国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

114 lines
4.3KB

  1. <?php
  2. /**
  3. * 软件发送
  4. *
  5. * @version $Id: select_soft_post.php 1 9:43 2010年7月8日Z tianya $
  6. * @package DedeBIZ.Dialog
  7. * @copyright Copyright (c) 2021, DedeBIZ.COM
  8. * @license https://www.dedebiz.com/license
  9. * @link https://www.dedebiz.com
  10. */
  11. if (!isset($cfg_basedir)) {
  12. include_once(dirname(__FILE__) . '/config.php');
  13. }
  14. if (empty($uploadfile)) $uploadfile = '';
  15. if (empty($uploadmbtype)) $uploadmbtype = '软件类型';
  16. if (empty($bkurl)) $bkurl = 'select_soft.php';
  17. $CKEditorFuncNum = (isset($CKEditorFuncNum)) ? $CKEditorFuncNum : 1;
  18. $newname = (empty($newname) ? '' : preg_replace("#[\\ \"\*\?\t\r\n<>':\/|]#", "", $newname));
  19. $uploadfile = isset($imgfile) && empty($uploadfile) ? $imgfile : $uploadfile;
  20. $uploadfile_name = isset($imgfile_name) && empty($uploadfile_name) ? $imgfile_name : $uploadfile_name;
  21. if (!is_uploaded_file($uploadfile)) {
  22. ShowMsg("你没有选择上传的文件或选择的文件大小超出限制!", "-1");
  23. exit();
  24. }
  25. //软件类型所有支持的附件
  26. $cfg_softtype = $cfg_softtype;
  27. $cfg_softtype = str_replace('||', '|', $cfg_softtype);
  28. $uploadfile_name = trim(preg_replace("#[ \r\n\t\*\%\\\/\?><\|\":]{1,}#", '', $uploadfile_name));
  29. if (!preg_match("#\.(" . $cfg_softtype . ")#i", $uploadfile_name)) {
  30. ShowMsg("你所上传的{$uploadmbtype}不在许可列表,请更改系统对扩展名限定的配置!", "");
  31. exit();
  32. }
  33. $nowtme = time();
  34. if ($activepath == $cfg_soft_dir) {
  35. $newdir = MyDate($cfg_addon_savetype, $nowtme);
  36. $activepath = $activepath . '/' . $newdir;
  37. if (!is_dir($cfg_basedir . $activepath)) {
  38. MkdirAll($cfg_basedir . $activepath, $cfg_dir_purview);
  39. CloseFtp();
  40. }
  41. }
  42. //文件名(前为手工指定, 后者自动处理)
  43. if (!empty($newname)) {
  44. $filename = $newname;
  45. if (!preg_match("#\.#", $filename)) $fs = explode('.', $uploadfile_name);
  46. else $fs = explode('.', $filename);
  47. if (preg_match("#" . $cfg_not_allowall . "#", $fs[count($fs) - 1])) {
  48. ShowMsg("你指定的文件名被系统禁止!", 'javascript:;');
  49. exit();
  50. }
  51. if (!preg_match("#\.#", $filename)) $filename = $filename . '.' . $fs[count($fs) - 1];
  52. } else {
  53. $filename = $cuserLogin->getUserID() . '-' . dd2char(MyDate('ymdHis', $nowtme));
  54. $fs = explode('.', $uploadfile_name);
  55. if (preg_match("#" . $cfg_not_allowall . "#", $fs[count($fs) - 1])) {
  56. ShowMsg("你上传了某些可能存在不安全因素的文件,系统拒绝操作!", 'javascript:;');
  57. exit();
  58. }
  59. $filename = $filename . '.' . $fs[count($fs) - 1];
  60. }
  61. $fullfilename = $cfg_basedir . $activepath . '/' . $filename;
  62. $fullfileurl = $activepath . '/' . $filename;
  63. move_uploaded_file($uploadfile, $fullfilename) or die("上传文件到 $fullfilename 失败!");
  64. @unlink($uploadfile);
  65. if ($cfg_remote_site == 'Y' && $remoteuploads == 1) {
  66. //分析远程文件路径
  67. $remotefile = str_replace(DEDEROOT, '', $fullfilename);
  68. $localfile = '../..' . $remotefile;
  69. //创建远程文件夹
  70. $remotedir = preg_replace('/[^\/]*\.(' . $cfg_softtype . ')/', '', $remotefile);
  71. $ftp->rmkdir($remotedir);
  72. $ftp->upload($localfile, $remotefile);
  73. }
  74. if ($uploadfile_type == 'application/x-shockwave-flash') {
  75. $mediatype = 2;
  76. } else if (preg_match('#image#i', $uploadfile_type)) {
  77. $mediatype = 1;
  78. } else if (preg_match('#audio|media|video#i', $uploadfile_type)) {
  79. $mediatype = 3;
  80. } else {
  81. $mediatype = 4;
  82. }
  83. $inquery = "INSERT INTO `#@__uploads`(arcid,title,url,mediatype,width,height,playtime,filesize,uptime,mid)
  84. VALUES ('0','$filename','$fullfileurl','$mediatype','0','0','0','{$uploadfile_size}','{$nowtme}','" . $cuserLogin->getUserID() . "'); ";
  85. $dsql->ExecuteNoneQuery($inquery);
  86. $fid = $dsql->GetLastID();
  87. AddMyAddon($fid, $fullfileurl);
  88. if ($ck == 1) {
  89. $funcNum = isset($_GET['CKEditorFuncNum']) ? $_GET['CKEditorFuncNum'] : 1;
  90. $url = $fullfileurl;
  91. $arr = array(
  92. "uploaded" => 1,
  93. "fileName" => $filename,
  94. "url" => $url,
  95. );
  96. echo json_encode($arr);
  97. } else {
  98. ShowMsg("成功上传文件!", $bkurl . "?comeback=" . urlencode($filename) . "&f=$f&CKEditorFuncNum=$CKEditorFuncNum&activepath=" . urlencode($activepath) . "&d=" . time());
  99. exit();
  100. }