diff --git a/src/admin/album_add.php b/src/admin/album_add.php index 297cdefb..9a300de9 100644 --- a/src/admin/album_add.php +++ b/src/admin/album_add.php @@ -120,31 +120,34 @@ if ($dopost != 'save') { $albumsArr = json_decode(stripslashes($albums), true); for ($i = 0; $i <= count($albumsArr) - 1; $i++) { $album = $albumsArr[$i]; - $data = explode(',', $album['img']); - $ext = ".png"; - if (strpos($data[0], "data:image/jpeg") === 0){ - $ext = ".jpg"; - } elseif (strpos($data[0], "data:image/gif") === 0) { - $ext = ".gif"; - } elseif (strpos($data[0], "data:image/webp") === 0) { - $ext = ".webp"; - } elseif (strpos($data[0], "data:image/bmp") === 0) { - $ext = ".bmp"; + if (strpos($data[0], "data:image") > 0) { + $data = explode(',', $album['img']); + $ext = ".png"; + if (strpos($data[0], "data:image/jpeg") === 0){ + $ext = ".jpg"; + } elseif (strpos($data[0], "data:image/gif") === 0) { + $ext = ".gif"; + } elseif (strpos($data[0], "data:image/webp") === 0) { + $ext = ".webp"; + } elseif (strpos($data[0], "data:image/bmp") === 0) { + $ext = ".bmp"; + } + $ntime = time(); + $savepath = $cfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime); + CreateDir($savepath); + $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999)); + $fullUrl = $fullUrl.$ext; + file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1])); + $info = ''; + $imginfos = GetImageSize($cfg_basedir.$fullUrl, $info); + $v = $fullUrl; + } else { + $v = $album['img']; + $info = ''; + $imginfos = GetImageSize($cfg_basedir.$v, $info); } - $ntime = time(); - $savepath = $cfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime); - CreateDir($savepath); - $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999)); - $fullUrl = $fullUrl.$ext; - file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1])); - $info = ''; - $imginfos = GetImageSize($cfg_basedir.$fullUrl, $info); - $v = $fullUrl; $imginfo = !empty($album['txt']) ? $album['txt'] : ''; $imgurls .= "{dede:img ddimg='$v' text='$imginfo' width='".$imginfos[0]."' height='".$imginfos[1]."'} $v {/dede:img}\r\n"; - if ($ddisfirst == 1 && $litpic == '' && !empty($fullUrl)) { - $litpic = $fullUrl; - } } } $imgurls = addslashes($imgurls); diff --git a/src/admin/album_edit.php b/src/admin/album_edit.php index 4edbadcf..da156b73 100644 --- a/src/admin/album_edit.php +++ b/src/admin/album_edit.php @@ -191,29 +191,34 @@ if ($dopost != 'save') { } if ($albums !== "") { $albumsArr = json_decode(stripslashes($albums), true); - //var_dump($albumsArr);exit; for ($i = 0; $i <= count($albumsArr) - 1; $i++) { $album = $albumsArr[$i]; - $data = explode(',', $album['img']); - $ext = ".png"; - if (strpos($data[0], "data:image/jpeg") === 0){ - $ext = ".jpg"; - } elseif (strpos($data[0], "data:image/gif") === 0) { - $ext = ".gif"; - } elseif (strpos($data[0], "data:image/webp") === 0) { - $ext = ".webp"; - } elseif (strpos($data[0], "data:image/bmp") === 0) { - $ext = ".bmp"; + if (strpos($data[0], "data:image") > 0) { + $data = explode(',', $album['img']); + $ext = ".png"; + if (strpos($data[0], "data:image/jpeg") === 0){ + $ext = ".jpg"; + } elseif (strpos($data[0], "data:image/gif") === 0) { + $ext = ".gif"; + } elseif (strpos($data[0], "data:image/webp") === 0) { + $ext = ".webp"; + } elseif (strpos($data[0], "data:image/bmp") === 0) { + $ext = ".bmp"; + } + $ntime = time(); + $savepath = $cfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime); + CreateDir($savepath); + $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999)); + $fullUrl = $fullUrl.$ext; + file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1])); + $info = ''; + $imginfos = GetImageSize($cfg_basedir.$fullUrl, $info); + $v = $fullUrl; + } else { + $v = $album['img']; + $info = ''; + $imginfos = GetImageSize($cfg_basedir.$v, $info); } - $ntime = time(); - $savepath = $cfg_image_dir.'/'.MyDate($cfg_addon_savetype, $ntime); - CreateDir($savepath); - $fullUrl = $savepath.'/'.dd2char(MyDate('mdHis', $ntime).$cuserLogin->getUserID().mt_rand(1000, 9999)); - $fullUrl = $fullUrl.$ext; - file_put_contents($cfg_basedir.$fullUrl, base64_decode($data[1])); - $info = ''; - $imginfos = GetImageSize($cfg_basedir.$fullUrl, $info); - $v = $fullUrl; $imginfo = !empty($album['txt']) ? $album['txt'] : ''; $imgurls .= "{dede:img ddimg='$v' text='$imginfo' width='".$imginfos[0]."' height='".$imginfos[1]."'} $v {/dede:img}\r\n"; } diff --git a/src/admin/api.php b/src/admin/api.php index bca7bbc1..6c31b3cb 100644 --- a/src/admin/api.php +++ b/src/admin/api.php @@ -15,7 +15,7 @@ require_once(DEDEADMIN.'/../system/common.inc.php'); require_once(DEDEINC.'/userlogin.class.php'); AjaxHead(); helper('cache'); -$action = isset($action) && in_array($action, array('is_need_check_code', 'has_new_version', 'get_changed_files', 'update_backup', 'get_update_versions', 'update')) ? $action : ''; +$action = isset($action) && in_array($action, array('is_need_check_code', 'has_new_version', 'get_changed_files', 'update_backup', 'get_update_versions', 'update', 'upload_image')) ? $action : ''; $curDir = dirname(GetCurUrl()); //当前目录 /** * 登录鉴权 @@ -317,5 +317,57 @@ if ($action === 'is_need_check_code') { ), )); exit; +} else if($action === 'upload_image'){ + checkLogin(); + $imgfile_name = $_FILES["file"]['name']; + $activepath = $cfg_image_dir; + $allowedTypes = array("image/pjpeg", "image/jpeg", "image/gif", "image/png", "image/xpng", "image/wbmp", "image/webp"); + $uploadedFile = $_FILES['file']['tmp_name']; + $fileType = mime_content_type($uploadedFile); + $imgSize = getimagesize($uploadedFile); + if (!in_array($fileType, $allowedTypes) || !$imgSize) { + echo json_encode(array( + "code" => -1, + "msg" => "仅支持图片格式文件", + "data" => null, + )); + exit; + } + $nowtme = time(); + $mdir = MyDate($cfg_addon_savetype, $nowtme); + if (!is_dir($cfg_basedir.$activepath."/$mdir")) { + MkdirAll($cfg_basedir.$activepath."/$mdir", $cfg_dir_purview); + CloseFtp(); + } + $cuserLogin = new userLogin(); + $iseditor = isset($iseditor)? intval($iseditor) : 0; + $filename_name = $cuserLogin->getUserID().'-'.dd2char(MyDate("ymdHis", $nowtme).mt_rand(100, 999)); + $filename = $mdir.'/'.$filename_name; + $fs = explode('.', $imgfile_name); + $filename = $filename.'.'.$fs[count($fs) - 1]; + $filename_name = $filename_name.'.'.$fs[count($fs) - 1]; + $fullfilename = $cfg_basedir.$activepath."/".$filename; + move_uploaded_file($_FILES["file"]["tmp_name"], $fullfilename) or die(json_encode(array( + "code" => -1, + "msg" => "上传失败", + "data" => null, + ))); + $info = ''; + $sizes[0] = 0; + $sizes[1] = 0; + $sizes = getimagesize($fullfilename, $info); + $imgwidthValue = $sizes[0]; + $imgheightValue = $sizes[1]; + $imgsize = filesize($fullfilename); + $inquery = "INSERT INTO `#@__uploads` (arcid,title,url,mediatype,width,height,playtime,filesize,uptime,mid) VALUES ('0','$filename','".$activepath."/".$filename."','1','$imgwidthValue','$imgheightValue','0','{$imgsize}','{$nowtme}','".$cuserLogin->getUserID()."'); "; + $dsql->ExecuteNoneQuery($inquery); + $fid = $dsql->GetLastID(); + AddMyAddon($fid, $activepath.'/'.$filename); + echo json_encode(array( + "code" => 0, + "msg" => "上传成功", + "data" => $activepath."/".$filename, + )); + } ?> \ No newline at end of file diff --git a/src/admin/sys_admin_user_add.php b/src/admin/sys_admin_user_add.php index 704dbce2..4e2fd8ec 100644 --- a/src/admin/sys_admin_user_add.php +++ b/src/admin/sys_admin_user_add.php @@ -29,12 +29,13 @@ if ($dopost == 'add') { exit(); } $pfd = "pwd"; - $mpwd = md5($pwd); - $pwd = substr(md5($pwd), 5, 20); if (function_exists('password_hash')) { $pfd = "pwd_new"; $mpwd = password_hash($pwd, PASSWORD_BCRYPT); $pwd = password_hash($pwd, PASSWORD_BCRYPT); + } else { + $mpwd = md5($pwd); + $pwd = substr(md5($pwd), 5, 20); } $typeid = join(',', $typeids); diff --git a/src/admin/templets/album_add.htm b/src/admin/templets/album_add.htm index 5915bc83..12c3046e 100644 --- a/src/admin/templets/album_add.htm +++ b/src/admin/templets/album_add.htm @@ -26,28 +26,6 @@ var swfu = null; var vcc = 0; var albums = []; - $(document).ready(function () { - //添加图片 - $("#iptAlbumImages").change(function (event) { - var files = event.target.files; - for (var i = 0, f; f = files[i]; i++) { - //如果不是图片忽略 - if (!f.type.match('image.*')) { - continue; - } - //图片渲染到浏览器 - var reader = new FileReader(); - reader.onload = (function (theFile) { - return function (e) { - litpicImgSrc = e.target.result; - addImage(litpicImgSrc, 0); - }; - })(f); - reader.readAsDataURL(f); - } - $("#iptAlbumImages").val(""); - }); - }); @@ -415,5 +393,32 @@ + \ No newline at end of file diff --git a/src/admin/templets/album_edit.htm b/src/admin/templets/album_edit.htm index e5351179..c6bd8f72 100644 --- a/src/admin/templets/album_edit.htm +++ b/src/admin/templets/album_edit.htm @@ -21,33 +21,11 @@ - + @@ -308,15 +286,16 @@ if ($ctag->GetAtt('ddimg') != $bigimg && $ctag->GetAtt('ddimg')!='') { $litimg = $ctag->GetAtt('ddimg'); } else { - $litimg = 'swfupload.php?dopost=ddimg&img='.$bigimg; + if (preg_match("#^(http|https):\/\/#i", $bigimg)) $litimg = $bigimg; + else $litimg = 'swfupload.php?dopost=ddimg&img='.$bigimg; } $fhtml = ''; $fhtml .= "
"; $fhtml .= ""; $fhtml .= ""; - $fhtml .= ""; + $fhtml .= ""; $fhtml .= "
标题:
"; - $fhtml .= "
更换删除
"; + $fhtml .= "
更换删除
"; $fhtml .= "
"; echo $fhtml; $j++; @@ -463,5 +442,55 @@ + \ No newline at end of file