diff --git a/src/static/web/js/user.album.js b/src/static/web/js/user.album.js
index 9b683978..ee185462 100644
--- a/src/static/web/js/user.album.js
+++ b/src/static/web/js/user.album.js
@@ -39,7 +39,7 @@ function MakeUpload(mnum) {
}
fhtml = "";
fhtml += "
";
- fhtml += "";
+ fhtml += "";
upfield.innerHTML += fhtml;
}
}
diff --git a/src/static/web/js/user.js b/src/static/web/js/user.js
index b279aa7d..6ba8f3f8 100644
--- a/src/static/web/js/user.js
+++ b/src/static/web/js/user.js
@@ -9,7 +9,7 @@ function checkSubmit(t) {
return false;
}
}
-function SelectImage(sform, stype) {
+function SelectFile(sform, stype) {
let s = sform.split(".");
if (s.length === 2) {
let frm = document.getElementsByName(s[0]);
@@ -28,7 +28,7 @@ function SelectImage(sform, stype) {
var fileData = f;
formData.append('file', fileData);
$.ajax({
- url: 'api.php?action=upload&type=litpic',
+ url: 'api.php?action=upload&type='+stype,
type: 'POST',
data: formData,
processData: false,
@@ -46,4 +46,16 @@ function SelectImage(sform, stype) {
});
})
}
+}
+function SelectImage(sform, stype) {
+ if (stype == 'big') {
+ stype = "litpic";
+ }
+ SelectFile(sform, stype);
+}
+function SelectSoft(sform, stype='soft') {
+ SelectFile(sform, stype);
+}
+function SelectMedia(sform, stype='media') {
+ SelectFile(sform, stype);
}
\ No newline at end of file
diff --git a/src/system/inc/inc_fun_funAdmin.php b/src/system/inc/inc_fun_funAdmin.php
index 423ec1d9..e86f749b 100755
--- a/src/system/inc/inc_fun_funAdmin.php
+++ b/src/system/inc/inc_fun_funAdmin.php
@@ -152,6 +152,9 @@ function SpGetEditor($fname, $fvalue, $nheight = "350", $etype = "Basic", $gtype
}
$addConfig = ",{allowedContent:true,pasteFilter:null,filebrowserImageUploadUrl:'./dialog/select_images_post.php',filebrowserUploadUrl:'./dialog/select_media_post.php?ck=1',extraPlugins:'html5video,dedepagebreak,ddfilebrowser,mimage,textindent,codesnippet{$emoji}',codeSnippet_theme: 'default'}";
}
+ if (defined('DEDEUSER')) {
+ $addConfig = ",{filebrowserImageUploadUrl:'api.php?action=upload&type=litpic&ck=1',filebrowserUploadUrl:'api.php?action=upload&type=media&ck=1',extraPlugins:'html5video,textindent'}";
+ }
$code = <<
diff --git a/src/user/album_add.php b/src/user/album_add.php
index bce1a1f0..da565f60 100755
--- a/src/user/album_add.php
+++ b/src/user/album_add.php
@@ -71,7 +71,7 @@ if (empty($dopost)) {
}
$f = ${'imgfile'.$i};
$msg = isset(${'imgmsg'.$i}) ? ${'imgmsg'.$i} : "";
- if (!empty($f) && filter_var($f, FILTER_VALIDATE_URL)) {
+ if (!empty($f)) {
$u = str_replace(array("\"", "'"), "`", $f);
$info = str_replace(array("\"", "'"), "`", $msg);
$imgurls .= "{dede:img ddimg='' text='$info'} $u {/dede:img}\r\n";
diff --git a/src/user/album_edit.php b/src/user/album_edit.php
index 898e7ea3..2d93f6a7 100755
--- a/src/user/album_edit.php
+++ b/src/user/album_edit.php
@@ -74,12 +74,13 @@ if (empty($dopost)) {
}
$f = ${'imgfile'.$i};
$msg = isset(${'imgmsg'.$i}) ? ${'imgmsg'.$i} : "";
- if (!empty($f) && filter_var($f, FILTER_VALIDATE_URL)) {
+ if (!empty($f)) {
$u = str_replace(array("\"", "'"), "`", $f);
$info = str_replace(array("\"", "'"), "`", $msg);
$imgurls .= "{dede:img ddimg='' text='$info'} $u {/dede:img}\r\n";
}
} //循环结束
+ // var_dump($imgurls);exit;
$imgurls = addslashes($imgurls);
//分析处理附加表数据
$inadd_f = '';
diff --git a/src/user/api.php b/src/user/api.php
index 93b40ebb..4cee41ca 100755
--- a/src/user/api.php
+++ b/src/user/api.php
@@ -98,7 +98,9 @@ if ($action === 'is_need_check_code') {
));
exit;
}
- $uploadedFile = $_FILES['file']['tmp_name'];
+
+ $ff = isset($_FILES['file'])? $_FILES['file'] : $_FILES['imgfile'];
+ $uploadedFile = $ff['tmp_name'];
$fileType = mime_content_type($uploadedFile);
if (!in_array($fileType, $allowedTypes)) {
echo json_encode(array(
@@ -137,7 +139,7 @@ if ($action === 'is_need_check_code') {
$nowtme = time();
$rnd = $nowtme.'-'.mt_rand(1000,9999);
$target_file = $cfg_basedir.$cfg_user_dir."/{$cfg_ml->M_ID}/".$rnd.".".$exts;
- $fsize = filesize($_FILES["file"]["tmp_name"]);
+ $fsize = filesize($ff["tmp_name"]);
$target_url = $cfg_mediasurl.'/userup'."/{$cfg_ml->M_ID}/".$rnd.".".$exts;
$row = $dsql->GetOne("SELECT aid,title,url FROM `#@__uploads` WHERE url LIKE '$target_url' AND mid='".$cfg_ml->M_ID."'; ");
$uptime = time();
@@ -149,7 +151,9 @@ if ($action === 'is_need_check_code') {
$dsql->ExecuteNoneQuery($inquery);
}
}
- if (move_uploaded_file($_FILES["file"]["tmp_name"], $target_file)) {
+ $rkey = $ck == 1? "url" : "data";
+
+ if (move_uploaded_file($ff["tmp_name"], $target_file)) {
if ($mediatype === 1) {
//图片自动裁剪
require_once DEDEINC."/libraries/imageresize.class.php";
@@ -163,28 +167,30 @@ if ($action === 'is_need_check_code') {
$image->save($target_file);
echo json_encode(array(
"code" => 0,
+ "uploaded" => 1,
"msg" => "上传成功",
- "data" => $target_url,
+ $rkey => $target_url,
));
} catch (ImageResizeException $e) {
echo json_encode(array(
"code" => -1,
"msg" => "图片自动裁剪失败",
- "data" => null,
+ $rkey => null,
));
}
} else {
echo json_encode(array(
"code" => 0,
+ "uploaded" => 1,
"msg" => "上传成功",
- "data" => $target_url,
+ $rkey => $target_url,
));
}
} else {
echo json_encode(array(
"code" => -1,
"msg" => "上传失败",
- "data" => null,
+ $rkey => null,
));
}
} else {
@@ -194,7 +200,7 @@ if ($action === 'is_need_check_code') {
echo json_encode(array(
"code" => -1,
"msg" => "未登录",
- "data" => null,
+ $rkey => null,
));
} else {
echo "";
diff --git a/src/user/config.php b/src/user/config.php
index 0a58ea99..8bdde811 100755
--- a/src/user/config.php
+++ b/src/user/config.php
@@ -8,6 +8,7 @@
* @license https://www.dedebiz.com/license
* @link https://www.dedebiz.com
*/
+define('DEDEUSER', true);
//针对会员中心操作进行XSS过滤
function XSSClean($val)
{
diff --git a/src/user/soft_edit.php b/src/user/soft_edit.php
index cc6a68a0..3efe6e6e 100755
--- a/src/user/soft_edit.php
+++ b/src/user/soft_edit.php
@@ -50,8 +50,8 @@ if (empty($dopost)) {
if (is_array($dtp->CTags)) {
foreach ($dtp->CTags as $ctag) {
if ($ctag->GetName() == 'link') {
- $nForm .= "软件地址".$newRowStart.":
- 服务器名称:
";
+ $nForm .= "";
$newRowStart++;
}
}
diff --git a/src/user/templets/album_add.htm b/src/user/templets/album_add.htm
index 6ccdee93..64e76364 100755
--- a/src/user/templets/album_add.htm
+++ b/src/user/templets/album_add.htm
@@ -8,6 +8,7 @@
+
diff --git a/src/user/templets/album_edit.htm b/src/user/templets/album_edit.htm
index 12691e4e..7da38344 100755
--- a/src/user/templets/album_edit.htm
+++ b/src/user/templets/album_edit.htm
@@ -8,6 +8,7 @@
+
@@ -102,8 +103,8 @@
diff --git a/src/user/templets/soft_add.htm b/src/user/templets/soft_add.htm
index 0d269601..adfb4b69 100755
--- a/src/user/templets/soft_add.htm
+++ b/src/user/templets/soft_add.htm
@@ -8,6 +8,7 @@
+
@@ -159,7 +160,7 @@
@@ -192,7 +193,7 @@
morelinkobj.style.display = "block";
if (endNum > 12) endNum = 12;
for (startNum; startNum <= endNum; startNum++) {
- upfield.innerHTML += "";
+ upfield.innerHTML += "";
}
}
function ShowHideAddr() {
diff --git a/src/user/templets/soft_edit.htm b/src/user/templets/soft_edit.htm
index 94fafa7c..7af1b82c 100755
--- a/src/user/templets/soft_edit.htm
+++ b/src/user/templets/soft_edit.htm
@@ -8,6 +8,7 @@
+
@@ -162,7 +163,7 @@
@@ -198,7 +199,7 @@
morelinkobj.style.display = "block";
if (endNum > 12) endNum = 12;
for (startNum; startNum <= endNum; startNum++) {
- upfield.innerHTML += "";
+ upfield.innerHTML += "";
}
}
function ShowHideAddr() {