DedeBIZ
/
DedeV6
關注 2
收藏 0
複製 0
程式碼 合併請求 0 版本發佈 31 活動
瀏覽代碼

开发环境下一些报错提示修复

tags/6.0.0
tianya 5 年之前
父節點
c0feb85725
當前提交
a3619b7ef6
共有 21 個檔案被更改,包括 327 行新增435 行删除
分割檢視
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      src/dede/article_add.php
  2. +1
    -0
      src/dede/login.php
  3. +1
    -1
      src/include/arc.archives.class.php
  4. +1
    -1
      src/include/arc.caicai.class.php
  5. +1
    -1
      src/include/arc.freelist.class.php
  6. +1
    -1
      src/include/arc.listview.class.php
  7. +1
    -1
      src/include/arc.memberlistview.class.php
  8. +1
    -1
      src/include/arc.rssview.class.php
  9. +1
    -1
      src/include/arc.searchview.class.php
  10. +1
    -1
      src/include/arc.sglistview.class.php
  11. +1
    -1
      src/include/arc.specview.class.php
  12. +1
    -1
      src/include/arc.taglist.class.php
  13. +1
    -1
      src/include/common.inc.php
  14. +142
    -231
      src/include/dedehttpdown.class.php
  15. +116
    -178
      src/include/ftp.class.php
  16. +1
    -1
      src/include/taglib/arclist.lib.php
  17. +1
    -1
      src/include/taglib/arclistsg.lib.php
  18. +1
    -1
      src/include/taglib/likearticle.lib.php
  19. +1
    -1
      src/include/tpllib/plus_spacenewart.php
  20. +51
    -9
      src/include/uploadsafe.inc.php
  21. +1
    -1
      src/plus/arcmulti.php

+ 1
- 1
src/dede/article_add.php 查看文件

@@ -207,7 +207,7 @@ else if($dopost=='save')
color,writer,source,litpic,pubdate,senddate,mid,voteid,notpost,description,keywords,filename,dutyadmin,weight)
VALUES ('$arcID','$typeid','$typeid2','$sortrank','$flag','$ismake','$channelid','$arcrank','$click','$money',
'$title','$shorttitle','$color','$writer','$source','$litpic','$pubdate','$senddate',
'$adminid','$voteid','$notpost','$description','$keywords','$filename','$adminid','$weight');";
'$adminid','0','$notpost','$description','$keywords','$filename','$adminid','$weight');";
if(!$dsql->ExecuteNoneQuery($query))
{


+ 1
- 0
src/dede/login.php 查看文件

@@ -11,6 +11,7 @@
require_once(dirname(__FILE__).'/../include/common.inc.php');
require_once(DEDEINC.'/userlogin.class.php');
if(empty($dopost)) $dopost = '';
if(empty($gotopage)) $gotopage = '';
$gotopage = RemoveXSS($gotopage);


+ 1
- 1
src/include/arc.archives.class.php 查看文件

@@ -282,7 +282,7 @@ class Archives
{
if($this->Fields['litpic'] == '-' || $this->Fields['litpic'] == '')
{
$this->Fields['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$this->Fields['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("#^http:\/\/#i", $this->Fields['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


+ 1
- 1
src/include/arc.caicai.class.php 查看文件

@@ -190,7 +190,7 @@ class Caicai extends DataListCP
$arr['typeurl'] = GetTypeUrl($arr['typeid'], MfTypedir($arr['typedir']), $arr['isdefault'], $arr['defaultname'],
$arr['ispart'], $arr['namerule2'], $arr['moresite'], $arr['siteurl'], $arr['sitepath']);
if($arr['litpic']=='') $arr['litpic'] = '/images/defaultpic.gif';
if($arr['litpic']=='') $arr['litpic'] = '/static/defaultpic.gif';
if(!preg_match("#^http:\/\/#", $arr['litpic']))
{


+ 1
- 1
src/include/arc.freelist.class.php 查看文件

@@ -672,7 +672,7 @@ class FreeList
if($row['litpic'] == '-' || $row['litpic'] == '')
{
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("#^http:\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


+ 1
- 1
src/include/arc.listview.class.php 查看文件

@@ -891,7 +891,7 @@ class ListView
$row['ispart'],$row['namerule2'],$row['moresite'],$row['siteurl'],$row['sitepath']);
if($row['litpic'] == '-' || $row['litpic'] == '')
{
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("/^http:\/\//i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


+ 1
- 1
src/include/arc.memberlistview.class.php 查看文件

@@ -230,7 +230,7 @@ class MemberListview
$row['namerule2'],$row['moresite'],$row['siteurl'],$row['sitepath']);
if($row['litpic'] == '-' || $row['litpic'] == '')
{
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("/^http:\/\//i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


+ 1
- 1
src/include/arc.rssview.class.php 查看文件

@@ -171,7 +171,7 @@ class RssView
//处理一些特殊字段
if($row['litpic'] == '-' || $row['litpic'] == '')
{
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("/^http:\/\//", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


+ 1
- 1
src/include/arc.searchview.class.php 查看文件

@@ -737,7 +737,7 @@ class SearchView
$row["id"] = $row["id"];
if($row['litpic'] == '-' || $row['litpic'] == '')
{
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("/^http:\/\//", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


+ 1
- 1
src/include/arc.sglistview.class.php 查看文件

@@ -786,7 +786,7 @@ class SgListView
$row['ispart'],$row['namerule2'],$row['moresite'],$row['siteurl'],$row['sitepath']);
if($row['litpic'] == '-' || $row['litpic'] == '')
{
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("/^http:\/\//", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


+ 1
- 1
src/include/arc.specview.class.php 查看文件

@@ -436,7 +436,7 @@ class SpecView
$row["id"] = $row["id"];
if($row['litpic'] == '-' || $row['litpic'] == '')
{
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("/^http:\/\//", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


+ 1
- 1
src/include/arc.taglist.class.php 查看文件

@@ -363,7 +363,7 @@ class TagList
$row['ispart'],$row['namerule2'],$row['moresite'],$row['siteurl'],$row['sitepath']);
if($row['litpic'] == '-' || $row['litpic'] == '')
{
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("/^http:\/\//", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


+ 1
- 1
src/include/common.inc.php 查看文件

@@ -64,7 +64,7 @@ if(function_exists('iconv_substr')) $cfg_is_iconv = TRUE;

function _RunMagicQuotes(&$svar)
{
if(!get_magic_quotes_gpc())
if(!@get_magic_quotes_gpc())
{
if( is_array($svar) )
{


+ 142
- 231
src/include/dedehttpdown.class.php 查看文件

@@ -1,4 +1,4 @@
<?php if(!defined('DEDEINC')) exit("Request Error!");
<?php if (!defined('DEDEINC')) exit("Request Error!");
/**
* 织梦HTTP下载类
*
@@ -42,45 +42,38 @@ class DedeHttpDown
*/
function PrivateInit($url)
{
if($url=='') {
return ;
if ($url == '') {
return;
}
$urls = '';
$urls = @parse_url($url);
$this->m_url = $url;
if(is_array($urls))
{
if (is_array($urls)) {
$this->m_host = $urls["host"];
if(!empty($urls["scheme"]))
{
if (!empty($urls["scheme"])) {
$this->m_scheme = $urls["scheme"];
}
if(!empty($urls["user"]))
{
if (!empty($urls["user"])) {
$this->m_user = $urls["user"];
}
if(!empty($urls["pass"]))
{
if (!empty($urls["pass"])) {
$this->m_pass = $urls["pass"];
}
if(!empty($urls["port"]))
{
if (!empty($urls["port"])) {
$this->m_port = $urls["port"];
}
if(!empty($urls["path"]))
{
if (!empty($urls["path"])) {
$this->m_path = $urls["path"];
}
$this->m_urlpath = $this->m_path;
if(!empty($urls["query"]))
{
if (!empty($urls["query"])) {
$this->m_query = $urls["query"];
$this->m_urlpath .= "?".$this->m_query;
$this->m_urlpath .= "?" . $this->m_query;
}
$this->HomeUrl = $urls["host"];
$this->BaseUrlPath = $this->HomeUrl.$urls["path"];
$this->BaseUrlPath = preg_replace("/\/([^\/]*)\.(.*)$/","/",$this->BaseUrlPath);
$this->BaseUrlPath = preg_replace("/\/$/","",$this->BaseUrlPath);
$this->BaseUrlPath = $this->HomeUrl . $urls["path"];
$this->BaseUrlPath = preg_replace("/\/([^\/]*)\.(.*)$/", "/", $this->BaseUrlPath);
$this->BaseUrlPath = preg_replace("/\/$/", "", $this->BaseUrlPath);
}
}

@@ -114,11 +107,11 @@ class DedeHttpDown
* @param string $requestType 请求类型
* @return string
*/
function OpenUrl($url,$requestType="GET")
function OpenUrl($url, $requestType = "GET")
{
$this->ResetAny();
$this->JumpCount = 0;
$this->m_httphead = Array() ;
$this->m_httphead = array();
$this->m_html = '';
$this->reTry = 0;
$this->Close();
@@ -139,7 +132,7 @@ class DedeHttpDown
{
$this->ResetAny();
$this->JumpCount++;
$this->m_httphead = Array() ;
$this->m_httphead = array();
$this->m_html = "";
$this->Close();

@@ -156,9 +149,11 @@ class DedeHttpDown
*/
function printError()
{
echo "错误信息:".$this->m_error;
echo "错误信息:" . $this->m_error;
echo "<br/>具体返回头:<br/>";
foreach($this->m_httphead as $k=>$v){ echo "$k => $v <br/>\r\n"; }
foreach ($this->m_httphead as $k => $v) {
echo "$k => $v <br/>\r\n";
}
}

/**
@@ -169,13 +164,10 @@ class DedeHttpDown
*/
function IsGetOK()
{
if( preg_match("/^2/",$this->GetHead("http-state")) )
{
if (preg_match("/^2/", $this->GetHead("http-state"))) {
return TRUE;
}
else
{
$this->m_error .= $this->GetHead("http-state")." - ".$this->GetHead("http-describe")."<br/>";
} else {
$this->m_error .= $this->GetHead("http-state") . " - " . $this->GetHead("http-describe") . "<br/>";
return FALSE;
}
}
@@ -188,12 +180,9 @@ class DedeHttpDown
*/
function IsText()
{
if( preg_match("/^2/",$this->GetHead("http-state")) && preg_match("/text|xml/i",$this->GetHead("content-type")) )
{
if (preg_match("/^2/", $this->GetHead("http-state")) && preg_match("/text|xml/i", $this->GetHead("content-type"))) {
return TRUE;
}
else
{
} else {
$this->m_error .= "内容为非文本类型或网址重定向<br/>";
return FALSE;
}
@@ -208,12 +197,13 @@ class DedeHttpDown
*/
function IsContentType($ctype)
{
if(preg_match("/^2/",$this->GetHead("http-state"))
&& $this->GetHead("content-type")==strtolower($ctype))
{ return TRUE; }
else
{
$this->m_error .= "类型不对 ".$this->GetHead("content-type")."<br/>";
if (
preg_match("/^2/", $this->GetHead("http-state"))
&& $this->GetHead("content-type") == strtolower($ctype)
) {
return TRUE;
} else {
$this->m_error .= "类型不对 " . $this->GetHead("content-type") . "<br/>";
return FALSE;
}
}
@@ -227,8 +217,7 @@ class DedeHttpDown
*/
function SaveToBin($savefilename)
{
if(!$this->IsGetOK())
{
if (!$this->IsGetOK()) {
return FALSE;
}
if (function_exists('curl_init') && function_exists('curl_exec')) {
@@ -236,13 +225,12 @@ class DedeHttpDown
return TRUE;
}

if(@feof($this->m_fp))
{
$this->m_error = "连接已经关闭!"; return FALSE;
if (@feof($this->m_fp)) {
$this->m_error = "连接已经关闭!";
return FALSE;
}
$fp = fopen($savefilename,"w");
while(!feof($this->m_fp))
{
$fp = fopen($savefilename, "w");
while (!feof($this->m_fp)) {
fwrite($fp, fread($this->m_fp, 1024));
}
fclose($this->m_fp);
@@ -259,16 +247,18 @@ class DedeHttpDown
*/
function SaveToText($savefilename)
{
if($this->IsText())
{
if ($this->IsText()) {
$this->SaveBinFile($savefilename);
}
else
{
} else {
return "";
}
}

function SaveBinFile($filename)
{
return $this->SaveBinFile($filename);
}

/**
* 用Http协议获得一个网页的内容
*
@@ -277,21 +267,17 @@ class DedeHttpDown
*/
function GetHtml()
{
if($this->m_html!='')
{
if ($this->m_html != '') {
return $this->m_html;
}
if(!$this->IsText())
{
if (!$this->IsText()) {
return '';
}
if(!$this->m_fp||@feof($this->m_fp))
{
if (!$this->m_fp || @feof($this->m_fp)) {
return '';
}
while(!feof($this->m_fp))
{
$this->m_html .= fgets($this->m_fp,256);
while (!feof($this->m_fp)) {
$this->m_html .= fgets($this->m_fp, 256);
}
@fclose($this->m_fp);
return $this->m_html;
@@ -304,14 +290,14 @@ class DedeHttpDown
* @param string $requestType 请求类型
* @return string
*/
function PrivateStartSession($requestType="GET")
function PrivateStartSession($requestType = "GET")
{
if ($this->m_scheme == "https") {
$this->m_port = "443";
}
if (function_exists('curl_init') && function_exists('curl_exec')) {
$this->m_ch = curl_init();
curl_setopt($this->m_ch, CURLOPT_URL, $this->m_scheme.'://'.$this->m_host.':'.$this->m_port.$this->m_path);
curl_setopt($this->m_ch, CURLOPT_URL, $this->m_scheme . '://' . $this->m_host . ':' . $this->m_port . $this->m_path);
curl_setopt($this->m_ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($this->m_ch, CURLOPT_FOLLOWLOCATION, 1);
if ($requestType == "POST") {
@@ -331,32 +317,27 @@ class DedeHttpDown
$this->m_puthead["Host"] = $this->m_host;

//发送用户自定义的请求头
if(!isset($this->m_puthead["Accept"]))
{
if (!isset($this->m_puthead["Accept"])) {
$this->m_puthead["Accept"] = "*/*";
}
if(!isset($this->m_puthead["User-Agent"]))
{
if (!isset($this->m_puthead["User-Agent"])) {
$this->m_puthead["User-Agent"] = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2)";
}
if(!isset($this->m_puthead["Refer"]))
{
$this->m_puthead["Refer"] = "http://".$this->m_puthead["Host"];
if (!isset($this->m_puthead["Refer"])) {
$this->m_puthead["Refer"] = "http://" . $this->m_puthead["Host"];
}
$headers = array();
foreach($this->m_puthead as $k=>$v)
{
foreach ($this->m_puthead as $k => $v) {
$k = trim($k);
$v = trim($v);
if($k!=""&&$v!="")
{
if ($k != "" && $v != "") {
$headers[] = "$k: $v";
}
}
if (count($headers) > 0) {
curl_setopt($this->m_ch, CURLOPT_HTTPHEADER, $headers);
}
curl_setopt($this->m_ch, CURLOPT_CONNECTTIMEOUT, 20);
curl_setopt($this->m_ch, CURLOPT_TIMEOUT, 900);

@@ -375,168 +356,129 @@ class DedeHttpDown

return TRUE;
}
if(!$this->PrivateOpenHost())
{
if (!$this->PrivateOpenHost()) {
$this->m_error .= "打开远程主机出错!";
return FALSE;
}
$this->reTry++;
if($this->GetHead("http-edition")=="HTTP/1.1")
{
if ($this->GetHead("http-edition") == "HTTP/1.1") {
$httpv = "HTTP/1.1";
}
else
{
} else {
$httpv = "HTTP/1.0";
}
$ps = explode('?',$this->m_urlpath);
$ps = explode('?', $this->m_urlpath);

$headString = '';

//发送固定的起始请求头GET、Host信息
if($requestType=="GET")
{
$headString .= "GET ".$this->m_urlpath." $httpv\r\n";
}
else
{
$headString .= "POST ".$ps[0]." $httpv\r\n";
if ($requestType == "GET") {
$headString .= "GET " . $this->m_urlpath . " $httpv\r\n";
} else {
$headString .= "POST " . $ps[0] . " $httpv\r\n";
}
$this->m_puthead["Host"] = $this->m_host;

//发送用户自定义的请求头
if(!isset($this->m_puthead["Accept"]))
{
if (!isset($this->m_puthead["Accept"])) {
$this->m_puthead["Accept"] = "*/*";
}
if(!isset($this->m_puthead["User-Agent"]))
{
if (!isset($this->m_puthead["User-Agent"])) {
$this->m_puthead["User-Agent"] = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2)";
}
if(!isset($this->m_puthead["Refer"]))
{
$this->m_puthead["Refer"] = "http://".$this->m_puthead["Host"];
if (!isset($this->m_puthead["Refer"])) {
$this->m_puthead["Refer"] = "http://" . $this->m_puthead["Host"];
}

foreach($this->m_puthead as $k=>$v)
{
foreach ($this->m_puthead as $k => $v) {
$k = trim($k);
$v = trim($v);
if($k!=""&&$v!="")
{
if ($k != "" && $v != "") {
$headString .= "$k: $v\r\n";
}
}
fputs($this->m_fp, $headString);
if($requestType=="POST")
{
if ($requestType == "POST") {
$postdata = "";
if(count($ps)>1)
{
for($i=1;$i<count($ps);$i++)
{
if (count($ps) > 1) {
for ($i = 1; $i < count($ps); $i++) {
$postdata .= $ps[$i];
}
}
else
{
} else {
$postdata = "OK";
}
$plen = strlen($postdata);
fputs($this->m_fp,"Content-Type: application/x-www-form-urlencoded\r\n");
fputs($this->m_fp,"Content-Length: $plen\r\n");
fputs($this->m_fp, "Content-Type: application/x-www-form-urlencoded\r\n");
fputs($this->m_fp, "Content-Length: $plen\r\n");
}

//发送固定的结束请求头
//HTTP1.1协议必须指定文档结束后关闭链接,否则读取文档时无法使用feof判断结束
if($httpv=="HTTP/1.1")
{
fputs($this->m_fp,"Connection: Close\r\n\r\n");
if ($httpv == "HTTP/1.1") {
fputs($this->m_fp, "Connection: Close\r\n\r\n");
} else {
fputs($this->m_fp, "\r\n");
}
else
{
fputs($this->m_fp,"\r\n");
}
if($requestType=="POST")
{
fputs($this->m_fp,$postdata);
if ($requestType == "POST") {
fputs($this->m_fp, $postdata);
}

//获取应答头状态信息
$httpstas = explode(" ",fgets($this->m_fp,256));
$httpstas = explode(" ", fgets($this->m_fp, 256));
$this->m_httphead["http-edition"] = trim($httpstas[0]);
$this->m_httphead["http-state"] = trim($httpstas[1]);
$this->m_httphead["http-describe"] = "";
for($i=2;$i<count($httpstas);$i++)
{
$this->m_httphead["http-describe"] .= " ".trim($httpstas[$i]);
for ($i = 2; $i < count($httpstas); $i++) {
$this->m_httphead["http-describe"] .= " " . trim($httpstas[$i]);
}

//获取详细应答头
while(!feof($this->m_fp))
{
$line = trim(fgets($this->m_fp,256));
if($line == "")
{
while (!feof($this->m_fp)) {
$line = trim(fgets($this->m_fp, 256));
if ($line == "") {
break;
}
$hkey = "";
$hvalue = "";
$v = 0;
for($i=0;$i<strlen($line);$i++)
{
if($v==1)
{
for ($i = 0; $i < strlen($line); $i++) {
if ($v == 1) {
$hvalue .= $line[$i];
}
if($line[$i]==":")
{
if ($line[$i] == ":") {
$v = 1;
}
if($v==0)
{
if ($v == 0) {
$hkey .= $line[$i];
}
}
$hkey = trim($hkey);
if($hkey!="")
{
if ($hkey != "") {
$this->m_httphead[strtolower($hkey)] = trim($hvalue);
}
}

//如果连接被不正常关闭,重试
if(feof($this->m_fp))
{
if($this->reTry > 10)
{
if (feof($this->m_fp)) {
if ($this->reTry > 10) {
return FALSE;
}
$this->PrivateStartSession($requestType);
}

//判断是否是3xx开头的应答
if(preg_match("/^3/",$this->m_httphead["http-state"]))
{
if($this->JumpCount > 3)
{
if (preg_match("/^3/", $this->m_httphead["http-state"])) {
if ($this->JumpCount > 3) {
return;
}
if(isset($this->m_httphead["location"]))
{
if (isset($this->m_httphead["location"])) {
$newurl = $this->m_httphead["location"];
if(preg_match("/^http/i",$newurl))
{
if (preg_match("/^http/i", $newurl)) {
$this->JumpOpenUrl($newurl);
}
else
{
} else {
$newurl = $this->FillUrl($newurl);
$this->JumpOpenUrl($newurl);
}
}
else
{
} else {
$this->m_error = "无法识别的答复!";
}
}
@@ -568,7 +510,7 @@ class DedeHttpDown
* @param string $svalue 值
* @return string
*/
function SetHead($skey,$svalue)
function SetHead($skey, $svalue)
{
$this->m_puthead[$skey] = $svalue;
}
@@ -581,21 +523,17 @@ class DedeHttpDown
*/
function PrivateOpenHost()
{
if($this->m_host=="")
{
if ($this->m_host == "") {
return FALSE;
}

$errno = "";
$errstr = "";
$this->m_fp = @fsockopen($this->m_host, $this->m_port, $errno, $errstr,10);
if(!$this->m_fp)
{
$this->m_fp = @fsockopen($this->m_host, $this->m_port, $errno, $errstr, 10);
if (!$this->m_fp) {
$this->m_error = $errstr;
return FALSE;
}
else
{
} else {
return TRUE;
}
}
@@ -609,7 +547,7 @@ class DedeHttpDown
function Close()
{
if (function_exists('curl_init') && function_exists('curl_exec')) {
curl_close($ch);
@curl_close($this->m_ch);
}
@fclose($this->m_fp);
}
@@ -629,81 +567,54 @@ class DedeHttpDown
$okurl = "";
$pathStep = 0;
$surl = trim($surl);
if($surl=="")
{
if ($surl == "") {
return "";
}
$pos = strpos($surl,"#");
if($pos>0)
{
$surl = substr($surl,0,$pos);
$pos = strpos($surl, "#");
if ($pos > 0) {
$surl = substr($surl, 0, $pos);
}
if($surl[0]=="/")
{
$okurl = "http://".$this->HomeUrl.$surl;
}
else if($surl[0]==".")
{
if(strlen($surl)<=1)
{
if ($surl[0] == "/") {
$okurl = "http://" . $this->HomeUrl . $surl;
} else if ($surl[0] == ".") {
if (strlen($surl) <= 1) {
return "";
}
else if($surl[1]=="/")
{
$okurl = "http://".$this->BaseUrlPath."/".substr($surl,2,strlen($surl)-2);
}
else
{
$urls = explode("/",$surl);
foreach($urls as $u)
{
if($u=="..")
{
} else if ($surl[1] == "/") {
$okurl = "http://" . $this->BaseUrlPath . "/" . substr($surl, 2, strlen($surl) - 2);
} else {
$urls = explode("/", $surl);
foreach ($urls as $u) {
if ($u == "..") {
$pathStep++;
}
else if($i<count($urls)-1)
{
$dstr .= $urls[$i]."/";
}
else
{
} else if ($i < count($urls) - 1) {
$dstr .= $urls[$i] . "/";
} else {
$dstr .= $urls[$i];
}
$i++;
}
$urls = explode("/",$this->BaseUrlPath);
if(count($urls) <= $pathStep)
{
$urls = explode("/", $this->BaseUrlPath);
if (count($urls) <= $pathStep) {
return "";
}
else
{
} else {
$pstr = "http://";
for($i=0;$i<count($urls)-$pathStep;$i++)
{
$pstr .= $urls[$i]."/";
for ($i = 0; $i < count($urls) - $pathStep; $i++) {
$pstr .= $urls[$i] . "/";
}
$okurl = $pstr.$dstr;
$okurl = $pstr . $dstr;
}
}
}
else
{
if(strlen($surl)<7)
{
$okurl = "http://".$this->BaseUrlPath."/".$surl;
}
else if(strtolower(substr($surl,0,7))=="http://")
{
} else {
if (strlen($surl) < 7) {
$okurl = "http://" . $this->BaseUrlPath . "/" . $surl;
} else if (strtolower(substr($surl, 0, 7)) == "http://") {
$okurl = $surl;
}
else
{
$okurl = "http://".$this->BaseUrlPath."/".$surl;
} else {
$okurl = "http://" . $this->BaseUrlPath . "/" . $surl;
}
}
$okurl = preg_replace("/^(http:\/\/)/i","",$okurl);
$okurl = preg_replace("/^(http:\/\/)/i", "", $okurl);
$okurl = preg_replace("/\/{1,}/", "/", $okurl);
return "http://".$okurl;
return "http://" . $okurl;
}
}//End Class

+ 116
- 178
src/include/ftp.class.php 查看文件

@@ -1,4 +1,4 @@
<?php if(!defined('DEDEINC')) exit('dedecms');
<?php if (!defined('DEDEINC')) exit('dedecms');
/**
* FTP 操作类
* 不支持 SFTP 和 SSL FTP 协议, 仅支持标准 FTP 协议.
@@ -16,7 +16,8 @@
* @link http://www.dedecms.com
*/
@set_time_limit(1000);
class FTP {
class FTP
{
var $hostname = '';
var $username = '';
var $password = '';
@@ -37,8 +38,7 @@ class FTP {
*/
function FTP($config = array())
{
if (count($config) > 0)
{
if (count($config) > 0) {
$this->initialize($config);
}
}
@@ -52,10 +52,8 @@ class FTP {
*/
function initialize($config = array())
{
foreach ($config as $key => $val)
{
if (isset($this->$key))
{
foreach ($config as $key => $val) {
if (isset($this->$key)) {
$this->$key = $val;
}
}
@@ -73,32 +71,26 @@ class FTP {
*/
function connect($config = array())
{
if (count($config) > 0)
{
if (count($config) > 0) {
$this->initialize($config);
}
if (FALSE === ($this->conn_id = @ftp_connect($this->hostname, $this->port)))
{
if ($this->debug == TRUE)
{
if (FALSE === ($this->conn_id = @ftp_connect($this->hostname, $this->port))) {
if ($this->debug == TRUE) {
$this->_error('无法链接');
}
return FALSE;
}
if ( ! $this->_login())
{
if ($this->debug == TRUE)
{
if (!$this->_login()) {
if ($this->debug == TRUE) {
$this->_error('无法登录');
}
return FALSE;
}
// 如果需要则设置传输模式
if ($this->passive == TRUE)
{
if ($this->passive == TRUE) {
ftp_pasv($this->conn_id, TRUE);
}
@@ -124,10 +116,8 @@ class FTP {
*/
function _is_conn()
{
if ( ! is_resource($this->conn_id))
{
if ($this->debug == TRUE)
{
if (!is_resource($this->conn_id)) {
if ($this->debug == TRUE) {
$this->_error('无法链接');
}
return FALSE;
@@ -149,17 +139,14 @@ class FTP {
*/
function changedir($path = '', $supress_debug = FALSE)
{
if ($path == '' OR ! $this->_is_conn())
{
if ($path == '' or !$this->_is_conn()) {
return FALSE;
}
$result = @ftp_chdir($this->conn_id, $path);
if ($result === FALSE)
{
if ($this->debug == TRUE AND $supress_debug == FALSE)
{
if ($result === FALSE) {
if ($this->debug == TRUE and $supress_debug == FALSE) {
$this->_error('无法更改目录');
}
return FALSE;
@@ -177,25 +164,21 @@ class FTP {
*/
function mkdir($path = '', $permissions = NULL)
{
if ($path == '' OR ! $this->_is_conn())
{
if ($path == '' or !$this->_is_conn()) {
return FALSE;
}
$result = @ftp_mkdir($this->conn_id, $path);
if ($result === FALSE)
{
if ($this->debug == TRUE)
{
if ($result === FALSE) {
if ($this->debug == TRUE) {
$this->_error('无法创建文件夹');
}
return FALSE;
}
// 如果需要设置权限
if ( ! is_null($permissions))
{
if (!is_null($permissions)) {
$this->chmod($path, (int)$permissions);
}
@@ -211,24 +194,19 @@ class FTP {
*/
function rmkdir($path = '', $pathsymbol = '/')
{
$pathArray = explode($pathsymbol,$path);
$pathArray = explode($pathsymbol, $path);
$pathstr = $pathsymbol;
foreach($pathArray as $val)
{
if(!empty($val))
{
foreach ($pathArray as $val) {
if (!empty($val)) {
//构建文件夹路径
$pathstr = $pathstr.$val.$pathsymbol;
if (! $this->_is_conn())
{
$pathstr = $pathstr . $val . $pathsymbol;
if (!$this->_is_conn()) {
return FALSE;
}
$result = @ftp_chdir($this->conn_id, $pathstr);
if($result === FALSE)
{
if ($result === FALSE) {
//如果不存在这个目录则创建
if(!$this->mkdir($pathstr))
{
if (!$this->mkdir($pathstr)) {
return FALSE;
}
}
@@ -248,20 +226,17 @@ class FTP {
*/
function upload($locpath, $rempath, $mode = 'auto', $permissions = NULL)
{
if (!$this->_is_conn())
{
if (!$this->_is_conn()) {
return FALSE;
}
if (!file_exists($locpath))
{
if (!file_exists($locpath)) {
$this->_error('不存在源文件');
return FALSE;
}
// 未指定则设置模式
if ($mode == 'auto')
{
if ($mode == 'auto') {
// 获取文件扩展名,以便本类上传类型
$ext = $this->_getext($locpath);
$mode = $this->_settype($ext);
@@ -271,18 +246,15 @@ class FTP {
$result = @ftp_put($this->conn_id, $rempath, $locpath, $mode);
if ($result === FALSE)
{
if ($this->debug == TRUE)
{
if ($result === FALSE) {
if ($this->debug == TRUE) {
$this->_error('无法上传');
}
return FALSE;
}
// 如果需要设置文件权限
if ( ! is_null($permissions))
{
if (!is_null($permissions)) {
$this->chmod($rempath, (int)$permissions);
}
@@ -300,17 +272,14 @@ class FTP {
*/
function rename($old_file, $new_file, $move = FALSE)
{
if ( ! $this->_is_conn())
{
if (!$this->_is_conn()) {
return FALSE;
}
$result = @ftp_rename($this->conn_id, $old_file, $new_file);
if ($result === FALSE)
{
if ($this->debug == TRUE)
{
if ($result === FALSE) {
if ($this->debug == TRUE) {
$msg = ($move == FALSE) ? '无法重命名' : '无法移动';
$this->_error($msg);
@@ -343,17 +312,14 @@ class FTP {
*/
function delete_file($filepath)
{
if ( ! $this->_is_conn())
{
if (!$this->_is_conn()) {
return FALSE;
}
$result = @ftp_delete($this->conn_id, $filepath);
if ($result === FALSE)
{
if ($this->debug == TRUE)
{
if ($result === FALSE) {
if ($this->debug == TRUE) {
$this->_error('无法删除');
}
return FALSE;
@@ -371,8 +337,7 @@ class FTP {
*/
function delete_dir($filepath)
{
if ( ! $this->_is_conn())
{
if (!$this->_is_conn()) {
return FALSE;
}
@@ -381,14 +346,11 @@ class FTP {
$list = $this->list_files($filepath);
if ($list !== FALSE AND count($list) > 0)
{
foreach ($list as $item)
{
if ($list !== FALSE and count($list) > 0) {
foreach ($list as $item) {
// 如果我们不能删除该项目,它则可能是一个文件夹
// 将调用 delete_dir()
if ( ! @ftp_delete($this->conn_id, $item))
{
if (!@ftp_delete($this->conn_id, $item)) {
$this->delete_dir($item);
}
}
@@ -396,10 +358,8 @@ class FTP {
$result = @ftp_rmdir($this->conn_id, $filepath);
if ($result === FALSE)
{
if ($this->debug == TRUE)
{
if ($result === FALSE) {
if ($this->debug == TRUE) {
$this->_error('无法删除');
}
return FALSE;
@@ -418,16 +378,13 @@ class FTP {
*/
function chmod($path, $perm)
{
if ( ! $this->_is_conn())
{
if (!$this->_is_conn()) {
return FALSE;
}
// 仅PHP5才能运行
if ( ! function_exists('ftp_chmod'))
{
if ($this->debug == TRUE)
{
if (!function_exists('ftp_chmod')) {
if ($this->debug == TRUE) {
$this->_error('无法更改权限');
}
return FALSE;
@@ -435,10 +392,8 @@ class FTP {
$result = @ftp_chmod($this->conn_id, $perm, $path);
if ($result === FALSE)
{
if ($this->debug == TRUE)
{
if ($result === FALSE) {
if ($this->debug == TRUE) {
$this->_error('无法更改权限');
}
return FALSE;
@@ -455,8 +410,7 @@ class FTP {
*/
function list_files($path = '.')
{
if ( ! $this->_is_conn())
{
if (!$this->_is_conn()) {
return FALSE;
}
@@ -469,42 +423,41 @@ class FTP {
* @access public
* @return array
*/
function list_rawfiles($path = '.', $type='dir')
function list_rawfiles($path = '.', $type = 'dir')
{
if ( ! $this->_is_conn())
{
if (!$this->_is_conn()) {
return FALSE;
}
$ftp_rawlist = ftp_rawlist($this->conn_id, $path, TRUE);
foreach ($ftp_rawlist as $v) {
$info = array();
$vinfo = preg_split("/[\s]+/", $v, 9);
if ($vinfo[0] !== "total") {
$info['chmod'] = $vinfo[0];
$info['num'] = $vinfo[1];
$info['owner'] = $vinfo[2];
$info['group'] = $vinfo[3];
$info['size'] = $vinfo[4];
$info['month'] = $vinfo[5];
$info['day'] = $vinfo[6];
$info['time'] = $vinfo[7];
$info['name'] = $vinfo[8];
$rawlist[$info['name']] = $info;
}
}
$dir = array();
$file = array();
foreach ($rawlist as $k => $v) {
if ($v['chmod']{0} == "d") {
$dir[$k] = $v;
} elseif ($v['chmod']{0} == "-") {
$file[$k] = $v;
}
}
return ($type == 'dir')? $dir : $file;
foreach ($ftp_rawlist as $v) {
$info = array();
$vinfo = preg_split("/[\s]+/", $v, 9);
if ($vinfo[0] !== "total") {
$info['chmod'] = $vinfo[0];
$info['num'] = $vinfo[1];
$info['owner'] = $vinfo[2];
$info['group'] = $vinfo[3];
$info['size'] = $vinfo[4];
$info['month'] = $vinfo[5];
$info['day'] = $vinfo[6];
$info['time'] = $vinfo[7];
$info['name'] = $vinfo[8];
$rawlist[$info['name']] = $info;
}
}
$dir = array();
$file = array();
foreach ($rawlist as $k => $v) {
if ($v['chmod'][0] == "d") {
$dir[$k] = $v;
} elseif ($v['chmod'][0] == "-") {
$file[$k] = $v;
}
}
return ($type == 'dir') ? $dir : $file;
}
/**
@@ -518,38 +471,30 @@ class FTP {
*/
function mirror($locpath, $rempath)
{
if ( ! $this->_is_conn())
{
if (!$this->_is_conn()) {
return FALSE;
}
// 打开本地文件路径
if ($fp = @opendir($locpath))
{
if ($fp = @opendir($locpath)) {
// 尝试打开远程文件的路径.
if ( ! $this->changedir($rempath, TRUE))
{
if (!$this->changedir($rempath, TRUE)) {
// 如果不能打开则创建
if ( ! $this->rmkdir($rempath) OR ! $this->changedir($rempath))
{
if (!$this->rmkdir($rempath) or !$this->changedir($rempath)) {
return FALSE;
}
}
// 递归读取本地目录
while (FALSE !== ($file = readdir($fp)))
{
if (@is_dir($locpath.$file) && substr($file, 0, 1) != '.')
{
$this->mirror($locpath.$file."/", $rempath.$file."/");
}
elseif (substr($file, 0, 1) != ".")
{
while (FALSE !== ($file = readdir($fp))) {
if (@is_dir($locpath . $file) && substr($file, 0, 1) != '.') {
$this->mirror($locpath . $file . "/", $rempath . $file . "/");
} elseif (substr($file, 0, 1) != ".") {
// 获取文件扩展名,以便本类上传类型
$ext = $this->_getext($file);
$mode = $this->_settype($ext);
$this->upload($locpath.$file, $rempath.$file, $mode);
$this->upload($locpath . $file, $rempath . $file, $mode);
}
}
return TRUE;
@@ -567,8 +512,7 @@ class FTP {
*/
function _getext($filename)
{
if (FALSE === strpos($filename, '.'))
{
if (FALSE === strpos($filename, '.')) {
return 'txt';
}
@@ -586,20 +530,20 @@ class FTP {
function _settype($ext)
{
$text_types = array(
'txt',
'text',
'php',
'phps',
'php4',
'js',
'css',
'htm',
'html',
'phtml',
'shtml',
'log',
'xml'
);
'txt',
'text',
'php',
'phps',
'php4',
'js',
'css',
'htm',
'html',
'phtml',
'shtml',
'log',
'xml'
);
return (in_array($ext, $text_types)) ? 'ascii' : 'binary';
@@ -615,8 +559,7 @@ class FTP {
*/
function close()
{
if ( ! $this->_is_conn())
{
if (!$this->_is_conn()) {
return FALSE;
}
@@ -632,21 +575,21 @@ class FTP {
*/
function _error($msg)
{
$errorTrackFile = dirname(__FILE__).'/../data/ftp_error_trace.inc';
$errorTrackFile = dirname(__FILE__) . '/../data/ftp_error_trace.inc';
$emsg = '';
$emsg .= "<div><h3>DedeCMS Error Warning!</h3>\r\n";
$emsg .= "<div><a href='http://bbs.dedecms.com' target='_blank' style='color:red'>Technical Support: http://bbs.dedecms.com</a></div>";
$emsg .= "<div style='line-helght:160%;font-size:14px;color:green'>\r\n";
$emsg .= "<div style='color:blue'><br />Error page: <font color='red'>".$this->GetCurUrl()."</font></div>\r\n";
$emsg .= "<div style='color:blue'><br />Error page: <font color='red'>" . $this->GetCurUrl() . "</font></div>\r\n";
$emsg .= "<div>Error infos: {$msg}</div>\r\n";
$emsg .= "<br /></div></div>\r\n";
echo $emsg;
$savemsg = 'Page: '.$this->GetCurUrl()."\r\nError: ".$msg;
$savemsg = 'Page: ' . $this->GetCurUrl() . "\r\nError: " . $msg;
//保存错误日志
$fp = @fopen($errorTrackFile, 'a');
@fwrite($fp, '<'.'?php exit();'."\r\n/*\r\n{$savemsg}\r\n*/\r\n?".">\r\n");
@fwrite($fp, '<' . '?php exit();' . "\r\n/*\r\n{$savemsg}\r\n*/\r\n?" . ">\r\n");
@fclose($fp);
}
@@ -658,22 +601,17 @@ class FTP {
*/
function GetCurUrl()
{
if(!empty($_SERVER["REQUEST_URI"]))
{
if (!empty($_SERVER["REQUEST_URI"])) {
$scriptName = $_SERVER["REQUEST_URI"];
$nowurl = $scriptName;
}
else
{
} else {
$scriptName = $_SERVER["PHP_SELF"];
if(empty($_SERVER["QUERY_STRING"])) {
if (empty($_SERVER["QUERY_STRING"])) {
$nowurl = $scriptName;
}
else {
$nowurl = $scriptName."?".$_SERVER["QUERY_STRING"];
} else {
$nowurl = $scriptName . "?" . $_SERVER["QUERY_STRING"];
}
}
return $nowurl;
}
}//End Class

+ 1
- 1
src/include/taglib/arclist.lib.php 查看文件

@@ -500,7 +500,7 @@ function lib_arclistDone(&$refObj, &$ctag, $typeid=0, $row=10, $col=1, $titlelen
if($row['litpic'] == '-' || $row['litpic'] == '')
{
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("#^http:\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


+ 1
- 1
src/include/taglib/arclistsg.lib.php 查看文件

@@ -228,7 +228,7 @@ function lib_arclistsg(&$ctag,&$refObj)
if($row['litpic'] == '-' || $row['litpic'] == '')
{
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("#^http:\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


+ 1
- 1
src/include/taglib/likearticle.lib.php 查看文件

@@ -157,7 +157,7 @@ function lib_likearticle(&$ctag,&$refObj)
if($row['litpic'] == '-' || $row['litpic'] == '')
{
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("#^http:\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


+ 1
- 1
src/include/tpllib/plus_spacenewart.php 查看文件

@@ -44,7 +44,7 @@ function plus_spacenewart(&$atts,&$refObj,&$fields)
if($row['litpic']=='')
{
$row['litpic'] = '/images/defaultpic.gif';
$row['litpic'] = '/static/defaultpic.gif';
}
if(!preg_match("#^http:\/\/#i", $row['litpic']))
{


+ 51
- 9
src/include/uploadsafe.inc.php 查看文件

@@ -1,4 +1,13 @@
<?php
/**
* 文件上传安全校验方法
*
* @version $Id: uploadsafe.inc.php 1 15:59 2020年8月19日Z tianya $
* @package DedeCMS.Libraries
* @copyright Copyright (c) 2007 - 2020, DesDev, Inc.
* @license http://help.dedecms.com/usersguide/license.html
* @link http://www.dedecms.com
*/
if(!defined('DEDEINC')) exit('Request Error!');
if(isset($_FILES['GLOBALS'])) exit('Request not allow!');
@@ -32,13 +41,29 @@ foreach($_FILES as $_key=>$_value)
${$_key.'_name'} = $_FILES[$_key]['name'];
${$_key.'_type'} = $_FILES[$_key]['type'] = preg_replace('#[^0-9a-z\./]#i', '', $_FILES[$_key]['type']);
${$_key.'_size'} = $_FILES[$_key]['size'] = preg_replace('#[^0-9]#','',$_FILES[$_key]['size']);
if(!empty(${$_key.'_name'}) && (preg_match("#\.(".$cfg_not_allowall.")$#i",${$_key.'_name'}) || !preg_match("#\.#", ${$_key.'_name'})) )
{
if(!defined('DEDEADMIN'))
if (is_array(${$_key.'_name'})) {
if (count(${$_key.'_name'}) > 0) {
foreach (${$_key.'_name'} as $key => $value) {
if (!empty($value) && (preg_match("#\.(".$cfg_not_allowall.")$#i", $value) || !preg_match("#\.#", $value))) {
if(!defined('DEDEADMIN'))
{
exit('Not Admin Upload filetype not allow !');
}
}
}
}
} else {
if(!empty(${$_key.'_name'}) && (preg_match("#\.(".$cfg_not_allowall.")$#i",${$_key.'_name'}) || !preg_match("#\.#", ${$_key.'_name'})) )
{
exit('Not Admin Upload filetype not allow !');
if(!defined('DEDEADMIN'))
{
exit('Not Admin Upload filetype not allow !');
}
}
}
if(empty(${$_key.'_size'}))
{
${$_key.'_size'} = @filesize($$_key);
@@ -50,13 +75,30 @@ foreach($_FILES as $_key=>$_value)
"image/xpng", "image/wbmp", "image/bmp"
);
if(in_array(strtolower(trim(${$_key.'_type'})), $imtypes))
{
$image_dd = @getimagesize($$_key);
if (!is_array($image_dd))
if (is_array(${$_key.'_type'})) {
if (count(${$_key.'_type'}) > 0) {
foreach (${$_key.'_type'} as $key => $value) {
if(in_array(strtolower(trim($value)), $imtypes))
{
$image_dd = @getimagesize($$_key);
if (!is_array($image_dd))
{
exit('Upload filetype not allow !');
}
}
}
}
} else {
if(in_array(strtolower(trim(${$_key.'_type'})), $imtypes))
{
exit('Upload filetype not allow !');
$image_dd = @getimagesize($$_key);
if (!is_array($image_dd))
{
exit('Upload filetype not allow !');
}
}
}
}
?>

+ 1
- 1
src/plus/arcmulti.php 查看文件

@@ -66,7 +66,7 @@ if($tagid !='')
if($row['litpic'] == '-' || $row['litpic'] == '')
{
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif';
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif';
}
if(!preg_match("#^http:\/\/#", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y')
{


Write Preview
Loading…
取消
儲存