript"></script>
<script language="javascript" type="text/javascript">
function getmodule(action,hash)
@@ -68,23 +71,31 @@ foreach($modules as $k=>$v)
if(file_exists($file)) {
if(file_exists(DEDEDATA."/module/{$v['hash']}-readme.php")){
echo "<font color='green'>已安装</font> <a style='color:green' href='module_main.php?action=uninstall&hash={$v['hash']}'><u>卸载</u></a>";
}else{
echo "未安装 <a href='module_main.php?action=setup&hash={$v['hash']}'><u>安装</u></a>";
} else {
echo "未安装 <a class='btn btn-secondary btn-sm' href='module_main.php?action=setup&hash={$v['hash']}'>安装</a>";
}
}else{
} else {
echo "<div id=\"status_{$v['hash']}\"><font color='red'>未下载</font> <a style='color:red' href=\"javascript:getmodule('download','{$v['hash']}')\"><u>下载</u></a></div>";
}
?>
?>
</td>
<td>
<div id = 'manager_<?php echo $v['hash']; ?>' <?php if(!file_exists(DEDEDATA."/module/{$v['hash']}.xml")) echo 'style="display:none;"'?>>
<a class="btn btn-secondary btn-sm" href='module_main.php?action=showreadme&hash=<?php echo $v['hash']; ?>'>开发者</a>
<a class="btn btn-secondary btn-sm" href='module_main.php?action=showreadme&hash=<?php echo $v['hash']; ?>'>说明</a>
<a class="btn btn-secondary btn-sm" href='module_main.php?action=view&hash=<?php echo $v['hash']; ?>'>详细</a>
<a class="btn btn-secondary btn-sm" href='module_main.php?action=edit&hash=<?php echo $v['hash']; ?>'>修改</a>
<a class="btn btn-secondary btn-sm" href='module_main.php?action=del&hash=<?php echo $v['hash']; ?>'>删除</a>
<a class="btn btn-secondary" href='module_main.php?action=view_developoer&hash=<?php echo $v['hash']; ?>'>开发者信息</a>
<div class="btn-group" role="group">
<button id="btnAction" type="button" class="btn btn-secondary dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
操作
</button>
<div class="dropdown-menu" aria-labelledby="btnAction">
<a class="dropdown-item" href="module_main.php?action=showreadme&hash=<?php echo $v['hash']; ?>">说明</a>
<a class="dropdown-item" href="module_main.php?action=view&hash=<?php echo $v['hash']; ?>">详细</a>
<a class="dropdown-item" href="module_main.php?action=edit&hash=<?php echo $v['hash']; ?>">修改</a>
<a class="dropdown-item" href="module_main.php?action=del&hash=<?php echo $v['hash']; ?>">删除</a>
</div>
</div>
</div>
</td>
</tr>


+ 14
- 0
src/include/dedemodule.class.php Прегледај датотеку

@@ -63,6 +63,9 @@ class DedeModule
while ($filename = $dh->read()) {
if (preg_match("/\.xml$/i", $filename)) {
$minfos = $this->GetModuleInfo(str_replace('.xml', '', $filename));
if ($minfos==null) {
continue;
}
if (isset($minfos['moduletype']) && $moduletype != '' && $moduletype != $minfos['moduletype']) {
continue;
}
@@ -210,6 +213,17 @@ class DedeModule
foreach ($minfos as $k => $v) $minfos[$k] = $this->AppCode($v);
}
// 验证模块信息
$pubKey = @base64url_decode($minfos['pubkey']);
@openssl_public_decrypt(base64url_decode($minfos['info']), $decontent, $pubKey);
$enInfo = (array)json_decode($decontent);
if (count($enInfo)==0) {
return null;
}
if ($enInfo['module_name'] != $minfos['name'] || $enInfo['dev_id'] != $minfos['dev_id']) {
return null;
}
return $minfos;
}


Loading…
Откажи
Сачувај