diff --git a/src/dede/co_export.php b/src/dede/co_export.php
index 8ae2149b..3318afc7 100755
--- a/src/dede/co_export.php
+++ b/src/dede/co_export.php
@@ -4,7 +4,7 @@
  *
  * @version        $Id: co_edit_text.php 1 14:31 2010年7月12日Z tianya $
  * @package        DedeCMS.Administrator
- * @copyright      Copyright (c) 2007 - 2010, DesDev, Inc.
+ * @copyright      Copyright (c) 2007 - 2020, DesDev, Inc.
  * @license        http://help.dedecms.com/usersguide/license.html
  * @link           http://www.dedecms.com
  */
diff --git a/src/dede/media_add.php b/src/dede/media_add.php
index 515942ca..98e25ad7 100755
--- a/src/dede/media_add.php
+++ b/src/dede/media_add.php
@@ -1,96 +1,84 @@
 <?php
+
 /**
  * 附件添加
  *
  * @version        $Id: media_add.php 2 15:25 2011-6-2 tianya $
  * @package        DedeCMS.Administrator
- * @copyright      Copyright (c) 2007 - 2010, DesDev, Inc.
+ * @copyright      Copyright (c) 2007 - 2020, DesDev, Inc.
  * @license        http://help.dedecms.com/usersguide/license.html
  * @link           http://www.dedecms.com
  */
-require_once(dirname(__FILE__)."/config.php");
+require_once(dirname(__FILE__) . "/config.php");
 
 //增加权限检查
-if(empty($dopost)) $dopost = "";
+if (empty($dopost)) $dopost = "";
 
 //上传
-if($dopost=="upload")
-{
+if ($dopost == "upload") {
     csrf_check();
-    require_once(DEDEINC."/image.func.php");
-    $sparr_image = Array("image/pjpeg","image/jpeg","image/gif","image/png","image/x-png","image/wbmp");
-    $sparr_flash = Array("application/xshockwaveflash");
+    require_once(DEDEINC . "/image.func.php");
+    $sparr_image = array("image/pjpeg", "image/jpeg", "image/gif", "image/png", "image/x-png", "image/wbmp");
+    $sparr_flash = array("application/xshockwaveflash");
     $okdd = 0;
     $uptime = time();
     $adminid = $cuserLogin->getUserID();
     $width = $height = '';
-    
-    for($i=0; $i<=40; $i++)
-    {
-        if(isset(${"upfile".$i}) && is_uploaded_file(${"upfile".$i}))
-        {
-            $filesize = ${"upfile".$i."_size"};
-            $upfile_type = ${"upfile".$i."_type"};
-            $upfile_name = ${"upfile".$i."_name"};
+
+    for ($i = 0; $i <= 40; $i++) {
+        if (isset(${"upfile" . $i}) && is_uploaded_file(${"upfile" . $i})) {
+            $filesize = ${"upfile" . $i . "_size"};
+            $upfile_type = ${"upfile" . $i . "_type"};
+            $upfile_name = ${"upfile" . $i . "_name"};
             $dpath = MyDate("ymd", $uptime);
 
-            if(in_array($upfile_type, $sparr_image))
-            {
+            if (in_array($upfile_type, $sparr_image)) {
                 $mediatype = 1;
-                $savePath = $cfg_image_dir."/".$dpath;
-            }
-            else if(in_array($upfile_type, $sparr_flash)){
+                $savePath = $cfg_image_dir . "/" . $dpath;
+            } else if (in_array($upfile_type, $sparr_flash)) {
                 $mediatype = 2;
-                $savePath = $cfg_other_medias."/".$dpath;
+                $savePath = $cfg_other_medias . "/" . $dpath;
             }
             // 2011-6-2 修复附件无法上传的错误(by:tianya)
-            else if(preg_match('#audio|media|video#i', $upfile_type) && preg_match("#\.".$cfg_mediatype."$#i", $upfile_name))
-            {
-                $mediatype=3;
-                $savePath = $cfg_other_medias."/".$dpath;
-            }
-            else if(preg_match("#\.".$cfg_softtype."+\.".$cfg_softtype."$#i", $upfile_name))
-            {
-                $mediatype=4;
-                $savePath = $cfg_soft_dir."/".$dpath;
-            }
-            else
-            {
+            else if (preg_match('#audio|media|video#i', $upfile_type) && preg_match("#\." . $cfg_mediatype . "$#i", $upfile_name)) {
+                $mediatype = 3;
+                $savePath = $cfg_other_medias . "/" . $dpath;
+            } else if (preg_match("#\." . $cfg_softtype . "+\." . $cfg_softtype . "$#i", $upfile_name)) {
+                $mediatype = 4;
+                $savePath = $cfg_soft_dir . "/" . $dpath;
+            } else {
                 continue;
             }
-            $filename = "{$adminid}_".MyDate("His",$uptime).mt_rand(100,999).$i;
-            $fs = explode(".",${"upfile".$i."_name"});
-            $filename = $filename.".".$fs[count($fs)-1];
-            $filename = $savePath."/".$filename;
-            if(!is_dir($cfg_basedir.$savePath))
-            {
-                MkdirAll($cfg_basedir.$savePath,777);
+            $filename = "{$adminid}_" . MyDate("His", $uptime) . mt_rand(100, 999) . $i;
+            $fs = explode(".", ${"upfile" . $i . "_name"});
+            $filename = $filename . "." . $fs[count($fs) - 1];
+            $filename = $savePath . "/" . $filename;
+            if (!is_dir($cfg_basedir . $savePath)) {
+                MkdirAll($cfg_basedir . $savePath, 777);
                 CloseFtp();
             }
-			/*
+            /*
 			dedecms后台文件任意上传漏洞
 			漏洞描述：dedecms早期版本后台存在大量的富文本编辑器，该控件提供了一些文件上传接口，同时dedecms对上传文件的后缀类型未进行严格的限制，这导致了黑客可以上传WEBSHELL，获取网站后台权限。
 			*/
-			if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)[^a-zA-Z0-9]+$#i', trim($filename))) { ShowMsg("你指定的文件名被系统禁止！"); exit(); }
-            $fullfilename = $cfg_basedir.$filename;
-            if($mediatype==1)
-            {
-                @move_uploaded_file(${"upfile".$i}, $fullfilename);
+            if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)[^a-zA-Z0-9]+$#i', trim($filename))) {
+                ShowMsg("你指定的文件名被系统禁止！", "javascript:;");
+                exit();
+            }
+            $fullfilename = $cfg_basedir . $filename;
+            if ($mediatype == 1) {
+                @move_uploaded_file(${"upfile" . $i}, $fullfilename);
                 $info = '';
                 $data = getImagesize($fullfilename, $info);
                 $width = $data[0];
                 $height = $data[1];
-                if(in_array($upfile_type, $cfg_photo_typenames)) WaterImg($fullfilename, 'up');
-            }else
-            {
-                @move_uploaded_file(${"upfile".$i}, $fullfilename);
-            }
-            if($i>1)
-            {
-                $ntitle = $title."_".$i;
+                if (in_array($upfile_type, $cfg_photo_typenames)) WaterImg($fullfilename, 'up');
+            } else {
+                @move_uploaded_file(${"upfile" . $i}, $fullfilename);
             }
-            else
-            {
+            if ($i > 1) {
+                $ntitle = $title . "_" . $i;
+            } else {
                 $ntitle = $title;
             }
             $inquery = "INSERT INTO `#@__uploads`(title,url,mediatype,width,height,playtime,filesize,uptime,mid)
@@ -99,7 +87,7 @@ if($dopost=="upload")
             $dsql->ExecuteNoneQuery($inquery);
         }
     }
-    ShowMsg("成功上传 {$okdd} 个文件！","media_main.php");
+    ShowMsg("成功上传 {$okdd} 个文件！", "media_main.php");
     exit();
 }
-include DedeInclude('templets/media_add.htm');
\ No newline at end of file
+include DedeInclude('templets/media_add.htm');
diff --git a/src/include/dedesqli.class.php b/src/include/dedesqli.class.php
index 2fcfa814..e4525429 100755
--- a/src/include/dedesqli.class.php
+++ b/src/include/dedesqli.class.php
@@ -18,6 +18,11 @@
 @set_time_limit(0);
 // 在工程所有文件中均不需要单独初始化这个类，可直接用 $dsql 或 $db 进行操作
 // 为了防止错误，操作完后不必关闭数据库
+if (!function_exists("mysqli_init") ) {
+    echo "DedeCMS提示：尚未发现开启mysqli模块，请在php.ini中启用`extension=mysqli`。";
+    exit;
+}
+
 $dsql = $dsqli = $db = new DedeSqli(FALSE);
 /**
  * Dede MySQLi数据库类
@@ -29,6 +34,10 @@ $dsql = $dsqli = $db = new DedeSqli(FALSE);
 if (!defined('MYSQL_BOTH')) {
      define('MYSQL_BOTH',MYSQLI_BOTH);
 }
+
+if (!defined('MYSQL_ASSOC')) {
+    define('MYSQL_ASSOC', MYSQLI_ASSOC);
+}
 class DedeSqli
 {
     var $linkID;
@@ -90,7 +99,7 @@ class DedeSqli
     }
     function SelectDB($dbname)
     {
-        mysql_select_db($dbname);
+        mysqli_select_db($this->linkID, $dbname);
     }
 
     //设置SQL里的参数
diff --git a/src/include/uploadsafe.inc.php b/src/include/uploadsafe.inc.php
index ccc561ed..c937959b 100755
--- a/src/include/uploadsafe.inc.php
+++ b/src/include/uploadsafe.inc.php
@@ -1,61 +1,118 @@
 <?php
-if(!defined('DEDEINC')) exit('Request Error!');
 
-if(isset($_FILES['GLOBALS'])) exit('Request not allow!');
+/**
+ * 文件上传安全校验方法
+ *
+ * @version        $Id: uploadsafe.inc.php 1 15:59 2020年8月19日Z tianya $
+ * @package        DedeCMS.Libraries
+ * @copyright      Copyright (c) 2007 - 2020, DesDev, Inc.
+ * @license        http://help.dedecms.com/usersguide/license.html
+ * @link           http://www.dedecms.com
+ */
+if (!defined('DEDEINC')) exit('Request Error!');
+
+if (isset($_FILES['GLOBALS'])) exit('Request not allow!');
 
 //为了防止用户通过注入的可能性改动了数据库
 //这里强制限定的某些文件类型禁止上传
 $cfg_not_allowall = "php|pl|cgi|asp|aspx|jsp|php3|shtm|shtml";
 $keyarr = array('name', 'type', 'tmp_name', 'size');
-if ($GLOBALS['cfg_html_editor']=='ckeditor' && isset($_FILES['upload']))
-{
+if (
+    ($GLOBALS['cfg_html_editor'] == 'ckeditor' ||
+        $GLOBALS['cfg_html_editor'] == 'ckeditor4')  && isset($_FILES['upload'])
+) {
     $_FILES['imgfile'] = $_FILES['upload'];
     $CKUpload = TRUE;
     unset($_FILES['upload']);
 }
-foreach($_FILES as $_key=>$_value)
-{
-    foreach($keyarr as $k)
-    {
-        if(!isset($_FILES[$_key][$k]))
-        {
+foreach ($_FILES as $_key => $_value) {
+    foreach ($keyarr as $k) {
+        if (!isset($_FILES[$_key][$k])) {
             exit('Request Error!');
         }
     }
-    if( preg_match('#^(cfg_|GLOBALS)#', $_key) )
-    {
+    if (preg_match('#^(cfg_|GLOBALS)#', $_key)) {
         exit('Request var not allow for uploadsafe!');
     }
     $$_key = $_FILES[$_key]['tmp_name'];
-    ${$_key.'_name'} = $_FILES[$_key]['name'];
-    ${$_key.'_type'} = $_FILES[$_key]['type'] = preg_replace('#[^0-9a-z\./]#i', '', $_FILES[$_key]['type']);
-    ${$_key.'_size'} = $_FILES[$_key]['size'] = preg_replace('#[^0-9]#','',$_FILES[$_key]['size']);
-    if(!empty(${$_key.'_name'}) && (preg_match("#\.(".$cfg_not_allowall.")$#i",${$_key.'_name'}) || !preg_match("#\.#", ${$_key.'_name'})) )
-    {
-        if(!defined('DEDEADMIN'))
-        {
-            exit('Not Admin Upload filetype not allow !');
+    ${$_key . '_name'} = $_FILES[$_key]['name'];
+    ${$_key . '_type'} = $_FILES[$_key]['type'] = preg_replace('#[^0-9a-z\./]#i', '', $_FILES[$_key]['type']);
+    ${$_key . '_size'} = $_FILES[$_key]['size'] = preg_replace('#[^0-9]#', '', $_FILES[$_key]['size']);
+    
+    if (is_array(${$_key.'_name'}) && count(${$_key.'_name'}) > 0) {
+        foreach (${$_key.'_name'} as $key => $value) {
+            if (!empty($value) && (preg_match("#\.(" . $cfg_not_allowall . ")$#i", $value) || !preg_match("#\.#", $value))) {
+                if (!defined('DEDEADMIN')) {
+                    exit('Not Admin Upload filetype not allow !');
+                }
+            }
+        }
+    } else {
+        if (!empty(${$_key . '_name'}) && (preg_match("#\.(" . $cfg_not_allowall . ")$#i", ${$_key . '_name'}) || !preg_match("#\.#", ${$_key . '_name'}))) {
+            if (!defined('DEDEADMIN')) {
+                exit('Not Admin Upload filetype not allow !');
+            }
         }
     }
-    if(empty(${$_key.'_size'}))
-    {
-        ${$_key.'_size'} = @filesize($$_key); 
+
+    if (empty(${$_key . '_size'})) {
+        ${$_key . '_size'} = @filesize($$_key);
     }
-	 $imtypes = array("image/pjpeg", "image/jpeg", "image/gif", "image/png", "image/xpng", "image/wbmp", "image/bmp"); if(in_array(strtolower(trim(${$_key.'_type'})), $imtypes)) { $image_dd = @getimagesize($$_key); if($image_dd == false){ continue; } if (!is_array($image_dd)) { exit('Upload filetype not allow !'); } }
-    
-    $imtypes = array
-    (
-        "image/pjpeg", "image/jpeg", "image/gif", "image/png", 
-        "image/xpng", "image/wbmp", "image/bmp"
-    );
+    $imtypes = array("image/pjpeg", "image/jpeg", "image/gif", "image/png", "image/xpng", "image/wbmp", "image/bmp");
 
-    if(in_array(strtolower(trim(${$_key.'_type'})), $imtypes))
-    {
-        $image_dd = @getimagesize($$_key); if($image_dd == false){ continue; }
-        if (!is_array($image_dd))
-        {
-            exit('Upload filetype not allow !');
+    if (is_array(${$_key.'_type'}) && count(${$_key.'_type'}) > 0) {
+        foreach (${$_key.'_type'} as $key => $value) {
+            if (in_array(strtolower(trim($value)), $imtypes)) {
+                $image_dd = @getimagesize($$_key);
+                if ($image_dd == false) {
+                    continue;
+                }
+                if (!is_array($image_dd)) {
+                    exit('Upload filetype not allow !');
+                }
+            }
+        
+            $imtypes = array(
+                "image/pjpeg", "image/jpeg", "image/gif", "image/png",
+                "image/xpng", "image/wbmp", "image/bmp"
+            );
+        
+            if (in_array(strtolower(trim($value)), $imtypes)) {
+                $image_dd = @getimagesize($$_key);
+                if ($image_dd == false) {
+                    continue;
+                }
+                if (!is_array($image_dd)) {
+                    exit('Upload filetype not allow !');
+                }
+            }
+        }
+    } else {
+        if (in_array(strtolower(trim(${$_key . '_type'})), $imtypes)) {
+            $image_dd = @getimagesize($$_key);
+            if ($image_dd == false) {
+                continue;
+            }
+            if (!is_array($image_dd)) {
+                exit('Upload filetype not allow !');
+            }
+        }
+    
+        $imtypes = array(
+            "image/pjpeg", "image/jpeg", "image/gif", "image/png",
+            "image/xpng", "image/wbmp", "image/bmp"
+        );
+    
+        if (in_array(strtolower(trim(${$_key . '_type'})), $imtypes)) {
+            $image_dd = @getimagesize($$_key);
+            if ($image_dd == false) {
+                continue;
+            }
+            if (!is_array($image_dd)) {
+                exit('Upload filetype not allow !');
+            }
         }
     }
+
+
 }
-?>
\ No newline at end of file
diff --git a/src/member/album_add.php b/src/member/album_add.php
index 5ca3e71e..a3238e28 100755
--- a/src/member/album_add.php
+++ b/src/member/album_add.php
@@ -4,7 +4,7 @@
  * 
  * @version        $Id: album_add.php 1 13:52 2010年7月9日Z tianya $
  * @package        DedeCMS.Member
- * @copyright      Copyright (c) 2007 - 2010, DesDev, Inc.
+ * @copyright      Copyright (c) 2007 - 2020, DesDev, Inc.
  * @license        http://help.dedecms.com/usersguide/license.html
  * @link           http://www.dedecms.com
  */
@@ -217,8 +217,8 @@ else if($dopost=='save')
         ShowMsg("无法获得主键，因此无法进行后续操作！","-1");
         exit();
     }
-	$description = HtmlReplace($description, -1);//2011.06.30 增加html过滤 （by:织梦的鱼）
-	$mtypesid = intval($mtypesid);	             //对输入参数mtypesid未进行int整型转义，导致SQL注入的发生。
+	$description = HtmlReplace($description, -1);
+	$mtypesid = intval($mtypesid); //对输入参数mtypesid未进行int整型转义，导致SQL注入的发生。
     //保存到主表
     $inQuery = "INSERT INTO `#@__archives`(id,typeid,sortrank,flag,ismake,channel,arcrank,click,money,title,shorttitle,
 color,writer,source,litpic,pubdate,senddate,mid,description,keywords,mtype)
diff --git a/src/member/article_add.php b/src/member/article_add.php
index 5229a6fe..9b0b4c22 100755
--- a/src/member/article_add.php
+++ b/src/member/article_add.php
@@ -4,7 +4,7 @@
  * 
  * @version        $Id: article_add.php 1 8:38 2010年7月9日Z tianya $
  * @package        DedeCMS.Member
- * @copyright      Copyright (c) 2007 - 2010, DesDev, Inc.
+ * @copyright      Copyright (c) 2007 - 2020, DesDev, Inc.
  * @license        http://help.dedecms.com/usersguide/license.html
  * @link           http://www.dedecms.com
  */
diff --git a/src/member/soft_add.php b/src/member/soft_add.php
index 924974ce..516650fd 100755
--- a/src/member/soft_add.php
+++ b/src/member/soft_add.php
@@ -1,4 +1,13 @@
 <?php
+/**
+ * 软件添加
+ * 
+ * @version        $Id: soft_add.php 2 14:16 2010-11-11 tianya $
+ * @package        DedeCMS.Member
+ * @copyright      Copyright (c) 2007 - 2020, DesDev, Inc.
+ * @license        http://help.dedecms.com/usersguide/license.html
+ * @link           http://www.dedecms.com
+ */
 require_once(dirname(__FILE__)."/config.php");
 //考虑安全原因不管是否开启游客投稿功能，都不允许用户投稿
 CheckRank(0, 0);
@@ -196,7 +205,7 @@ VALUES ('$arcID','$typeid','$sortrank','$flag','$ismake','$channelid','$arcrank'
         $dsql->ExecuteNoneQuery("DELETE FROM `#@__arctiny` WHERE id='$arcID'");
         echo $inQuery;
         exit();
-        ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错，请把相关信息提交给DedeCms官方。".str_replace('"','',$gerr),"javascript:;");
+        ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错，请把相关信息提交给DedeCMS官方。".str_replace('"','',$gerr),"javascript:;");
         exit();
     }