diff --git a/src/dede/ad_add.php b/src/dede/ad_add.php index e8ae8314..e646c36f 100755 --- a/src/dede/ad_add.php +++ b/src/dede/ad_add.php @@ -4,9 +4,10 @@ * * @version $Id: ad_add.php 1 8:26 2010年7月12日Z tianya $ * @package DedeCMS.Administrator - * @copyright Copyright (c) 2007 - 2020, DesDev, Inc. - * @license http://help.dedecms.com/usersguide/license.html - * @link http://www.dedecms.com + * @copyright Copyright (c) 2007 - 2018, DesDev, Inc. + * @copyright Copyright (c) 2020, DedeBIZ.COM + * @license https://www.dedebiz.com/license/v6 + * @link https://www.dedebiz.com */ require(dirname(__FILE__)."/config.php"); @@ -16,7 +17,7 @@ if(empty($dopost)) $dopost = ""; if($dopost=="save") { - csrf_check(); + CheckCSRF(); //timeset tagname typeid normbody expbody $tagname = trim($tagname); $row = $dsql->GetOne("SELECT typeid FROM #@__myad WHERE typeid='$typeid' AND tagname LIKE '$tagname'"); diff --git a/src/dede/ad_edit.php b/src/dede/ad_edit.php index 1426a019..f2d0da16 100755 --- a/src/dede/ad_edit.php +++ b/src/dede/ad_edit.php @@ -4,9 +4,10 @@ * * @version $Id: ad_edit.php 1 8:26 2010年7月12日Z tianya $ * @package DedeCMS.Administrator - * @copyright Copyright (c) 2007 - 2020, DesDev, Inc. - * @license http://help.dedecms.com/usersguide/license.html - * @link http://www.dedecms.com + * @copyright Copyright (c) 2007 - 2018, DesDev, Inc. + * @copyright Copyright (c) 2020, DedeBIZ.COM + * @license https://www.dedebiz.com/license/v6 + * @link https://www.dedebiz.com */ require(dirname(__FILE__)."/config.php"); CheckPurview('plus_广告管理'); @@ -53,7 +54,7 @@ else if($dopost=='testjs') } else if($dopost=='saveedit') { - csrf_check(); + CheckCSRF(); $starttime = GetMkTime($starttime); $endtime = GetMkTime($endtime); $query = "UPDATE `#@__myad` diff --git a/src/dede/article_string_mix.php b/src/dede/article_string_mix.php index 5e0c517a..ce34d1c1 100755 --- a/src/dede/article_string_mix.php +++ b/src/dede/article_string_mix.php @@ -4,9 +4,10 @@ * * @version $Id: article_string_mix.php 1 14:31 2010年7月12日Z tianya $ * @package DedeCMS.Administrator - * @copyright Copyright (c) 2007 - 2020, DesDev, Inc. - * @license http://help.dedecms.com/usersguide/license.html - * @link http://www.dedecms.com + * @copyright Copyright (c) 2007 - 2018, DesDev, Inc. + * @copyright Copyright (c) 2020, DedeBIZ.COM + * @license https://www.dedebiz.com/license/v6 + * @link https://www.dedebiz.com */ require_once(dirname(__FILE__).'/config.php'); require_once(DEDEINC.'/oxwindow.class.php'); @@ -21,7 +22,7 @@ $m_file = DEDEDATA."/downmix.data.php"; //保存 if($dopost=="save") { - csrf_check(); + CheckCSRF(); $fp = fopen($m_file,'w'); flock($fp,3); fwrite($fp,$allsource); diff --git a/src/dede/article_template_rand.php b/src/dede/article_template_rand.php index 1af04f88..55434ce3 100755 --- a/src/dede/article_template_rand.php +++ b/src/dede/article_template_rand.php @@ -4,9 +4,10 @@ * * @version $Id: article_template_rand.php 1 14:31 2010年7月12日Z tianya $ * @package DedeCMS.Administrator - * @copyright Copyright (c) 2007 - 2020, DesDev, Inc. - * @license http://help.dedecms.com/usersguide/license.html - * @link http://www.dedecms.com + * @copyright Copyright (c) 2007 - 2018, DesDev, Inc. + * @copyright Copyright (c) 2020, DedeBIZ.COM + * @license https://www.dedebiz.com/license/v6 + * @link https://www.dedebiz.com */ require_once(dirname(__FILE__).'/config.php'); require_once(DEDEINC.'/oxwindow.class.php'); @@ -20,7 +21,7 @@ $okmsg = ''; //保存配置 if($dopost=='save') { - csrf_check(); + CheckCSRF(); $fp = fopen($m_file,'w'); flock($fp,3); fwrite($fp,$templates); @@ -30,7 +31,7 @@ if($dopost=='save') //对旧文档进行随机模板处理 else if($dopost=='makeold') { - csrf_check(); + CheckCSRF(); set_time_limit(3600); if(!file_exists($m_file)) { @@ -64,7 +65,7 @@ else if($dopost=='makeold') //清除全部的指定模板 else if($dopost=='clearold') { - csrf_check(); + CheckCSRF(); $dsql->ExecuteNoneQuery(" Update `#@__addonarticle` set templet='' "); $dsql->ExecuteNoneQuery(" OPTIMIZE TABLE `#@__addonarticle` "); AjaxHead(); diff --git a/src/dede/media_add.php b/src/dede/media_add.php index 98e25ad7..20af6d7e 100755 --- a/src/dede/media_add.php +++ b/src/dede/media_add.php @@ -5,9 +5,10 @@ * * @version $Id: media_add.php 2 15:25 2011-6-2 tianya $ * @package DedeCMS.Administrator - * @copyright Copyright (c) 2007 - 2020, DesDev, Inc. - * @license http://help.dedecms.com/usersguide/license.html - * @link http://www.dedecms.com + * @copyright Copyright (c) 2007 - 2018, DesDev, Inc. + * @copyright Copyright (c) 2020, DedeBIZ.COM + * @license https://www.dedebiz.com/license/v6 + * @link https://www.dedebiz.com */ require_once(dirname(__FILE__) . "/config.php"); @@ -16,7 +17,7 @@ if (empty($dopost)) $dopost = ""; //上传 if ($dopost == "upload") { - csrf_check(); + CheckCSRF(); require_once(DEDEINC . "/image.func.php"); $sparr_image = array("image/pjpeg", "image/jpeg", "image/gif", "image/png", "image/x-png", "image/wbmp"); $sparr_flash = array("application/xshockwaveflash"); diff --git a/src/dede/media_edit.php b/src/dede/media_edit.php index 84830de9..001c6a9b 100755 --- a/src/dede/media_edit.php +++ b/src/dede/media_edit.php @@ -4,9 +4,10 @@ * * @version $Id: media_edit.php 1 11:17 2010年7月19日Z tianya $ * @package DedeCMS.Administrator - * @copyright Copyright (c) 2007 - 2020, DesDev, Inc. - * @license http://help.dedecms.com/usersguide/license.html - * @link http://www.dedecms.com + * @copyright Copyright (c) 2007 - 2018, DesDev, Inc. + * @copyright Copyright (c) 2020, DedeBIZ.COM + * @license https://www.dedebiz.com/license/v6 + * @link https://www.dedebiz.com */ require_once(dirname(__FILE__)."/config.php"); @@ -106,7 +107,7 @@ function __save_edit() //保存更改 else if($dopost=='save') { if($aid=="") exit(); - csrf_check(); + CheckCSRF(); //检查是否有修改权限 $myrow = $dsql->GetOne("SELECT * FROM #@__uploads WHERE aid='".$aid."'"); if($myrow['mid']!=$cuserLogin->getUserID()) diff --git a/src/dede/mytag_add.php b/src/dede/mytag_add.php index c967f6fc..220d5509 100755 --- a/src/dede/mytag_add.php +++ b/src/dede/mytag_add.php @@ -4,9 +4,10 @@ * * @version $Id: mytag_add.php 1 15:35 2010年7月20日Z tianya $ * @package DedeCMS.Administrator - * @copyright Copyright (c) 2007 - 2020, DesDev, Inc. - * @license http://help.dedecms.com/usersguide/license.html - * @link http://www.dedecms.com + * @copyright Copyright (c) 2007 - 2018, DesDev, Inc. + * @copyright Copyright (c) 2020, DedeBIZ.COM + * @license https://www.dedebiz.com/license/v6 + * @link https://www.dedebiz.com */ require(dirname(__FILE__)."/config.php"); CheckPurview('temp_Other'); @@ -15,9 +16,9 @@ if(empty($dopost)) $dopost = ""; if($dopost=="save") { - csrf_check(); + CheckCSRF(); $tagname = trim($tagname); - $row = $dsql->GetOne("SELECT typeid FROM #@__mytag WHERE typeid='$typeid' AND tagname LIKE '$tagname'"); + $row = $dsql->GetOne("SELECT typeid FROM `#@__mytag` WHERE typeid='$typeid' AND tagname LIKE '$tagname'"); if(is_array($row)) { ShowMsg("在相同栏目下已经存在同名的标记!","-1"); @@ -25,7 +26,7 @@ if($dopost=="save") } $starttime = GetMkTime($starttime); $endtime = GetMkTime($endtime); - $inQuery = "INSERT INTO #@__mytag(typeid,tagname,timeset,starttime,endtime,normbody,expbody) + $inQuery = "INSERT INTO `#@__mytag`(typeid,tagname,timeset,starttime,endtime,normbody,expbody) VALUES('$typeid','$tagname','$timeset','$starttime','$endtime','$normbody','$expbody'); "; $dsql->ExecuteNoneQuery($inQuery); ShowMsg("成功增加一个自定义标记!","mytag_main.php"); diff --git a/src/dede/mytag_edit.php b/src/dede/mytag_edit.php index 54bf9f35..ff2c0e61 100755 --- a/src/dede/mytag_edit.php +++ b/src/dede/mytag_edit.php @@ -4,9 +4,10 @@ * * @version $Id: mytag_edit.php 1 15:37 2010年7月20日Z tianya $ * @package DedeCMS.Administrator - * @copyright Copyright (c) 2007 - 2020, DesDev, Inc. - * @license http://help.dedecms.com/usersguide/license.html - * @link http://www.dedecms.com + * @copyright Copyright (c) 2007 - 2018, DesDev, Inc. + * @copyright Copyright (c) 2020, DedeBIZ.COM + * @license https://www.dedebiz.com/license/v6 + * @link https://www.dedebiz.com */ require(dirname(__FILE__)."/config.php"); CheckPurview('temp_Other'); @@ -18,14 +19,13 @@ $ENV_GOBACK_URL = empty($_COOKIE['ENV_GOBACK_URL']) ? 'mytag_main.php' : $_COOKI if($dopost=='delete') { - csrf_check(); - $dsql->ExecuteNoneQuery("DELETE FROM #@__mytag WHERE aid='$aid'"); + $dsql->ExecuteNoneQuery("DELETE FROM `#@__mytag` WHERE aid='$aid'"); ShowMsg("成功删除一个自定义标记!",$ENV_GOBACK_URL); exit(); } else if($dopost=="saveedit") { - csrf_check(); + CheckCSRF(); $starttime = GetMkTime($starttime); $endtime = GetMkTime($endtime); $query = "UPDATE `#@__mytag` diff --git a/src/dede/tpl.php b/src/dede/tpl.php index a05b6fc7..a504bfdd 100755 --- a/src/dede/tpl.php +++ b/src/dede/tpl.php @@ -4,9 +4,10 @@ * * @version $Id: tpl.php 1 23:44 2010年7月20日Z tianya $ * @package DedeCMS.Administrator - * @copyright Copyright (c) 2007 - 2020, DesDev, Inc. - * @license http://help.dedecms.com/usersguide/license.html - * @link http://www.dedecms.com + * @copyright Copyright (c) 2007 - 2018, DesDev, Inc. + * @copyright Copyright (c) 2020, DedeBIZ.COM + * @license https://www.dedebiz.com/license/v6 + * @link https://www.dedebiz.com */ require_once(dirname(__FILE__)."/config.php"); CheckPurview('plus_文件管理器'); @@ -89,7 +90,7 @@ function save_tpl() { } --------------------------*/ else if($action == 'saveedit') { - csrf_check(); + CheckCSRF(); if($filename == '') { ShowMsg('未指定要编辑的文件或文件名不合法', '-1'); @@ -168,7 +169,7 @@ function _upload() {} -----------------------*/ else if ($action == 'uploadok') { - csrf_check(); + CheckCSRF(); if( !is_uploaded_file($upfile) ) { ShowMsg("貌似你什么都没有上传哦!","javascript:;"); @@ -250,7 +251,7 @@ function savetagfile() { } --------------------------*/ else if($action=='savetagfile') { - csrf_check(); + CheckCSRF(); if(!preg_match("#^[a-z0-9_-]{1,}\.lib\.php$#i", $filename)) { ShowMsg('文件名不合法,不允许进行操作!', '-1');