DedeBIZ
/
DedeV6
Segui 2
Vota 0
Forka 0
Codice Pull Requests 0 Rilasci 31 Attività
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
875 Commit
3 Rami (Branch)
93MB
Albero (Tree): a5e73a5a38
Rami (Branch) Tag
${ item.name }
Crea branch ${ searchTerm }
da 'a5e73a5a38'
${ noResults }
DedeV6/src/admin/swfupload.php

swfupload.php 6.5KB
Originale Normal View Cronologia

合并分支
3 anni fa
文件类型安全校验
3 anni fa
合并分支
3 anni fa
移除加粗统一符号简化代码修改管理上传文件
3 anni fa
合并分支
3 anni fa
移除加粗统一符号简化代码修改管理上传文件
3 anni fa
合并分支
3 anni fa
优化分页条数,优化富文本样式
3 anni fa
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197 
  1. <?php

  2. /**

  3.  * swfupload上传

  4.  *

  5.  * @version        $Id: swfupload.php 1 16:22 2010年7月20日Z tianya $

  6.  * @package        DedeBIZ.Administrator

  7.  * @copyright      Copyright (c) 2022, DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__).'/config.php');

  12. require_once(DEDEINC.'/image.func.php');

  13. /************************

  14. //上传

  15. function Upload(){  }

  16.  *************************/

  17. if (empty($dopost)) {

  18.     ini_set('html_errors', '0');

  19.     if (empty($Filedata) || !is_uploaded_file($Filedata)) {

  20.         echo 'ERROR: Upload Error! ';

  21.         exit(0);

  22.     }

  23.     //把文件移动到临时目录

  24.     $tmpdir = DEDEDATA.'/uploadtmp';

  25.     if (!is_dir($tmpdir)) {

  26.         MkdirAll($tmpdir, $cfg_dir_purview);

  27.         CloseFtp();

  28.         if (!is_dir($tmpdir)) {

  29.             echo "ERROR: Create {$tmpdir} dir Error! ";

  30.             exit(0);

  31.         }

  32.     }

  33.     $FiledataNew = str_replace("\\", '/', $Filedata);

  34.     $FiledataNew = $tmpdir.'/'.preg_replace("/(.*)[\/]/isU", "", $FiledataNew);

  35.     $mime = get_mime_type($Filedata);

  36.     if (preg_match("#^unknow#", $mime)) {

  37.         echo "ERROR: Create {$tmpdir} dir Error! ";

  38.         exit;

  39.     }

  40.     if (!preg_match("#^(image|video|audio|application)#i", $mime)) {

  41.         echo "ERROR: Create {$tmpdir} dir Error! ";

  42.         exit;

  43.     }

  44.     move_uploaded_file($Filedata, $FiledataNew);

  45.     $info = $ftype = $sname = '';

  46.     $srcInfo = GetImageSize($FiledataNew, $info);

  47.     //检测文件类型

  48.     if (!is_array($srcInfo)) {

  49.         @unlink($Filedata);

  50.         echo "ERROR: Image info Error! ";

  51.         exit(0);

  52.     } else {

  53.         switch ($srcInfo[2]) {

  54.             case 1:

  55.                 $ftype = 'image/gif';

  56.                 $sname = '.gif';

  57.                 break;

  58.             case 2:

  59.                 $ftype = 'image/jpeg';

  60.                 $sname = '.jpg';

  61.                 break;

  62.             case 3:

  63.                 $ftype = 'image/png';

  64.                 $sname = '.png';

  65.                 break;

  66.             case 6:

  67.                 $ftype = 'image/bmp';

  68.                 $sname = '.bmp';

  69.                 break;

  70.         }

  71.     }

  72.     if ($ftype == '') {

  73.         @unlink($Filedata);

  74.         echo "ERROR: Image type Error! ";

  75.         exit(0);

  76.     }

  77.     //保存原图

  78.     $filedir = $cfg_image_dir.'/'.MyDate($cfg_addon_savetype, time());

  79.     if (!is_dir(DEDEROOT.$filedir)) {

  80.         MkdirAll($cfg_basedir.$filedir, $cfg_dir_purview);

  81.         CloseFtp();

  82.     }

  83.     $filename = $cuserLogin->getUserID().'-'.dd2char(MyDate('ymdHis', time()));

  84.     if (file_exists($cfg_basedir.$filedir.'/'.$filename.$sname)) {

  85.         for ($i = 50; $i <= 5000; $i++) {

  86.             if (!file_exists($cfg_basedir.$filedir.'/'.$filename.'-'.$i.$sname)) {

  87.                 $filename = $filename.'-'.$i;

  88.                 break;

  89.             }

  90.         }

  91.     }

  92.     $fileurl = $filedir.'/'.$filename.$sname;

  93.     $rs = copy($FiledataNew, $cfg_basedir.$fileurl);

  94.     unlink($FiledataNew);

  95.     if (!$rs) {

  96.         echo "ERROR: Copy Uploadfile Error! ";

  97.         exit(0);

  98.     }

  99.     //WaterImg($cfg_basedir.$fileurl, 'up');

  100.     $title = $filename.$sname;

  101.     $inquery = "INSERT INTO `#@__uploads`(title,url,mediatype,width,height,playtime,filesize,uptime,mid)

  102.         VALUES ('$title','$fileurl','$ftype','0','0','0','".filesize($cfg_basedir.$fileurl)."','".time()."','".$cuserLogin->getUserID()."'); ";

  103.     if (!empty($arcid)) {

  104.         $inquery = "INSERT INTO `#@__uploads`(arcid,title,url,mediatype,width,height,playtime,filesize,uptime,mid)

  105.         VALUES ('$arcid','$title','$fileurl','$ftype','0','0','0','".filesize($cfg_basedir.$fileurl)."','".time()."','".$cuserLogin->getUserID()."'); ";

  106.     }

  107.     $dsql->ExecuteNoneQuery($inquery);

  108.     $fid = $dsql->GetLastID();

  109.     AddMyAddon($fid, $fileurl);

  110.     //生成缩略图

  111.     ob_start();

  112.     ImageResizeNew($cfg_basedir.$fileurl, $cfg_ddimg_width, $cfg_ddimg_height, '', false);

  113.     $imagevariable = ob_get_contents();

  114.     ob_end_clean();

  115.     //保存信息到 session

  116.     if (!isset($_SESSION['file_info'])) $_SESSION['file_info'] = array();

  117.     if (!isset($_SESSION['bigfile_info'])) $_SESSION['bigfile_info'] = array();

  118.     if (!isset($_SESSION['fileid'])) $_SESSION['fileid'] = 1;

  119.     else $_SESSION['fileid']++;

  120.     $_SESSION['bigfile_info'][$_SESSION['fileid']] = $fileurl;

  121.     $_SESSION['file_info'][$_SESSION['fileid']] = $imagevariable;

  122.     echo "FILEID:".$_SESSION['fileid'];

  123.     exit(0);

  124. }

  125. /************************

  126. //生成缩图

  127. function GetThumbnail(){  }

  128. *************************/

  129. else if ($dopost == 'thumbnail') {

  130.     if (empty($id)) {

  131.         header('HTTP/1.1 500 Internal Server Error');

  132.         echo 'No ID';

  133.         exit(0);

  134.     }

  135.     if (!is_array($_SESSION['file_info']) || !isset($_SESSION['file_info'][$id])) {

  136.         header('HTTP/1.1 404 Not found');

  137.         exit(0);

  138.     }

  139.     header('Content-type: image/jpeg');

  140.     header('Content-Length: '.strlen($_SESSION['file_info'][$id]));

  141.     echo $_SESSION['file_info'][$id];

  142.     exit(0);

  143. }

  144. /************************

  145. //删除指定ID的图片

  146. *************************/

  147. else if ($dopost == 'del') {

  148.     if (!isset($_SESSION['bigfile_info'][$id])) {

  149.         echo '';

  150.         exit();

  151.     }

  152.     $dsql->ExecuteNoneQuery("DELETE FROM `#@__uploads` WHERE url LIKE '{$_SESSION['bigfile_info'][$id]}'; ");

  153.     @unlink($cfg_basedir.$_SESSION['bigfile_info'][$id]);

  154.     $_SESSION['file_info'][$id] = '';

  155.     $_SESSION['bigfile_info'][$id] = '';

  156.     echo "已删除";

  157.     exit();

  158. }

  159. /************************

  160. //获取图片地址

  161. *************************/

  162. else if ($dopost == 'addtoedit') {

  163.     if (!isset($_SESSION['bigfile_info'][$id])) {

  164.         echo '';

  165.         exit();

  166.     }

  167.     echo $_SESSION['bigfile_info'][$id];

  168.     exit();

  169. }

  170. /************************

  171. //获取本地图片的缩略预览图

  172. function GetddImg(){  }

  173. *************************/

  174. else if ($dopost == 'ddimg') {

  175.     //生成缩略图

  176.     ob_start();

  177.     if (!preg_match("/^(http[s]?:\/\/)?([^\/]+)/i", $img)) $img = $cfg_basedir.$img;

  178.     ImageResizeNew($img, $cfg_ddimg_width, $cfg_ddimg_height, '', false);

  179.     $imagevariable = ob_get_contents();

  180.     ob_end_clean();

  181.     header('Content-type: image/jpeg');

  182.     header('Content-Length: '.strlen($imagevariable));

  183.     echo $imagevariable;

  184.     exit();

  185. }

  186. /************************

  187. //删除指定的图片(编辑图集时用)

  188. *************************/

  189. else if ($dopost == 'delold') {

  190.     $imgfile = $cfg_basedir.$picfile;

  191.     if (!file_exists($imgfile) && !is_dir($imgfile) && preg_match("#^".$cfg_medias_dir."#", $imgfile)) {

  192.         @unlink($imgfile);

  193.     }

  194.     $dsql->ExecuteNoneQuery("DELETE FROM `#@__uploads` WHERE url LIKE '{$picfile}'; ");

  195.     echo "已删除";

  196.     exit();

  197. }